urlscan.io logo urlscan.io
SecurityTrails logo

www.grandfortunecampaign.com Open in urlscan Pro
104.21.50.143  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://bit.ly/3beL2Bp#cl/61439_md/1/12670/2964/520/25884
Effective URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Submission: On October 31 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 104.21.50.143, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.grandfortunecampaign.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 9th 2021. Valid for: a year.
This is the only time www.grandfortunecampaign.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 396982 (GOOGLE-PR...)
1 13 5.44.252.77 41018 (OMNILANCE...)
2 142.250.186.42 15169 (GOOGLE)
1 104.26.7.173 13335 (CLOUDFLAR...)
1 172.99.173.141 398343 (BAXET-GROUP)
1 1 209.172.32.161 32613 (IWEB-AS)
26 104.21.50.143 13335 (CLOUDFLAR...)
4 104.16.19.94 13335 (CLOUDFLAR...)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 172.67.146.112 13335 (CLOUDFLAR...)
1 142.250.184.200 15169 (GOOGLE)
2 172.217.23.110 15169 (GOOGLE)
52 11
1    67.199.248.10 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly
bit.ly
13    5.44.252.77 (None, )

ASN41018 (OMNILANCE omnilance.com, UA)
kinder.sa.com
2    142.250.186.42 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f10.1e100.net
fonts.googleapis.com
1    104.26.7.173 (United States)

ASN13335 (CLOUDFLARENET, US)
code.ionicframework.com
1    172.99.173.141 (Atlanta, United States)

ASN398343 (BAXET-GROUP, US)
PTR: 172-99-173-141.telecomgroupdesign.com
elasticlines.com
1    209.172.32.161 (Montreal, Canada)

ASN32613 (IWEB-AS, CA)
www.grandfortunelinks.com
26    104.21.50.143 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grandfortunecampaign.com
4    104.16.19.94 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.16.85.20 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    172.67.146.112 (United States)

ASN13335 (CLOUDFLARENET, US)
www.help4casino.com
1    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
2    172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f14.1e100.net
www.google-analytics.com
Domain Requested by
26 www.grandfortunecampaign.com elasticlines.com
www.grandfortunecampaign.com
cdnjs.cloudflare.com
13 kinder.sa.com 1 redirects kinder.sa.com
4 cdnjs.cloudflare.com www.grandfortunecampaign.com
cdnjs.cloudflare.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.googleapis.com kinder.sa.com
www.grandfortunecampaign.com
cdnjs.cloudflare.com
1 www.googletagmanager.com www.grandfortunecampaign.com
1 www.help4casino.com www.grandfortunecampaign.com
1 cdn.jsdelivr.net www.grandfortunecampaign.com
1 www.grandfortunelinks.com 1 redirects
1 elasticlines.com kinder.sa.com
1 code.ionicframework.com kinder.sa.com
1 bit.ly 1 redirects
52 12

This site contains links to these domains. Also see Links.

Domain
www.grandfortunecasino.com
Subject Issuer Validity Valid
elasticlines.com
R3		 2021-09-17 -
2021-12-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-09 -
2022-05-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Frame ID: B1F08DDAF9DE3D8057AB91D1E33FD9A1
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Choose your bonus

Page URL History Show full URLs

  1. https://bit.ly/3beL2Bp HTTP 301
    http://kinder.sa.com/ Page URL
  2. http://kinder.sa.com/cl/61439_md/1/12670/2964/520/25884 HTTP 302
    https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md Page URL
  3. https://www.grandfortunelinks.com/click/25/406/4473/1?subid=624763704 HTTP 301
    https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,y... Page URL

Page Statistics

52
Requests

71 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

11
IPs

3
Countries

1135 kB
Transfer

1567 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bit.ly/3beL2Bp HTTP 301
    http://kinder.sa.com/ Page URL
  2. http://kinder.sa.com/cl/61439_md/1/12670/2964/520/25884 HTTP 302
    https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md Page URL
  3. https://www.grandfortunelinks.com/click/25/406/4473/1?subid=624763704 HTTP 301
    https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bit.ly/3beL2Bp HTTP 301
  • http://kinder.sa.com/
Request Chain 14
  • http://kinder.sa.com/cl/61439_md/1/12670/2964/520/25884 HTTP 302
  • https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
kinder.sa.com/
Redirect Chain
  • https://bit.ly/3beL2Bp
  • http://kinder.sa.com/
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 / PHP/7.1.33
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8

Redirect headers

server
nginx
date
Sun, 31 Oct 2021 06:26:36 GMT
content-type
text/html; charset=utf-8
content-length
108
cache-control
private, max-age=90
content-security-policy
referrer always;
location
http://kinder.sa.com/
referrer-policy
unsafe-url
via
1.1 google
alt-svc
clear
css
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Lato:400,300,700
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Sun, 31 Oct 2021 06:26:36 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Report-To
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
Expires
Sun, 31 Oct 2021 06:26:36 GMT
ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 		50 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
104.26.7.173 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

X-Fastly-Request-ID
1a37ef9d287ba361a86f785e62e1a616b2bb128c
Date
Sun, 31 Oct 2021 06:26:36 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
14550
X-Cache
HIT
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
8313
X-Served-By
cache-lcy19259-LCY
Access-Control-Allow-Origin
*
Last-Modified
Thu, 29 Apr 2021 18:50:21 GMT
Server
cloudflare
X-GitHub-Request-Id
15D8:11CE0:4294DE:45E4D3:617D7AEB
X-Timer
S1635647047.534494,VS0,VE1
ETag
W/"608affed-c854"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0xBuXNmbDijmgJ4nS3JWiLiFUm3hGJsYxeN%2BsXfGoDI6cSxWYDJWA6jfHLzgr9N22wtbCFx8eCN8U7N%2FExydm3ei3wYTTTK60WX1DKZZswJhxGeeOtKCtAMayrCDGF%2Fm4YjqRjOz46T"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css; charset=utf-8
Via
1.1 varnish
expires
Sat, 30 Oct 2021 17:11:52 GMT
Cache-Control
max-age=31536000
x-proxy-cache
HIT
Accept-Ranges
bytes
CF-RAY
6a6ad0117e27774f-LHR
x-origin-cache
HIT
X-Cache-Hits
1
bootstrap.min.css
kinder.sa.com/css/ 		111 KB
112 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/bootstrap.min.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1bd5b-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
114011
font-awesome.min.css
kinder.sa.com/css/ 		21 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/font-awesome.min.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"55e0-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
21984
owl.carousel.css
kinder.sa.com/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/owl.carousel.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"1206-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4614
animate.css
kinder.sa.com/css/ 		73 KB
73 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/animate.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"12279-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
74361
main.css
kinder.sa.com/css/ 		17 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/main.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4452-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17490
responsive.css
kinder.sa.com/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://kinder.sa.com/css/responsive.css
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:37 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"80f-539c3812a6b00"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2063
logo.png
kinder.sa.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kinder.sa.com/images/logo.png
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"b67-539c3812a6b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2919
logo-2.png
kinder.sa.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kinder.sa.com/images/logo-2.png
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c30-539c3812a6b00"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3120
1.jpg
kinder.sa.com/images/about/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kinder.sa.com/images/about/1.jpg
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"c8c7-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
51399
2.jpg
kinder.sa.com/images/about/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kinder.sa.com/images/about/2.jpg
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"889e-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
34974
3.jpg
kinder.sa.com/images/about/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://kinder.sa.com/images/about/3.jpg
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Server
5.44.252.77 -, , ASN41018 (OMNILANCE omnilance.com, UA),
Reverse DNS
Software
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33 /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Last-Modified
Thu, 11 Aug 2016 03:38:52 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
ETag
"4c50-539c3812a6b00"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
19536
520_25884_12670_683105_md
elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/
Redirect Chain
  • http://kinder.sa.com/cl/61439_md/1/12670/2964/520/25884
  • https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md
132 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md
Requested by
Host: kinder.sa.com
URL: http://kinder.sa.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.99.173.141 Atlanta, United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
172-99-173-141.telecomgroupdesign.com
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://kinder.sa.com/#cl/61439_md/1/12670/2964/520/25884

Response headers

date
Sun, 31 Oct 2021 06:26:38 GMT
content-type
text/html; charset=UTF-8
server
Apache
content-encoding
gzip
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Date
Sun, 31 Oct 2021 06:26:36 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.1.33
X-Powered-By
PHP/7.1.33
Location
https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md
Content-Length
163
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request /
www.grandfortunecampaign.com/landing/50-free/
Redirect Chain
  • https://www.grandfortunelinks.com/click/25/406/4473/1?subid=624763704
  • https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Requested by
Host: elasticlines.com
URL: https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c4cda2988ff3260c30382baaa10919fe695469b1e40a646cc4e804c0811d8f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://elasticlines.com/0/2/9772/6680e742f0b8a0fc04ff18f7bb6f4037/1/61439_1/520_25884_12670_683105_md

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovJkdFuYO2mOP%2BITsJR43kcl9pKAIqGkxcfzi3XA4ESxhBkoO5CS5nWxACE7ajYcE5j0aqQZ6aSu2oPDErXn1Y%2BPywdytpNtp1%2BM4R8YmQ%2FAzxwTyIQRCxVe%2F1rG81s%2BdhBpYlevYleDaI8sP%2F%2B7"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6a6ad0223b33ee07-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Server
nginx/1.20.1
Date
Sun, 31 Oct 2021 06:26:38 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Location
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Strict-Transport-Security
max-age=31536000
css2
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f10.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
style.css
www.grandfortunecampaign.com/landing/50-free/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"2746-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mw2qUWIn3E1O4mPDUWsdVy9E%2BqErCCWuKr1zP7XGQ9MIrOTduKTQGG5%2BMJpv2AsEJQQ37PLVrqKF5GSboiezcvttnfNsC11CSz%2FGmWeBbEz4jVUGp%2FHB1rG%2FmfKjObXX5B3tri7cq03bzPexzkQl"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6ad022eb8aee07-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 06:26:39 GMT
load.css
www.grandfortunecampaign.com/landing/50-free/css/ 		2 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/load.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"656-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eoW9tvxRkb6sXZLxfsm1xRD9prz1VGXD22aASznM8ta4pNGQjKl3USkVTtlnRepepXgw0zdqoDWliEPkkNB24lyB5%2Bmq4Y7z3DFiINbsegcw6hunpJjOcZSnBO7NmIJ8%2Bme%2BCYUUbbQ9OlSE0Oeh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb8bee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/counter/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"10c5-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ya%2BF6UM3s0xaX0ciH9sD4vRG8CKEkwCyxyVKKmKsNEV%2B7LGrcbj%2Bg9v4h8GT%2BIvm7i0KVGA24mUt%2BNt6PE3hDaLgX971B%2F2mg5%2BevaaEO5hKe9OJlPy6Ma2F3m%2BHupHfNLiptgCmq%2F4V4wyu0i8e"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb8cee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
layout.css
www.grandfortunecampaign.com/landing/50-free/popups/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/css/layout.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"1517-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SChBkKWr9vlsAfN8cU1zZ5Rd%2BS3URpyceaUz0pTLDZEMhu0gm%2F0krSbtxt%2F5Y8Q4c9v8TtF%2F9iN1ZgCMG4%2B43QFG8WO%2FoGoMgxiye7amhf4zJkM5rgaWHM9LZx1KktGyUG7ClGkxOlkkkt8sOAYA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb8dee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
701048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-897"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpP5DnflnT6mnqzlPLeIgnK8UAMCb16JzeqPCNzK1IRpl7E41lyZPeJshODyLf%2FZD57qMiQrwHOdDPSb3sZukq5FjSm8f0icp%2Bx%2F9%2FYfBEBbJEylepK7InB0bb8AJr18JVDTVhWz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a6ad0230dd97160-DUS
expires
Fri, 21 Oct 2022 06:26:39 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/sparkles/css/ 		3 KB
832 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/sparkles/css/style.css
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"b2c-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nGNQNapqXvRAsnNnFrcijHyEz3HSYTZedxtrtFVvYg%2Bs7t0iuqztGTxktcovM2VKtbiobjtv%2BE7dHKLwvC14Dmgb1gPsXNrZXveczaqzoagqBPts2RSClem%2Bvio49vjFj4YkoATNC%2BixMPHxIb8M"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb8eee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
jquery-latest.min.js
www.grandfortunecampaign.com/landing/50-free/js/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/js/jquery-latest.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"1762a-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15DVVhxnChgXbp8RXrw1kbb7GXjgZ02lMZaOnEcBSmqySP4gzW4a6htOyU2xha1%2Bh5mQ4vxTALAUqL7cyrSlnR93gpQhjLY9jCS%2FamWljA8ZKFWzvqpgRjAF3Oh11TPEmQJwzM4i57y2pvQCMRhO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb8fee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
868023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
27192
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-152b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrM%2FnXI0r5FPrdMzrHs%2FTvR%2FbKZkGdsfONOKRly9PhZCYB%2FqlDwKXTMHV15x%2B1BGbwCD7OFrK4oMNxWG6O9nkztAYH3xGBUQ4Sc23WiPVCDkubtu162j7y47pVgd3Wch5W%2FkUWO9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a6ad0230dda7160-DUS
expires
Fri, 21 Oct 2022 06:26:39 GMT
slick.min.js
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
466784
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19145-FRA
timing-allow-origin
*
server
cloudflare
etag
W/"a3e1-6fy8xPpwy6CTuB2YKht4UJQUzvc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6a6ad0230de0215d-DUS
scripts.js
www.grandfortunecampaign.com/landing/50-free/counter/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/js/scripts.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8863ca3a1c6df61872d6a06e202811f5af85565cb83351918eb74775e981f0f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"164c-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6rWGr4iLFg0t3TuHsG83Z5Z%2F%2FASebhcthQN7C2ip4FNu0DnhiPe4OylneECslOcomEOdxrBCYZ8XzUubxnGdFvvIfTflRM%2FgCxP%2Bg6Sn%2F5FnOapDdAvXl8%2FrmDXNvDv7%2BVGmSOjVaqdoPIjIwAR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a6ad022eb90ee07-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
tweenmax.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/tweenmax.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"181e1-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWpzsCvXdu2iT7KQ3%2FdhIvZEvwCYtgFADujJVXqZjYxQs9i%2B4pQLrQu0mtCVKhnAe%2BMmTU%2FcQZtMsk%2BRqXgoQW8wwO2VL0MRqDtM%2BBnnIpvGJgrG3ZwP5Ez%2Bvwn9uw4vFemTNeaKajckX9oWUksh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6ad022eb91ee07-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 06:26:39 GMT
prefixfree.min.js
cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
868987
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2135
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-16f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDMoh%2Bu812VWW5xnohF4galKWiLAwtX31SURFk5sNRDrAPvddgJoGrjRGLWphNxpzfIy%2B8ZyigL6e4dyY53mqRzjEAnk3jnsFztJ2oPMfoGeIuEPzTjdIYwBj8wJg%2FKXaDjV0lXE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a6ad0230ddb7160-DUS
expires
Fri, 21 Oct 2022 06:26:39 GMT
grandfortune.svg
www.grandfortunecampaign.com/images/ 		24 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/images/grandfortune.svg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034b1040796c1413d9dcfbd26850401e872bc36b66286c4b2d3c683f710a808f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
298695
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"5e91-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qsvv%2FHbkYFcpaA8C3924OXti02YQ3CxWLvJOp3JptxOn2rDC6pgJOqiID%2BTvWwreFiay5r9atDL3BD5ZKvedWbgxSmBeN%2Bc%2FJ72Znh20qE9K9XyQywlfgTpR6kcl7UBCV04byQuuFtleeH%2BZIsWF"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
6a6ad0239dcf3a41-CDG
expires
Fri, 26 Nov 2021 19:28:24 GMT
awards.png
www.grandfortunecampaign.com/landing/50-free/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/awards.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d47854232f08b79d1af5c7af5649ad35a4e3840f40551ce780c148fa458b8840

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
15667
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"3d33-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7dQ8MplQJ2YWHmMDR6GX7fIHBYNRobLTxCq5e8%2Bgg7LgpDfLZnqlvJOmOY%2FpHuocwtpRv%2F8wThWoorUdwq8hzOwnyvih95g3A3mHgL%2B6P2eTr9BWckTVrTQ13xEQlNQ1CBk2pzfgar4c1Hl%2Flcg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd03a41-CDG
expires
Fri, 28 Oct 2022 14:59:28 GMT
slots-screen.png
www.grandfortunecampaign.com/landing/50-free/images/ 		489 KB
489 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/slots-screen.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f78e52f1de361a02ac34324bf417159c20471e2eafe3b5752cead7bfeb8a2d2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
500459
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"7a2eb-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYf0pyfhIU4ARDcqbz%2BNpgaUVNlgvOGcVTvB97RGi6yypxHn%2FHGbddVlA33Dt37wcB%2FCEInslYlGMhanBFs2xMqsWpZQ0l2zKDFMPnJyyaIIyOhNwIPW%2FPQDpp2h7xfyC%2Bf8GOkvb%2BjfnV%2By5Osd"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd13a41-CDG
expires
Mon, 31 Oct 2022 06:26:39 GMT
icon-1.png
www.grandfortunecampaign.com/landing/50-free/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-1.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e23eed0cf6103ec950596b7833c64101e0a25460569b85e762c952028463769

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2553
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"9f9-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuUclGymSasW%2FsWhC06eqhZZ966Dkx1z9XumfrxBP37Tbq0F9NtHese3tfBbGLfRHGdihBRWpcerRcfNkgNuGPP0LyzXPGg0EYvLSthhFzIsHMUFF5H3yXSpC5ScA1UJ%2Fhvb9d7PP0XUePlzX6Gf"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd23a41-CDG
expires
Fri, 28 Oct 2022 14:59:28 GMT
icon-2.png
www.grandfortunecampaign.com/landing/50-free/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-2.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84abba102e41fb04e1c1b3cf96332fd7f7025839ac2a49f0d07ae0da5963e0a2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3490
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"da2-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcK6Zk1KKxgHR3EsM66ak8Llz8H8mxU2l5IPVcUDhleTitzEdPLJUakG2mTs4qUzXraWZPLPOLwk1tmblGBuedxILCm6kDSvToJ91eM8EQu4GW9g%2BHVK1xxSEBZURQom8GyEaFzwpzo57Ey5gwVe"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd43a41-CDG
expires
Fri, 28 Oct 2022 14:59:28 GMT
icon-3.png
www.grandfortunecampaign.com/landing/50-free/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/icon-3.png
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d4b72fed63c2bedd55717f916131658b0c76ce85ecd48c690ba49aebd8535e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2542
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"9ee-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTQYmCbVaF5OnXYahr1cHBDSCPnQERFyWtPNyAUdzWlf9WEiFt%2BkXHqI6yNo%2FCHl468F2KUyGfywT7VetvZLW%2Fu8gSANh51qrKUHGKVUCOciZFUjKSjlerFEGv7LyJtWocRPgVyRS8It0Ok5leXm"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd53a41-CDG
expires
Fri, 28 Oct 2022 14:59:28 GMT
payment-methods-us.svg
www.help4casino.com/payment-methods/ 		39 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.help4casino.com/payment-methods/payment-methods-us.svg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.146.112 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43569
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 29 Oct 2021 18:05:05 GMT
server
cloudflare
etag
W/"9a2f-5cf81aab0d640"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAkBahWDfTKr2cUbFYItj7xLLsMZXhT0we6j0N2jP0Hqdpw7phNi5dOjivPnWdm4rdSbfXzjOPFKPBc6P8PC20k%2F1cB94rTXVIg1Q7WhJTr4Q6Tu3QoO7NHs%2FSeNP80Ms6sFHbdU"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=86400
cf-ray
6a6ad024d96732c2-CDG
expires
Sun, 31 Oct 2021 18:20:30 GMT
game1.jpg
www.grandfortunecampaign.com/landing/50-free/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/game1.jpg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee2a01b0f01d54bcda07e8dfcc91dd998897cbaa6bee18a0838fce701da405a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19357
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"4b9d-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYl%2BIg972zQR8FDQdcANVQ%2BzTBEqreV57OsBUAflXnE3glMwtOBlGVPjaXEJyO8mLkH8WcKSRzE%2BMKjLkCycyV964k4V0fK12A8VZAXUD0au%2Ftd5ZzZTJaKoaKVqVWXvBTGEc%2FUflC4RFvsDP13b"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd63a41-CDG
expires
Fri, 28 Oct 2022 14:59:28 GMT
game2.jpg
www.grandfortunecampaign.com/landing/50-free/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandfortunecampaign.com/landing/50-free/images/game2.jpg
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b7be5f7af15c773c10ed2b23e9ece15daf69a545b01bfb73fe220f96311120d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
157567
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
16638
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
"40fe-5cf5a66b99d40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dLj5B5RSNjpfp1QLpCtPAT1TXpjuoeKvjowR7SxMV6lmGSZGpqUWiydppmN0XuNbGh82SQQXsEO2lrUb1l%2BA%2FkCffHeEvaKd2qfFU6qexgq%2Ffv%2FGoOzkc8fdFYYtcpK9KHXXzQZkEM7Gkn6Su4qu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
6a6ad0239dd83a41-CDG
expires
Sat, 29 Oct 2022 10:40:32 GMT
control_landing.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/control_landing.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
306e2592b08cc94178123aea2e0fe59055ff5f0a9dae15d73f0c89d33c192ad6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"eb1-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8%2B7DFaYlg%2BKuZbpTRbTt7DU0vPKP0vFkohNgRJHCYuXfVhmAm%2BQyIeCBeaLBnXZby2ZmQOZ5jfwo2DmWmjv8n79CkOXP8pXuoQDDYlvZCpa2P6ulJcLVt0remikfgs%2FWD8hhmXzU5efd5DcoICL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6a6ad0235d973a41-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Tue, 30 Nov 2021 06:26:39 GMT
clipboard.min.js
www.grandfortunecampaign.com/landing/50-free/popups/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/js/clipboard.min.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"29a6-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UUgOXjm%2BiM0d66gCO2Gf7haJkcsuuHodTQdo5B8xufrQZYlMHSHIHivmEeSqWRpDdmvdNKCPkwPjtfsFB86cHV2idleuzzTXPl8zrYCLzMBhkfA4I075w8K8mSs9u8ahQICf67Yft7HYCk%2FfKVRW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a6ad0237dbb3a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
terms_behaviors.js
www.grandfortunecampaign.com/landing/50-free/js/ 		408 B
795 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/js/terms_behaviors.js
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbfe8ed9f08e1efa70d7cbb83a1755040e454af0dc4108f407a0529380ef5b1a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"198-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MI%2FqzZcgyIVsEK3KkMvohGUTzW%2FDc81A9foqm82zUysH4cJ9KvdZJF2pZ7m56ir3LET3XeguoNsliqOeyZoG2cRc%2BmDTZqZcjKdungwO1sYALbJTgA0WcVgEcxbcNGpu%2BD23WFIoaTjseu72wbbH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
6a6ad0238dcc3a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
gtm.js
www.googletagmanager.com/ 		97 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NNLBBP5
Requested by
Host: www.grandfortunecampaign.com
URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
6538d4e386305785efef2f4bfe4a8e51e922a15cf83499c480a8977182c50f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37814
x-xss-protection
0
last-modified
Sun, 31 Oct 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 31 Oct 2021 06:26:39 GMT
css2
fonts.googleapis.com/ 		0
0
style.css
www.grandfortunecampaign.com/landing/50-free/css/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"2746-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HXaAuR5lJq52HKRVHkkH%2FQvCyZzS4yjVMZ6SztyNMmdaFCl0SWHXCNO%2BjrAf%2FqAw15XnLzUMT1ODCw79y4fAwM7hBGA1CW%2FqHYZHkmkYQYSy9D%2BTZMuBLfl5VV6u1Aw9S56blKfXmk8llAs6E%2Br1"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad023cdf93a41-CDG
expires
Tue, 30 Nov 2021 06:26:39 GMT
load.css
www.grandfortunecampaign.com/landing/50-free/css/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/css/load.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"656-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm2JBJ7mTuPP%2F1MvN3M9dYYBgVs5git0a8uMsEtkMDxbgNPY5n35rJxHPmM%2BtyqMdYbV6ZP%2F3SNeQeZAGcdiWp%2BvObEZQWtI39xXDr%2FczRYQfVNo3NVfxbpGUY7nWB6u5AePrFBrugpdC4XdKpGt"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad023cdfe3a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/counter/css/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"10c5-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkpMOqrOI%2FkHR5Tbzj%2BrKQkhARmTTgRiB5SUYbzyJ75mq7JfpbqA2bygwRJxOXVavzhCP0qP3EDUhvGtz0cgUWyr4Tjaf1wk74C0o61PQqtFORD9808oVRM2IWh6BBXc7ymAZNnCyU%2F1C1b%2Bw3Xo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad023cdff3a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
layout.css
www.grandfortunecampaign.com/landing/50-free/popups/css/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/popups/css/layout.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"1517-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp2cyBeGvzxOXTiHUa0X0ebb%2BY3C1MxUQ8Mj9e82eqTvPoTIvw4rMnbbDYVtAsBR%2Bws14bxnrHZHUczWfq814jP40BCudraNZK1cBptydFLlFB2zbAYE741MatGN%2B5mzksod9HrY3oz7CawmrIOh"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad023ce003a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/5.0.0/normalize.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.19.94 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
701048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
745
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-897"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BEAQ5k8R%2B9eJNDULgekn5qboKeRT5so02UotOMlGK%2BbDm9zncvA%2BZUI4H%2F0rfFqTv%2FStwCOoMFBe%2FP7k0edPzyzM26hmbHt%2BFXo01NYMJjXimjTRZkIajzQBi78hcf4nTcfdXl6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6a6ad023dde97166-DUS
expires
Fri, 21 Oct 2022 06:26:39 GMT
style.css
www.grandfortunecampaign.com/landing/50-free/sparkles/css/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/sparkles/css/style.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/prefixfree/1.0.7/prefixfree.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
228431
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 27 Oct 2021 19:14:21 GMT
server
cloudflare
etag
W/"b2c-5cf5a66b99d40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB2E3drtOLiDaxWW4aU23MkPOu44OdB2LzSzDG%2B%2B3bIZEK2sGJcrJRYfXpGBVAFhlrcE4DGHkNWocxOIyc2gf7r0OIP9IkWuzW65qqGyw8657ZaK%2FSt1Yzi03sw43ipecMbe5BHtVbphOn7flg34"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6a6ad023ce013a41-CDG
expires
Sat, 27 Nov 2021 14:59:28 GMT
getjackpot.php
www.grandfortunecampaign.com/landing/50-free/counter/php/ 		9 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandfortunecampaign.com/landing/50-free/counter/php/getjackpot.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.50.143 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b408636045a0d8c3fb678c0f6d42c7ee2ab9d4dc55b40f5471ef71ce9ae7079d

Request headers

Accept
*/*
Referer
https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 06:26:39 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Q8omE6uA0GV3mIy%2B6PsVeRv9gPs909ldInYKjyM0c5kUBFmiqpL7P9Sbh0hoMNB4lIcYOTzLyMiYizqZDYAGrBjjUr%2FJX7E1zwNAL791MxvwExQoLdcOzDyZ6Y4wyB7cLYsVGKPRsiBT%2BJ7vqcU"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
6a6ad0240e283a41-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NNLBBP5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.grandfortunecampaign.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
1565
date
Sun, 31 Oct 2021 06:00:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sun, 31 Oct 2021 08:00:34 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=59541138&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandfortunecampaign.com%2Flanding%2F50-free%2F%3Faffid%3D5795%2Ct%3DGFCU4a37ce6db3b6a1601479dd41af95c946%2Cycid%3D25%2Cyaid%3D4473%2Cybid%3D267607&dr=https%3A%2F%2Felasticlines.com%2F&ul=en-us&de=UTF-8&dt=Choose%20your%20bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1164363634&gjid=1405050410&cid=1031774412.1635661599&tid=UA-56767102-1&_gid=2010343147.1635661599&_r=1&gtm=2wgar0NNLBBP5&z=1054527288
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandfortunecampaign.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 31 Oct 2021 06:26:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandfortunecampaign.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer function| $ function| jQuery object| RotatingCounter object| _gsScope object| _gsQueue object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| TimelineLite function| TimelineMax function| BezierPlugin function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup object| StyleFix object| PrefixFree function| ClipboardJS object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData string| initial_jackpot string| el_class string| prev_jackpot string| chunk number| notwholesome string| last_chunk string| joined string| fixed_floated string| f number| delay

11 Cookies

Domain/Path Name / Value
.bit.ly/ Name: _bit
Value: l9v6qA-320a9b002685b5217c-001
elasticlines.com/ Name: uid3366
Value: 624763704-20211031022638-15c662f59f0f3391bdcfc4ad57150168-
www.grandfortunelinks.com/ Name: bGZMNXh2MzNDN0ZUMnRYV1dOUnRWUT09
Value: 1635661598
www.grandfortunelinks.com/ Name: Q2x5NC9ibWJYbGhLdXVMWnFDVEpLdz09
Value: 1635661598
www.grandfortunelinks.com/ Name: eResponse
Value: Success-1
www.grandfortunecampaign.com/ Name: PHPSESSID
Value: evramh1afh3fmrl7e8k5rh9ncl
www.grandfortunecampaign.com/ Name: affid
Value: 5795
www.grandfortunecampaign.com/ Name: trackingID
Value: GFCU4a37ce6db3b6a1601479dd41af95c946
.grandfortunecampaign.com/ Name: _ga
Value: GA1.2.1031774412.1635661599
.grandfortunecampaign.com/ Name: _gid
Value: GA1.2.2010343147.1635661599
.grandfortunecampaign.com/ Name: _gat_UA-56767102-1
Value: 1

3 Console Messages

Source Level URL
Text
network error URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.grandfortunecampaign.com/landing/50-free/?affid=5795,t=GFCU4a37ce6db3b6a1601479dd41af95c946,ycid=25,yaid=4473,ybid=267607
Message:
Access to XMLHttpRequest at 'https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap' from origin 'https://www.grandfortunecampaign.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,400;0,500;0,600;0,700;&display=swap
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.ionicframework.com
elasticlines.com
fonts.googleapis.com
kinder.sa.com
www.google-analytics.com
www.googletagmanager.com
www.grandfortunecampaign.com
www.grandfortunelinks.com
www.help4casino.com
fonts.googleapis.com
104.16.19.94
104.16.85.20
104.21.50.143
104.26.7.173
142.250.184.200
142.250.186.42
172.217.23.110
172.67.146.112
172.99.173.141
209.172.32.161
5.44.252.77
67.199.248.10
034b1040796c1413d9dcfbd26850401e872bc36b66286c4b2d3c683f710a808f
19a28e2d74e7eee25716e5a9e7bba44191ae28ada05995a5107d7a85cea3054f
25d4b72fed63c2bedd55717f916131658b0c76ce85ecd48c690ba49aebd8535e
2f708bfa223e488ff1e940156fd6a02f2350057c0c085d6d0e44903c8dd79e61
306e2592b08cc94178123aea2e0fe59055ff5f0a9dae15d73f0c89d33c192ad6
4c4cda2988ff3260c30382baaa10919fe695469b1e40a646cc4e804c0811d8f9
4ef204028448c8312bf56282c6f7abbc9ec2534ba26a788f38523955c1432490
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5b7be5f7af15c773c10ed2b23e9ece15daf69a545b01bfb73fe220f96311120d
5e23eed0cf6103ec950596b7833c64101e0a25460569b85e762c952028463769
6538d4e386305785efef2f4bfe4a8e51e922a15cf83499c480a8977182c50f10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77720299b5059899bed4f6fbdc585017b8b11c6f956fc636614df63251a0a42a
84abba102e41fb04e1c1b3cf96332fd7f7025839ac2a49f0d07ae0da5963e0a2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8863ca3a1c6df61872d6a06e202811f5af85565cb83351918eb74775e981f0f1
99e1761c92764dcaeec33df3e1773160344cc4aa6b8ddaee0477372279a2c424
b408636045a0d8c3fb678c0f6d42c7ee2ab9d4dc55b40f5471ef71ce9ae7079d
b76ffbb2665f82b493e054b50d3d1bb3f2a8b4233be1795ca9937956eef196bc
bda358cfd9f7f904ef04f12dc41ec94c275bc8cd9cefecea24462b42d4f07d54
bee2a01b0f01d54bcda07e8dfcc91dd998897cbaa6bee18a0838fce701da405a
d47854232f08b79d1af5c7af5649ad35a4e3840f40551ce780c148fa458b8840
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
ed8b3a057e9069acdf5b016b587c75a1bfd85d2693014dfffa37748a484164d8
ee8baf7f080fc8c04eae5341a63177b4449380698cab88957011c1261ea693d6
f78e52f1de361a02ac34324bf417159c20471e2eafe3b5752cead7bfeb8a2d2d
f9afd9142b98d20ece226c8d14fe85cc19979410633ca6e58fa1d1341c6fbb89
fbfe8ed9f08e1efa70d7cbb83a1755040e454af0dc4108f407a0529380ef5b1a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62