fortunega.cfd Open in urlscan Pro
35.213.151.141 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://fortunega.cfd/
Effective URL:
https://fortunega.cfd/
Submission Tags: @ecarlesi possiblethreat phishing nordvpn Search All
Submission: On July 12 via api (July 12th 2024, 5:34:09 pm UTC) from IT — Scanned from SG

Summary HTTP 97 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 8 domains to perform 97 HTTP transactions. The main IP is 35.213.151.141, located in Singapore, Singapore and belongs to GOOGLE, US. The main domain is fortunega.cfd.
TLS certificate: Issued by R10 on July 12th 2024. Valid for: 3 months.

This is the only time fortunega.cfd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	35.213.151.141 35.213.151.141	15169 (GOOGLE) (GOOGLE)
6	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
42	104.16.155.111 104.16.155.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.156.111 104.16.156.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.165.102.31 3.165.102.31	16509 (AMAZON-02) (AMAZON-02)
3	216.239.36.181 216.239.36.181	15169 (GOOGLE) (GOOGLE)
1	74.125.200.157 74.125.200.157	15169 (GOOGLE) (GOOGLE)
3	74.125.130.94 74.125.130.94	15169 (GOOGLE) (GOOGLE)
1 3	142.251.12.104 142.251.12.104	15169 (GOOGLE) (GOOGLE)
3	74.125.130.156 74.125.130.156	15169 (GOOGLE) (GOOGLE)
6	104.19.159.190 104.19.159.190	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.251.12.101 142.251.12.101	15169 (GOOGLE) (GOOGLE)
1 2	74.125.68.149 74.125.68.149	15169 (GOOGLE) (GOOGLE)
1	142.251.175.148 142.251.175.148	15169 (GOOGLE) (GOOGLE)
97	15

3 35.213.151.141 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 141.151.213.35.bc.googleusercontent.com

fortunega.cfd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.175.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 104.16.155.111 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.156.111 (None, )

ASN13335 (CLOUDFLARENET, US)

ic.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.165.102.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-102-31.sin2.r.cloudfront.net

sb.nordcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.36.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f94.1e100.net

www.google.com.sg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.104 (Farmingdale, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.159.190 (None, )

ASN13335 (CLOUDFLARENET, US)

cm.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.nordvpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.12.101 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f101.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f149.1e100.net

12123059.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.148 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	nordcdn.com s1.nordcdn.com — Cisco Umbrella Rank: 150673 ic.nordcdn.com — Cisco Umbrella Rank: 514545 sb.nordcdn.com — Cisco Umbrella Rank: 272864	899 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 67	22 KB
7	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 133 googleads.g.doubleclick.net — Cisco Umbrella Rank: 69 12123059.fls.doubleclick.net — Cisco Umbrella Rank: 386840 ad.doubleclick.net — Cisco Umbrella Rank: 169	5 KB
6	nordvpn.com cm.nordvpn.com — Cisco Umbrella Rank: 324679 d.nordvpn.com — Cisco Umbrella Rank: 282115 nordvpn.com Failed	364 B
6	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 5	835 B
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 72	526 KB
3	google.com.sg www.google.com.sg — Cisco Umbrella Rank: 12170	670 B
3	fortunega.cfd fortunega.cfd	76 KB
97	8

	Domain	Requested by
42	s1.nordcdn.com	fortunega.cfd s1.nordcdn.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com fortunega.cfd
6	www.googletagmanager.com	fortunega.cfd www.googletagmanager.com
5	d.nordvpn.com	s1.nordcdn.com
4	sb.nordcdn.com	fortunega.cfd
3	googleads.g.doubleclick.net	fortunega.cfd www.googletagmanager.com
3	www.google.com	1 redirects fortunega.cfd
3	www.google.com.sg	fortunega.cfd
3	analytics.google.com	www.googletagmanager.com
3	fortunega.cfd	fortunega.cfd
2	12123059.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ic.nordcdn.com	fortunega.cfd
1	ad.doubleclick.net
1	cm.nordvpn.com	fortunega.cfd
1	stats.g.doubleclick.net	www.googletagmanager.com
0	nordvpn.com Failed	s1.nordcdn.com
97	16

This site contains links to these domains. Also see Links.

Domain
nordvpn.com
youtu.be
twitter.com
www.forbes.com
www.independent.co.uk
support.nordvpn.com
account.nordvpn.com

Subject Issuer	Validity	Valid
fortunega.cfd R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.nordcdn.com GlobalSign GCC R6 AlphaSSL CA 2023	`2024-03-13` - `2025-04-14`	a year	crt.sh
nordsecurity.bynder.com Amazon RSA 2048 M02	`2024-02-06` - `2025-03-06`	a year	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.google.com.sg WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.nordvpn.com AlphaSSL CA - SHA256 - G4	`2023-09-18` - `2024-10-19`	a year	crt.sh
www.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://fortunega.cfd/
Frame ID: BCAF3482D90D96BF3257B5A0A3F96C7D
Requests: 95 HTTP requests in this frame

Frame: https://12123059.fls.doubleclick.net/activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F
Frame ID: 97E7CD460AAA84E727D808EDCFE2FD9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Buy NordVPN, get a special gift | NordVPN

Page URL History Show full URLs

http://fortunega.cfd/ HTTP 307
https://fortunega.cfd/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

89 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

15
IPs

3
Countries

1632 kB
Transfer

3350 kB
Size

31
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://nordvpn.com/pricing/bundle-nordvpn/
Title: Unprotected

Search URL Search Domain Scan URL

URL: https://nordvpn.com/
Title: NordVPN logo

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/windows/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/mac/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/linux/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/android/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/ios/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/chrome-extension/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/firefox-extension/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/edge-extension/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/android-tv/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/download/other/

Search URL Search Domain Scan URL

URL: https://nordvpn.com/contact-us/
Title: Live chat

Search URL Search Domain Scan URL

URL: https://youtu.be/nVyuyXXwEws?t=114
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/TXLUafBNjnc?t=215
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://youtu.be/ev3GMJXKHSI?t=330
Title: Watch on YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/Alch3m1s7/status/1639579744550133760?s=20
Title: A|ch3m1st@Alch3m1s7@NordVPN the new meshnet is mind-blowingly amazing piece of tech 🚀, with unlimited bottomless use cases. God bless ya all! 🙌12:47 PM – Mar 25, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/MrNathanCorliss/status/1636840377494933504
Title: Nathan Corliss@MrNathanCorlissThis is completely unsolicited praise, @NordVPN, is very helpful as an advertiser testing search ads, and as a work-anywhere person who needs to ensure I have a safe internet connection. Great value. So easy to use, I actually use it. Keep up the good work.11:22 PM – Mar 17, 2023

Search URL Search Domain Scan URL

URL: https://twitter.com/PedroTheKiwi/status/1633502224721793024
Title: Pedro@PedroTheKiwiI’ve been using NordVPN and their other products for the last 4 years. Absolutely outstanding product and service6:17 PM – Mar 8, 2023

Search URL Search Domain Scan URL

URL: https://www.forbes.com/advisor/business/software/best-vpn/#best-vpn-services-2023-nordvpn
Title: Forbes Advisor

Search URL Search Domain Scan URL

URL: https://www.independent.co.uk/advisor/vpn/nordvpn-review
Title: Independent Advisor

Search URL Search Domain Scan URL

URL: https://nordvpn.com/cybercrimes/jeffrey/
Title: Find out more

Search URL Search Domain Scan URL

URL: https://nordvpn.com/cybercrimes/michael/
Title: Find out more

Search URL Search Domain Scan URL

URL: https://nordvpn.com/cybercrimes/sherjeel/
Title: Find out more

Search URL Search Domain Scan URL

URL: https://nordvpn.com/saily-giveaway-tc/
Title: terms and conditions

Search URL Search Domain Scan URL

URL: https://support.nordvpn.com/hc/en-us
Title: Help Center

Search URL Search Domain Scan URL

URL: https://account.nordvpn.com/legal/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://fortunega.cfd/ HTTP 307
https://fortunega.cfd/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid=59291205.1720805642 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid=59291205.1720805642

Request Chain 81

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F HTTP 302
https://12123059.fls.doubleclick.net/activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F

97 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
fortunega.cfd/
Redirect Chain

http://fortunega.cfd/
https://fortunega.cfd/

410 KB
76 KB

69ms
12ms

Document
text/html

35.213.151.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunega.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.213.151.141 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 141.151.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7708fdab2e1d8b28eada4f725330b470fec191dcbd5ccacca36637e2c1c26ddd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding: br
content-type: text/html
date: Fri, 12 Jul 2024 17:34:01 GMT
etag: W/"66736-61d083646f011"
host-header: 8441280b0c35cbc1147f8ba998a563a7
last-modified: Fri, 12 Jul 2024 07:56:07 GMT
server: nginx
vary: Accept-Encoding
x-httpd-modphp: 1
x-proxy-cache: HIT

Redirect headers

Location: https://fortunega.cfd/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 380ms
32ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

dde8250b4d2bfd58fe5074ee121f09d4ae6c617743fe1e6b78f5ede1cc627a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 17:34:01 GMT

GET
H2 200 base.css
s1.nordcdn.com/nordvpn/3.1055.0/css/ 94 KB
17 KB 418ms
59ms Stylesheet
text/css 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.1055.0/css/base.css

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d951c24cbd0538a72f538938e5e7312eb33c33f3bd5a7f00a754d2d02fcf9b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 11:02:06 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 25138
etag: W/"66828cae-1763a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4ce95f33-SIN

GET
H2 404 css.php%3Ftoken=087ff7d50cef5b7996e173f0dba52cd3&ver=2.css
fortunega.cfd/wp-content/plugins/combine-css/ 0
0 88ms
87ms Stylesheet
text/html 35.213.151.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunega.cfd/wp-content/plugins/combine-css/css.php%3Ftoken=087ff7d50cef5b7996e173f0dba52cd3&ver=2.css
Requested by: Host: fortunega.cfd
URL: https://fortunega.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.213.151.141 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 141.151.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: EXPIRED

GET
H2 200 circle-check.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/16/ 567 B
601 B 402ms
59ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/16/circle-check.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08af08fc2309d58ca9de310b70933b48c4ddb40af7d034aab4b66fb12de4b1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 1717
etag: W/"662bba63-237"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4ceb5f33-SIN

GET
H2 200 hero-nordvpn-saily-campaign24-xs-no-discount-en-2x.jpg
ic.nordcdn.com/v1/fr_webp/https://sb.nordcdn.com/m/1c29c2d9ee95b3b1/original/ 139 KB
140 KB 420ms
61ms Image
image/webp 104.16.156.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/fr_webp/https://sb.nordcdn.com/m/1c29c2d9ee95b3b1/original/hero-nordvpn-saily-campaign24-xs-no-discount-en-2x.jpg?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=fXdDsNYJrO%2F0g8IjWmm3OHC%2Fw9UFn%2Brt305PyUOfOvc%3D

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.156.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

088d6f049a32540aa74df435e99db9bc7e8e91487545bdb2a783bd5e433d05aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 997477c5b041959ee028cbcd8bb45456.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 142600
cf-resized: internal=ok/m q=0 n=17+0 c=11+134 v=2024.6.0 l=142600
last-modified: Wed, 10 Jul 2024 19:37:22 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfhuCXtDd0_utkfLA_jyrnmpSzsZ7-Tzt04sSdBa-5DQ"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a22c81e4e723e1a-SIN

GET
H2 200 nord.svg
sb.nordcdn.com/m/61346cf101c57aeb/original/ 571 B
1 KB 446ms
63ms Image
image/svg+xml 3.165.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sb.nordcdn.com/m/61346cf101c57aeb/original/nord.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.102.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-102-31.sin2.r.cloudfront.net

Software

nginx /

Resource Hash

332e18a0158996ec2bcbd37608f244a7468a8c4a0a973f0a5776f74c0819f10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 19:36:46 GMT
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
via: 1.1 2da9ed4121f37617e38a83e6899237fa.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P6
age: 79035
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: attachment;filename="nord.svg"
content-length: 571
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 5aa4cbaa-f7a1-cbd5-bc77-b9cfcdbde9dd
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: Y8EIqE-YJk5TArlp5mw3ayBHzdQVL280AcuZRd7_C4b6Gb_kYYKwdQ==

GET
H2 200 saily-gift-1.svg
sb.nordcdn.com/m/7dce2c5e4036efc5/original/ 2 KB
1 KB 427ms
44ms Image
image/svg+xml 3.165.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sb.nordcdn.com/m/7dce2c5e4036efc5/original/saily-gift-1.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.102.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-102-31.sin2.r.cloudfront.net

Software

nginx /

Resource Hash

3ae8ab2e206a315924f20b1981eb51d3de3f4a69dfb86ff327a1169e86378e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 03:52:57 GMT
content-encoding: gzip
via: 1.1 2da9ed4121f37617e38a83e6899237fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
x-amz-cf-pop: SIN2-P6
age: 135664
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: attachment;filename="saily-gift-1.svg"
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: aa3f130c-635c-9094-3638-8bd3872eac56
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: mQ7mvPNk0EiNSJaVGDiTyGQ_gFmGZzt2p4o8Oa7odiG0r68vF1yT4A==

GET
H2 200 Saily-logo.svg
sb.nordcdn.com/m/48372f4d71cef3d6/original/ 4 KB
2 KB 427ms
44ms Image
image/svg+xml 3.165.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sb.nordcdn.com/m/48372f4d71cef3d6/original/Saily-logo.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.102.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-102-31.sin2.r.cloudfront.net

Software

nginx /

Resource Hash

c6e54586ac6f5a71f0d30cea44f53aa5b16055c4aaecff1b48817730e478492f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 03:52:57 GMT
content-encoding: gzip
via: 1.1 2da9ed4121f37617e38a83e6899237fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
x-amz-cf-pop: SIN2-P6
age: 135664
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: attachment;filename="Saily-logo.svg"
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/svg+xml
access-control-allow-origin: *
x-api-correlation-id: 693174f4-386e-7135-377e-b5a23306227d
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: SkMincASxKWPfhhEVY7YxlR4Du7EEtHcX9PHFP2xatTYpU_yB1kVmg==

GET
H2 200 loader.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/48/ 366 B
550 B 400ms
58ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/48/loader.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1ed189a373a0883b3dbafba64f37cc3664b2fcb797a091f03a5e2c13da4372

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 504
etag: W/"662bba63-16e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4cee5f33-SIN

GET
H2 200 globe-language.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 867 B
797 B 401ms
58ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/globe-language.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40abddd42f393c08af686e357134bcaf09aab1d092e605e3f544227c5a92c326

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 1079
etag: W/"662bba63-363"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4cf15f33-SIN

GET
H2 200 index.js Show response
s1.nordcdn.com/d/nordvpn/prod/ 15 KB
6 KB 397ms
55ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/d/nordvpn/prod/index.js?collectorUrl=https://d.nordvpn.com/1/cc&project=nordvpn&linkerDomains=nordcheckout.com,nordaccount.com,nordpass.com,nordlocker.com,nord-for-apps.com,nord-cn-web.org,nord-cn.net,nordme.org,sec-cn.site,nordforme.com,cnnord.website,nord-apps.com,nordforapps.com,accelerator-china.site,cn-accelerator.site,cn-access.website,cn-nord.info,cnaccelerator.info,cqxqlbe.site,nordmirror.com,onlinesecurity.website,security-cn.info,getnord.net,get-nord.org,getnord.org,ncheckout.com,ndaccount.com,ndcheckout.com,nord-email.com,nord-help.com,nord-help.net,nordauth.com,nordforcn.info,nordforme.net,nordforme.org,naccount.dev,ncheckout.dev,nordvpn.net,downhills.dev,creators.nordsecurity.com

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d623a1abfb907b9e6d3bbf319444d5b6e2b7c02c9494d53e175ffb70a1775a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 09 Jul 2024 13:51:29 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 203481
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
cf-ray: 8a22c81e4cf25f33-SIN

GET
H2 200 en-woff2.css Show response
s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/ 139 KB
106 KB 655ms
305ms XHR
text/css 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nord/misc/0.68.0/common/fonts/aurora/en-woff2.css

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 13 Mar 2023 13:47:21 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=16070400
cf-ray: 8a22c81e4e499f7f-SIN
expires: Tue, 14 Jan 2025 17:34:02 GMT

GET
H2 200 ga-set-dimensions.min.js Show response
s1.nordcdn.com/nordvpn/3.887.6/js/ 4 KB
2 KB 85ms
84ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.887.6/js/ga-set-dimensions.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Jul 2022 13:51:46 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1385
etag: W/"62cc2af2-fa1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eada75f33-SIN

GET
H2 200 unsupported-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.816.0/js/ 1 KB
868 B 87ms
86ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.816.0/js/unsupported-fallback.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 19 Jan 2022 12:16:13 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1385
etag: W/"61e8010d-465"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eadaa5f33-SIN

GET
H2 200 lazyload.min.js Show response
s1.nordcdn.com/nordvpn/3.683.0/js/ 10 KB
5 KB 86ms
85ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.683.0/js/lazyload.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 24 Mar 2021 14:28:00 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1385
etag: W/"605b4c70-29e0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eadab5f33-SIN

GET
H2 200 countdown.min.js Show response
s1.nordcdn.com/nordvpn/3.965.0/js/ 11 KB
4 KB 89ms
88ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.965.0/js/countdown.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cdfab45d7832a865d990f47a4c0d3e7e834a52f0d6402abb62697ed48e2fa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 21 Mar 2023 14:38:30 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 24481
etag: W/"6419c166-2a55"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eadac5f33-SIN

GET
H2 200 status-bar.min.js Show response
s1.nordcdn.com/nordvpn/3.960.2/js/ 9 KB
3 KB 85ms
84ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.960.2/js/status-bar.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c78fb1324ee428f6cf9dcd3330963849b7723e4e73ca40de97642adb75ce987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 11:16:05 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1385
etag: W/"6405cb75-2575"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eadae5f33-SIN

GET
H2 200 experiments-fallback.min.js Show response
s1.nordcdn.com/nordvpn/3.837.0/js/ 4 KB
2 KB 69ms
69ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.837.0/js/experiments-fallback.min.js

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 21 Mar 2022 08:28:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1385
etag: W/"62383731-eb5"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eadaf5f33-SIN

GET
H2 200 jquery.min.js Show response
s1.nordcdn.com/jquery/1.12.4/ 95 KB
34 KB 270ms
55ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/jquery/1.12.4/jquery.min.js?ver=1.11.3

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 28 Mar 2018 12:23:25 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 1384
etag: W/"5abb893d-17b8b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4ced5f33-SIN

GET
H2 404 compiled.min.js%3Fver=3.31.0
fortunega.cfd/wp-content/plugins/popups-plugin/dist/ 0
0 66ms
66ms Script
text/html 35.213.151.141
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fortunega.cfd/wp-content/plugins/popups-plugin/dist/compiled.min.js%3Fver=3.31.0
Requested by: Host: fortunega.cfd
URL: https://fortunega.cfd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.213.151.141 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS: 141.151.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
x-proxy-cache-info: 0 NC:000000 UP:
content-type: text/html
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: EXPIRED

GET
H2 200 base.min.js Show response
s1.nordcdn.com/nordvpn/3.1055.0/js/ 188 KB
46 KB 80ms
79ms Script
application/javascript 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ec66c53ed872997945bf785b2d0c66d8fde1837ff95aa2233ca2c752ab6665

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Jul 2024 11:02:06 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 25139
etag: W/"66828cae-2efbc"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81eada55f33-SIN

GET
H2 200 bg-nordvpn-saily-campaign24-h-lg2-en-2x.jpg
sb.nordcdn.com/m/785711a23c2cd221/original/ 481 KB
463 KB 335ms
44ms Image
image/jpeg 3.165.102.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sb.nordcdn.com/m/785711a23c2cd221/original/bg-nordvpn-saily-campaign24-h-lg2-en-2x.jpg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.165.102.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-165-102-31.sin2.r.cloudfront.net

Software

nginx /

Resource Hash

94a05dc50d0ff45db2b1ed4e3dbb12804d258c2d4a42cd2d2f236c03c989eb3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 04:57:54 GMT
content-encoding: gzip
via: 1.1 2da9ed4121f37617e38a83e6899237fa.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains
x-content-type-options: nosniff
x-amz-cf-pop: SIN2-P6
age: 131767
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="bg-nordvpn-saily-campaign24-h-lg2-en@2x.jpg"
referrer-policy: strict-origin-when-cross-origin
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
x-api-correlation-id: 9dfe0578-d45f-0760-4969-e3948cf2b4a3
cache-control: public, max-age=172800
permissions-policy: camera=(), geolocation=(), microphone=()
accept-ranges: bytes
x-amz-cf-id: 1lOxLj44trb77tXfpmBWarG9rlGLXN0EKVDi3NxW7WMq5fbyhcpadw==

GET
H2 200 banner-sky-bg-lg-2x.jpg
ic.nordcdn.com/v1/b_150/https://sb.nordcdn.com/m/5be604a3955bab67/original/ 29 KB
30 KB 275ms
60ms Image
image/jpeg 104.16.156.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ic.nordcdn.com/v1/b_150/https://sb.nordcdn.com/m/5be604a3955bab67/original/banner-sky-bg-lg-2x.jpg?X-Nord-Credential=T4PcHqfACi8Naxvulzf4IE8XT4oypRTi0blOOGwbK2A8L4fcPw52k3qkvbkYH&X-Nord-Signature=WwJxKm8qVBr53m3QY9g3YqPl%2FnKvAZXJjTaS%2BzJJ2Ss%3D

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.156.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4322df8afb846e0ccbd29b3e695b19c50d3c8a8c459426f3540ac211f151ea79

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
via: 1.1 8c9a0c99f4b683332dc88f73bbc3c078.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
content-length: 29703
cf-resized: internal=ok/h q=0 n=8+0 c=10+76 v=2024.6.0 l=29703
last-modified: Thu, 11 Jul 2024 19:33:30 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: "cf87Hh6Scp38JgZ4qZ-ihyLFzt5eFvJ-O2Ms6ct2REDQ"
vary: Accept, Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=172800
accept-ranges: bytes
cf-ray: 8a22c81e4e763e1a-SIN
priority: u=1;i=?0,cf-chb=(264;u=3;i=?0 10380;u=5;i=?0 10720;u=6;i=?0)

GET
DATA 200
OK truncated
/ 42 B
42 B Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
112 KB 238ms
35ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

865d1c66035ca4c25cc6376d21c80f857705f43d6f073949f33c456e0cef8870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 114120
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 16:30:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 17:34:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 20ms
18ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6c8bc9de71ac491de9aede82ade0edbba45010255a313ea8a3d766911f916590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 12 Jul 2024 17:34:02 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 353ms
12ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4790v874252800za200&_p=1720805641714&_gaz=1&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=107347749.1720805642&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720805642&sct=1&seg=0&dl=https%3A%2F%2Ffortunega.cfd%2F&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1&tfd=596&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunega.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 361ms
13ms Ping
text/plain 74.125.200.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LEXMJ1N516&cid=107347749.1720805642&gtm=45je4790v874252800za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.200.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sa-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunega.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.sg/ads/ 42 B
408 B 363ms
18ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LEXMJ1N516&cid=107347749.1720805642&gtm=45je4790v874252800za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t5&npa=0&frm=0&z=762898972

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid=59291205.172...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid...

42 B
285 B

676ms
22ms

Ping
image/gif

74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid=59291205.1720805642

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5&tag_exp=0&rnd=1245568068.1720805642&url=https%3A%2F%2Ffortunega.cfd%2F&dma=0&npa=0&gtm=45He4790n71WX5CH8v6894354za200&auid=59291205.1720805642
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 227 KB
82 KB 21ms
20ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7d76fadf5cde6b15aafe675811da5e9818f61f023e2c5c9fe406261417ba4a5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84125
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 16:30:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 17:34:02 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 66ms
65ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-386034582&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

13641c0db64b833896bbbf48983903b64301f7e2ca3e4ff63b84980f5359ef37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86219
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 16:30:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 17:34:02 GMT

GET
H2 200 collect
cm.nordvpn.com/ 0
364 B 403ms
303ms Image
text/plain 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.nordvpn.com/collect?ev=pv&pu=https%3A%2F%2Ffortunega.cfd%2F&pp=%2F&pr=&pt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&dc=desktop&gtmcb=1593132078

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8a22c8202d0c821f-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 cc
d.nordvpn.com/1/ Frame 0
0 439ms
325ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunega.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a22c8204dc56033-SIN
date: Fri, 12 Jul 2024 17:34:02 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: d84a262c98d89007e78dfb84dd2fe8a9

POST cc
d.nordvpn.com/1/ 0
0

GET
H2 200 circle-check.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/16/ 567 B
0 1ms
0ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/16/circle-check.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08af08fc2309d58ca9de310b70933b48c4ddb40af7d034aab4b66fb12de4b1b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 1717
etag: W/"662bba63-237"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4ceb5f33-SIN

GET
H2 200 loader.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/48/ 366 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/48/loader.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe1ed189a373a0883b3dbafba64f37cc3664b2fcb797a091f03a5e2c13da4372

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 504
etag: W/"662bba63-16e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4cee5f33-SIN

GET
H2 200 globe-language.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 867 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/globe-language.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40abddd42f393c08af686e357134bcaf09aab1d092e605e3f544227c5a92c326

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 1079
etag: W/"662bba63-363"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c81e4cf15f33-SIN

GET admin-ajax.php
nordvpn.com/wp-admin/ 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
0 15ms
14ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4790v874252800z86894354za200&_p=1720805641714&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=107347749.1720805642&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1720805642&sct=1&seg=0&dl=https%3A%2F%2Ffortunega.cfd%2F&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&en=consent_status&ep.consent_status=accepted&ep.consent_settings=ES_FU_AN_AD_ADUD_ADPE&ep.placement=cookie_consent&_et=338&tfd=1109&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunega.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 352ms
14ms Script
text/javascript 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-42858496-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 12 Jul 2024 17:10:43 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1399
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 12 Jul 2024 19:10:43 GMT

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6

Request headers

Referer
Origin: https://fortunega.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 33 KB
33 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62

Request headers

Referer
Origin: https://fortunega.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
DATA 200
OK truncated
/ 36 KB
36 KB Font
font/woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4

Request headers

Referer
Origin: https://fortunega.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: font/woff2;charset=utf-8

GET
H2 200 wired-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 3 KB
1 KB 30ms
29ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/wired-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68aa7af6dd952d1f69cbebe4ce991f71982ac1bc84829057b99c111bad51462b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-a4b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278c15f33-SIN

GET
H2 200 huffpost-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 2 KB
1 KB 32ms
31ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/huffpost-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83cb11121d11acdd86ea6aaef1a8bcab023686e36bfac23057b0a484f9344990

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-77f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278c65f33-SIN

GET
H2 200 buzzfeed-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 3 KB
2 KB 26ms
25ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/buzzfeed-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e975fd6a51e0dac52a4538bc5cc7af7d22255a5038fd4b56ccc69c0a1783a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-d14"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278c75f33-SIN

GET
H2 200 forbes-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 5 KB
2 KB 30ms
29ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/forbes-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

613cc5339598550454ff331c21011b8de212e3e13feb61c6b53a1f5a6fff87c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-123e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278c85f33-SIN

GET
H2 200 tedx-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 589 B
451 B 29ms
29ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/tedx-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ee96cae1fa9b39337d325b8d9d8df3fef43cc2db6560592f7c78306059e303

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-24d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278ca5f33-SIN

GET
H2 200 business-insider-grey.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/ 5 KB
2 KB 91ms
91ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/logos/horizontal/business-insider-grey.svg

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbe084dfc60c411fc66f77bbdc3f734571d4b10dc08c92237f1626c467ccfa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 23081
etag: W/"662bba63-1207"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82278cb5f33-SIN

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/ 3 KB
1 KB 625ms
21ms Script
text/javascript 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/950534254/?random=1720805642652&cv=11&fst=1720805642652&bg=ffffff&guid=ON&async=1&gtm=45be4790z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-950534254&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

ebdeccfce8d201034e2fcfc93020e9ffac48070d7b45c7e2d7755ac712f48de5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/386034582/ 3 KB
2 KB 544ms
19ms Script
text/javascript 74.125.130.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/386034582/?random=1720805642733&cv=11&fst=1720805642733&bg=ffffff&guid=ON&async=1&gtm=45be4790v9166857486z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-386034582&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f156.1e100.net

Software

cafe /

Resource Hash

c9506bb264d14f527b9600067d017459e3fac5e649ece791708eec92ac6ffadc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1373
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tech_of_tomorrow-sm.webp
s1.nordcdn.com/nordvpn/media/1.1860.0/images/campaigns/special/ 1 KB
2 KB 292ms
292ms Image
image/webp 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1860.0/images/campaigns/special/tech_of_tomorrow-sm.webp

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0bd270fba08b2f077cc9f9a22ac5126c8f9c416ff237f95670481e95c2462b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 16:31:28 GMT
server: cloudflare
etag: "63ea65e0-566"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 8a22c823c9cc5f33-SIN
content-length: 1382

GET
H2 200 max_eddy_pc_mag-sm.webp
s1.nordcdn.com/nordvpn/media/1.1860.0/images/campaigns/special/ 1 KB
1 KB 284ms
284ms Image
image/webp 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1860.0/images/campaigns/special/max_eddy_pc_mag-sm.webp

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a52bc77230c76e062f677dab9df1617fbc268c9bc01834e646341e42e8bea47

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 13 Feb 2023 16:31:28 GMT
server: cloudflare
etag: "63ea65e0-572"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 8a22c8248a4a5f33-SIN
content-length: 1394

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 16ms
15ms XHR
text/plain 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1172812341&t=pageview&_s=1&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1461324155&gjid=942506837&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&_r=1&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=406121076

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunega.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 15ms
15ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=1&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=1173605426

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73400
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 15ms
14ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=2&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Initiated&ev=34763&_u=YCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=1063137043

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73400
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/386034582/ 42 B
108 B 21ms
18ms Image
image/gif 142.251.12.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/386034582/?random=1720805642733&cv=11&fst=1720803600000&bg=ffffff&guid=ON&async=1&gtm=45be4790v9166857486z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLz7BRahpBn3TXV-4H1eiHDJ7fgwa4EA&random=993852695&rmt_tld=0&ipr=y

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.104 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/386034582/ 42 B
108 B 19ms
17ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/386034582/?random=1720805642733&cv=11&fst=1720803600000&bg=ffffff&guid=ON&async=1&gtm=45be4790v9166857486z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLz7BRahpBn3TXV-4H1eiHDJ7fgwa4EA&random=993852695&rmt_tld=1&ipr=y

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/950534254/ 42 B
108 B 18ms
16ms Image
image/gif 142.251.12.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/950534254/?random=1720805642652&cv=11&fst=1720803600000&bg=ffffff&guid=ON&async=1&gtm=45be4790z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLd_sJCkRI-MYw7f4vONfhbuR6oGm-Og&random=423133129&rmt_tld=0&ipr=y

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.104 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.sg/pagead/1p-user-list/950534254/ 42 B
154 B 18ms
17ms Image
image/gif 74.125.130.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.sg/pagead/1p-user-list/950534254/?random=1720805642652&cv=11&fst=1720803600000&bg=ffffff&guid=ON&async=1&gtm=45be4790z86894354za201zb6894354&gcd=13t3t3t3t5&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffortunega.cfd%2F&hn=www.googleadservices.com&frm=0&tiba=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&npa=0&pscdl=noapi&auid=59291205.1720805642&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLd_sJCkRI-MYw7f4vONfhbuR6oGm-Og&random=423133129&rmt_tld=1&ipr=y

Requested by

Host: fortunega.cfd
URL: https://fortunega.cfd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 362ms
361ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunega.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a22c826feb74092-SIN
date: Fri, 12 Jul 2024 17:34:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: d99a7da54bc2d31bb71d13087e03b302

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 799ms
798ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunega.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a22c8270ec94092-SIN
date: Fri, 12 Jul 2024 17:34:04 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: f159f6de0a15a8f176ee97227b3fa458

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 289ms
289ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunega.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a22c8270edd4092-SIN
date: Fri, 12 Jul 2024 17:34:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: e98ba4be81ab28483169f4dcf80d04da

OPTIONS
H3 204 cc
d.nordvpn.com/1/ Frame 0
0 272ms
272ms Preflight 104.19.159.190
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://d.nordvpn.com/1/cc

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.159.190 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fortunega.cfd
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

allow: OPTIONS, POST
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a22c8272eed4092-SIN
date: Fri, 12 Jul 2024 17:34:03 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-request-id: 2e5e1bd559fc22df4d300bf4e2df8c8a

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 13ms
13ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=3&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Currency&ea=Loaded&el=JPY&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=140819738

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST cc
d.nordvpn.com/1/ 0
0

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 14ms
13ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=4&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=03%20-%20PartnerBarTest&ev=0&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=298185279

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 16ms
15ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=5&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=02%20-%20SailyBanner&ev=0&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=817118634

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 14ms
14ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=6&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=01%20-%20HeroLeftV4&ev=0&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=1767345791

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 14ms
14ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=7&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Scroll&el=00%20-%20Header&ev=0&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&z=68403170

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 13ms
12ms Image
image/gif 142.251.12.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1172812341&t=event&ni=1&_s=8&dl=https%3A%2F%2Ffortunega.cfd%2F&ul=en-sg&de=UTF-8&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Main%20Interactions&ea=Countdown&el=Activated&ev=0&_u=aCDACUABBAAAACAAI~&jid=&gjid=&cid=107347749.1720805642&tid=UA-42858496-1&_gid=616526849.1720805643&gtm=457e4790za200zb874252800&gcs=G111&gcd=13t3t3t3t5&dma=0&tag_exp=0&jsscut=1&cd40=Active&z=1387412091

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.101 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f101.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 21:10:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 214 KB
77 KB 19ms
18ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5CH8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

7ddcc8a6c7c1c54a5ce8f04b867237ac36f82587661d0c6573439a23ea8e19d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78629
x-xss-protection: 0
last-modified: Fri, 12 Jul 2024 16:30:56 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Jul 2024 17:34:03 GMT

GET
H2 200 favicon-32x32.png
s1.nordcdn.com/nordvpn/media/1.2079.0/images/global/favicon/ 401 B
512 B 24ms
23ms Other
image/png 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2079.0/images/global/favicon/favicon-32x32.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d8e273c17d886307812a40d6a50bd7067bbff5c75d5c58efce7fd1b9b416943

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:03 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Fri, 15 Sep 2023 10:01:21 GMT
server: cloudflare
age: 25482
etag: "65042b71-191"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 8a22c8274c495f33-SIN
content-length: 401

GET
H2

200

activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;...
12123059.fls.doubleclick.net/ Frame 97E7
Redirect Chain

https://12123059.fls.doubleclick.net/activityi;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw...
https://12123059.fls.doubleclick.net/activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=...

0
0

274ms
273ms

Document
text/html

74.125.68.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12123059.fls.doubleclick.net/activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12123059&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f149.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 651
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 17:34:03 GMT
expires: Fri, 12 Jul 2024 17:34:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 12 Jul 2024 17:34:03 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12123059.fls.doubleclick.net/activityi;dc_pre=CMjg8ciEoocDFV9WwgUdJjsE4Q;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
ad.doubleclick.net/ 0
24 B 418ms
80ms Image
image/png 142.251.175.148
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12123059;type=retar0;cat=purea0;ord=5040229969341;npa=0;auiddc=59291205.1720805642;ps=1;pcor=642929141;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4790v9181811535z86894354za201zb6894354;gcs=G111;gcd=13t3t3t3t5;dma=0;tag_exp=0;epver=2;~oref=https%3A%2F%2Ffortunega.cfd%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.148 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f148.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:03 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"9677921626787095800"}],"aggregatable_trigger_data":[{"filters":[{"14":["12849875"]}],"key_piece":"0x60b2ad3af3957595","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x584d268e5c76892","not_filters":{"14":["12849875"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"7449261974257795938","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"9677921626787095800","filters":[{"14":["12849875"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"9677921626787095800","filters":[{"14":["12849875"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"9677921626787095800","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"9677921626787095800","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12123059"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 br-streaming.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 358 B
317 B 32ms
31ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-streaming.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340726ee9a30a4d93e6ec3a73ad2c417f34a6c68411de6027fd5e5206ef54dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-166"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e65f33-SIN

GET
H2 200 br-security.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 582 B
412 B 32ms
31ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-security.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77cae94a7e537c0db16b9aeff1c398cf3c3b60793db860ce9e066e1ff78da769

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-246"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e85f33-SIN

GET
H2 200 br-speed.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 790 B
577 B 24ms
23ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-speed.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b7539efc6c32dd74ae600248814fa1495d4a84486f11a068071b51151a74b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-316"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59ea5f33-SIN

GET
H2 200 br-privacy.svg
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 1 KB
749 B 26ms
25ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-privacy.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14106bb4fc3f72c67fdb98dd8f1112c1b41cf435ee17a2aa2901696f217788df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 24163
etag: W/"662bba63-4c3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59eb5f33-SIN

GET
H2 200 multiple-devices-home-work-family.webp
s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/ 20 KB
20 KB 40ms
39ms Image
image/webp 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/multiple-devices-home-work-family.webp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d27870a407c62a6267216d8161bd8eae4a7df9e9bf9dcf462e810edd3aedcf87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 08:40:23 GMT
server: cloudflare
age: 12831
etag: "63a02377-4f1e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
accept-ranges: bytes
cf-ray: 8a22c82e59ec5f33-SIN
content-length: 20254

GET
H2 200 br-speed.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 790 B
0 0ms
0ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-speed.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b7539efc6c32dd74ae600248814fa1495d4a84486f11a068071b51151a74b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-316"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59ea5f33-SIN

GET
H2 200 br-speed.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 790 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-speed.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55b7539efc6c32dd74ae600248814fa1495d4a84486f11a068071b51151a74b6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-316"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59ea5f33-SIN

GET
H2 200 br-privacy.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 1 KB
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-privacy.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14106bb4fc3f72c67fdb98dd8f1112c1b41cf435ee17a2aa2901696f217788df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 24163
etag: W/"662bba63-4c3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59eb5f33-SIN

GET
H2 200 br-privacy.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 1 KB
0 3ms
3ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-privacy.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14106bb4fc3f72c67fdb98dd8f1112c1b41cf435ee17a2aa2901696f217788df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 24163
etag: W/"662bba63-4c3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59eb5f33-SIN

GET
H2 200 br-streaming.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 358 B
0 0ms
0ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-streaming.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340726ee9a30a4d93e6ec3a73ad2c417f34a6c68411de6027fd5e5206ef54dad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-166"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e65f33-SIN

GET
H2 200 br-streaming.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 358 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-streaming.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340726ee9a30a4d93e6ec3a73ad2c417f34a6c68411de6027fd5e5206ef54dad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-166"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e65f33-SIN

GET
H2 200 br-security.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 582 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-security.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77cae94a7e537c0db16b9aeff1c398cf3c3b60793db860ce9e066e1ff78da769

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-246"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e85f33-SIN

GET
H2 200 br-security.svg Show response
s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/ 582 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.2246.0/images/global/icons/24/br-security.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77cae94a7e537c0db16b9aeff1c398cf3c3b60793db860ce9e066e1ff78da769

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Apr 2024 14:29:55 GMT
server: cloudflare
age: 14467
etag: W/"662bba63-246"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82e59e85f33-SIN

GET
H2 200 laptop-mobile.svg
s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/ 824 B
522 B 24ms
24ms Image
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/laptop-mobile.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a9e8aa8227bb3efec6beb1525c8a63488c63fe321fdbcd040617fec3599d67

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 08:40:23 GMT
server: cloudflare
age: 4141
etag: W/"63a02377-338"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82f2a765f33-SIN

GET
H2 200 laptop-mobile.svg Show response
s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/ 824 B
0 0ms
0ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/laptop-mobile.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a9e8aa8227bb3efec6beb1525c8a63488c63fe321fdbcd040617fec3599d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 08:40:23 GMT
server: cloudflare
age: 4141
etag: W/"63a02377-338"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82f2a765f33-SIN

GET
H2 200 laptop-mobile.svg Show response
s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/ 824 B
0 1ms
1ms Fetch
image/svg+xml 104.16.155.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.nordcdn.com/nordvpn/media/1.1782.0/images/br/laptop-mobile.svg

Requested by

Host: s1.nordcdn.com
URL: https://s1.nordcdn.com/nordvpn/3.1055.0/js/base.min.js?ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.155.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a9e8aa8227bb3efec6beb1525c8a63488c63fe321fdbcd040617fec3599d67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 12 Jul 2024 17:34:04 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Dec 2022 08:40:23 GMT
server: cloudflare
age: 4141
etag: W/"63a02377-338"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=16070400, immutable
cf-ray: 8a22c82f2a765f33-SIN

POST
H2 204 collect
analytics.google.com/g/ 0
0 15ms
13ms Fetch
text/plain 216.239.36.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-LEXMJ1N516&gtm=45je4790v874252800za200&_p=1720805641714&gcs=G111&gcd=13t3t3t3t5&npa=0&dma=0&tag_exp=0&cid=107347749.1720805642&ul=en-sg&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sid=1720805642&sct=1&seg=0&dl=https%3A%2F%2Ffortunega.cfd%2F&dt=Buy%20NordVPN%2C%20get%20a%20special%20gift%20%7C%20NordVPN&_s=3&tfd=6110&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LEXMJ1N516
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://fortunega.cfd/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 12 Jul 2024 17:34:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fortunega.cfd
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d.nordvpn.com
URL: https://d.nordvpn.com/1/cc

Domain: nordvpn.com
URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Domain: nordvpn.com
URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Domain: nordvpn.com
URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Domain: nordvpn.com
URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Domain: nordvpn.com
URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data

Domain: d.nordvpn.com
URL: https://d.nordvpn.com/1/cc

Domain: d.nordvpn.com
URL: https://d.nordvpn.com/1/cc

Domain: d.nordvpn.com
URL: https://d.nordvpn.com/1/cc

Domain: d.nordvpn.com
URL: https://d.nordvpn.com/1/cc

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fortunega.cfd/	1970-01-21 02:22:10	Name: FirstSession Value: source%3D(direct)%26campaign%3D(direct)%26medium%3D(none)%26term%3D%26content%3D%26hostname%3Dfortunega.cfd%26date%3D20240712%26query%3Dnull
.fortunega.cfd/	1970-01-21 02:22:10	Name: CurrentSession Value: source%3D(direct)%26campaign%3D(direct)%26medium%3D(none)%26term%3D%26content%3D%26hostname%3Dfortunega.cfd%26date%3D20240712%26query%3Dnull
.fortunega.cfd/	1970-01-21 07:36:05	Name: consent Value: {%22functionality_storage%22:%22granted%22%2C%22analytics_storage%22:%22granted%22%2C%22ad_storage%22:%22granted%22%2C%22ad_user_data%22:%22granted%22%2C%22ad_personalization%22:%22granted%22%2C%22action%22:%22accepted%22}
.nordcdn.com/	1970-01-20 22:00:07	Name: __cf_bm Value: qeJa_uKwWoQ.bKGYizKc6SqQZ6md1UOHjEkXGlrPTFg-1720805642-1.0.1.1-23Qt4d4atynKTbSNkLkaFreEvKJI7wBI7abfvR6EwdIeC9BPQchFb7XwcwfV6Zj7y20_QCHNmQ_vwj7y35WBlA
.fortunega.cfd/	1970-01-21 00:09:41	Name: _gcl_au Value: 1.1.59291205.1720805642
.fortunega.cfd/	1970-01-21 07:36:05	Name: nv_tri Value: TC_9426412760612424_1720805642154
.nordvpn.com/	1970-01-20 22:00:07	Name: __cf_bm Value: Sf0lKhuAfJ8iioM213wzl8lf9PU9B_h8QmdmGoSb74g-1720805642-1.0.1.1-83_GqYbjFODOYQ2MegwOabB4AtT1XJmh8qifGJ.7qtKc1rLjaYE_VpLSNNIdHvxNqwyaoPMUWKTz1HDwnOdTfyCVh.KiL82EheIPecCiAgE
.fortunega.cfd/	1970-01-21 06:45:41	Name: nc Value: 1720840406566
.fortunega.cfd/	1970-01-20 22:10:10	Name: font-css-en Value: true
.fortunega.cfd/	1970-01-21 07:36:05	Name: _ga Value: GA1.2.107347749.1720805642
.fortunega.cfd/	1970-01-20 22:01:32	Name: _gid Value: GA1.2.616526849.1720805643
.fortunega.cfd/	1970-01-20 22:00:05	Name: _gat_gtag_UA_42858496_1 Value: 1
.fortunega.cfd/	1970-01-21 07:36:05	Name: nv_trs Value: 1720805642155_1720805643369_1_5
.fortunega.cfd/	1970-01-21 07:36:05	Name: _ga_LEXMJ1N516 Value: GS1.1.1720805642.1.0.1720805643.59.0.0
.doubleclick.net/	1970-01-21 02:19:17	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:43:17	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 07:36:05	Name: IDE Value: AHWqTUneNdw6Nw88R7M8hu_Qiv1YhRjwSn9AaPJ9Unwz_q17pKViymEAwQXIEuqX
.adsrvr.org/	1970-01-21 06:45:41	Name: TDID Value: 5f86b53e-a320-48e3-a573-5f8a2603f5a9
.rubiconproject.com/	1970-01-21 06:45:41	Name: audit_p Value: 1\|pCeqUm2dQO/eO2u/+dXzzeVprEd5C5I7Hqf6/zz+icVluNk/AW+U62eyVlhA8Dps/t3Mz+PUeUyM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLti0m5g1yaM4F+BeMEw3R1j9dUURgdhM1HPMHp6MaM46COMnEsj/eXWIEGeddyuSgNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 06:45:41	Name: khaos Value: LYIZ916T-3-FWZJ
.rubiconproject.com/	1970-01-21 06:45:41	Name: khaos_p Value: LYIZ916T-3-FWZJ
.rubiconproject.com/	1970-01-21 06:45:41	Name: audit Value: 1\|pCeqUm2dQO/eO2u/+dXzzeVprEd5C5I7Hqf6/zz+icVluNk/AW+U62eyVlhA8Dps/t3Mz+PUeUyM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLti0m5g1yaM4F+BeMEw3R1j9dUURgdhM1HPMHp6MaM46COMnEsj/eXWIEGeddyuSgNbOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.bidswitch.net/	1970-01-21 06:45:41	Name: tuuid Value: 97fa25d7-9357-4dfc-9dbb-e085999493c9
.bidswitch.net/	1970-01-21 06:45:41	Name: c Value: 1720805645
.bidswitch.net/	1970-01-21 06:45:41	Name: tuuid_lu Value: 1720805645
.casalemedia.com/	1970-01-21 06:45:41	Name: CMID Value: ZpFpDYsFVhwAAD0gAAxwiAAA
.casalemedia.com/	1970-01-21 00:09:41	Name: CMPS Value: 4948
.casalemedia.com/	1970-01-21 00:09:41	Name: CMPRO Value: 4948
.pubmatic.com/	1970-01-21 00:09:41	Name: KRTBCOOKIE_377 Value: 22918-5f86b53e-a320-48e3-a573-5f8a2603f5a9&KRTB&22926-5f86b53e-a320-48e3-a573-5f8a2603f5a9&KRTB&23031-5f86b53e-a320-48e3-a573-5f8a2603f5a9
.pubmatic.com/	1970-01-20 22:43:17	Name: PugT Value: 1720805645
.adsrvr.org/	1970-01-21 06:45:41	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI0ISPttuokT0QBRIWCgdydWJpY29uEgsIwq6PttuokT0QBRIYCgliaWRzd2l0Y2gSCwiOsY6826iRPRAFEhUKBmNhc2FsZRILCJaazMLbqJE9EAUSFwoIcHVibWF0aWMSCwje9OLD26iRPRAFGAUgASgDMgsIwMXl8PGokT0QBUIPIg0IARIJCgV0aWVyMhABWgdjeWZwbXRzYAE.

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fortunega.cfd/wp-content/plugins/combine-css/css.php%3Ftoken=087ff7d50cef5b7996e173f0dba52cd3&ver=2.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fortunega.cfd/wp-content/plugins/popups-plugin/dist/compiled.min.js%3Fver=3.31.0 Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://fortunega.cfd/ Message: Access to resource at 'https://d.nordvpn.com/1/cc' from origin 'https://fortunega.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.nordvpn.com/1/cc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to fetch at 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' from origin 'https://fortunega.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to fetch at 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' from origin 'https://fortunega.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to fetch at 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' from origin 'https://fortunega.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to fetch at 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' from origin 'https://fortunega.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to resource at 'https://d.nordvpn.com/1/cc' from origin 'https://fortunega.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.nordvpn.com/1/cc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to resource at 'https://d.nordvpn.com/1/cc' from origin 'https://fortunega.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.nordvpn.com/1/cc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to resource at 'https://d.nordvpn.com/1/cc' from origin 'https://fortunega.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.nordvpn.com/1/cc Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to XMLHttpRequest at 'https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data' from origin 'https://fortunega.cfd' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://nordvpn.com/wp-admin/admin-ajax.php?action=get_user_info_data Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://fortunega.cfd/ Message: Access to resource at 'https://d.nordvpn.com/1/cc' from origin 'https://fortunega.cfd' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://d.nordvpn.com/1/cc Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12123059.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
cm.nordvpn.com
d.nordvpn.com
fortunega.cfd
googleads.g.doubleclick.net
ic.nordcdn.com
nordvpn.com
s1.nordcdn.com
sb.nordcdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.com.sg
www.googletagmanager.com
d.nordvpn.com
nordvpn.com
104.16.155.111
104.16.156.111
104.19.159.190
142.251.12.101
142.251.12.104
142.251.175.148
142.251.175.97
216.239.36.181
3.165.102.31
35.213.151.141
74.125.130.156
74.125.130.94
74.125.200.157
74.125.68.149
088d6f049a32540aa74df435e99db9bc7e8e91487545bdb2a783bd5e433d05aa
08af08fc2309d58ca9de310b70933b48c4ddb40af7d034aab4b66fb12de4b1b0
0f3ddfe69fc4b56e22639b5159b327592e9db7e394f9be71c022cfc8630b4e41
13641c0db64b833896bbbf48983903b64301f7e2ca3e4ff63b84980f5359ef37
14106bb4fc3f72c67fdb98dd8f1112c1b41cf435ee17a2aa2901696f217788df
18e975fd6a51e0dac52a4538bc5cc7af7d22255a5038fd4b56ccc69c0a1783a4
20a9e8aa8227bb3efec6beb1525c8a63488c63fe321fdbcd040617fec3599d67
2c0bd270fba08b2f077cc9f9a22ac5126c8f9c416ff237f95670481e95c2462b
2c78fb1324ee428f6cf9dcd3330963849b7723e4e73ca40de97642adb75ce987
332e18a0158996ec2bcbd37608f244a7468a8c4a0a973f0a5776f74c0819f10d
340726ee9a30a4d93e6ec3a73ad2c417f34a6c68411de6027fd5e5206ef54dad
38d18d8c6ab204062eedcb2980b6bfe059578f042c81bd0a17599853a5dd9cc4
3a52bc77230c76e062f677dab9df1617fbc268c9bc01834e646341e42e8bea47
3ae8ab2e206a315924f20b1981eb51d3de3f4a69dfb86ff327a1169e86378e56
40abddd42f393c08af686e357134bcaf09aab1d092e605e3f544227c5a92c326
428cf1a8dc0d1063a7576688d547bf7ebc70aee941fc033c659173da0d4293e4
4322df8afb846e0ccbd29b3e695b19c50d3c8a8c459426f3540ac211f151ea79
55b7539efc6c32dd74ae600248814fa1495d4a84486f11a068071b51151a74b6
5d951c24cbd0538a72f538938e5e7312eb33c33f3bd5a7f00a754d2d02fcf9b4
613cc5339598550454ff331c21011b8de212e3e13feb61c6b53a1f5a6fff87c9
61d2bf3aa4b939301a3046a5ec9aca05533dd7091342a36afe2b321886cd0c8a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68aa7af6dd952d1f69cbebe4ce991f71982ac1bc84829057b99c111bad51462b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8bc9de71ac491de9aede82ade0edbba45010255a313ea8a3d766911f916590
7708fdab2e1d8b28eada4f725330b470fec191dcbd5ccacca36637e2c1c26ddd
77cae94a7e537c0db16b9aeff1c398cf3c3b60793db860ce9e066e1ff78da769
7ad20dd36cacac4881b1c436c1371889716db9d3f4aa68ad75ae271338cd4c5d
7d76fadf5cde6b15aafe675811da5e9818f61f023e2c5c9fe406261417ba4a5c
7d8e273c17d886307812a40d6a50bd7067bbff5c75d5c58efce7fd1b9b416943
7ddcc8a6c7c1c54a5ce8f04b867237ac36f82587661d0c6573439a23ea8e19d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cb11121d11acdd86ea6aaef1a8bcab023686e36bfac23057b0a484f9344990
865d1c66035ca4c25cc6376d21c80f857705f43d6f073949f33c456e0cef8870
8cdfab45d7832a865d990f47a4c0d3e7e834a52f0d6402abb62697ed48e2fa30
94a05dc50d0ff45db2b1ed4e3dbb12804d258c2d4a42cd2d2f236c03c989eb3e
9cd46bd882ff69696adb5cf7d4efba4fde6068e5265a58c019c1574751087a62
b9ee96cae1fa9b39337d325b8d9d8df3fef43cc2db6560592f7c78306059e303
ba8d3bc86cfeb01c383756c7e9ce1047457199493d27da9508fb12456dcb3360
bcbe084dfc60c411fc66f77bbdc3f734571d4b10dc08c92237f1626c467ccfa3
c6e54586ac6f5a71f0d30cea44f53aa5b16055c4aaecff1b48817730e478492f
c9506bb264d14f527b9600067d017459e3fac5e649ece791708eec92ac6ffadc
d23cbff70dd4a68416bff0bb406a57ddfb40dbce28e2eb9baa9957d2a841c1a6
d27870a407c62a6267216d8161bd8eae4a7df9e9bf9dcf462e810edd3aedcf87
d623a1abfb907b9e6d3bbf319444d5b6e2b7c02c9494d53e175ffb70a1775a3e
dde8250b4d2bfd58fe5074ee121f09d4ae6c617743fe1e6b78f5ede1cc627a9b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec66c53ed872997945bf785b2d0c66d8fde1837ff95aa2233ca2c752ab6665
ebdeccfce8d201034e2fcfc93020e9ffac48070d7b45c7e2d7755ac712f48de5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe1ed189a373a0883b3dbafba64f37cc3664b2fcb797a091f03a5e2c13da4372

fortunega.cfd Open in urlscan Pro 35.213.151.141 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

97 Requests

89 %HTTPS

0 %IPv6

8 Domains

16 Subdomains

15 IPs

3 Countries

1632 kBTransfer

3350 kBSize

31 Cookies

27 Outgoing links

Page URL History

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fortunega.cfd Open in urlscan Pro
35.213.151.141 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

89 %
HTTPS

0 %
IPv6

8
Domains

16
Subdomains

15
IPs

3
Countries

1632 kB
Transfer

3350 kB
Size

31
Cookies

97 HTTP transactions
4 data transactions