Submitted URL: http://dpcw.link/ZRkruu
Effective URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Submission: On July 21 via manual from CO — Scanned from DE

Summary

This website contacted 18 IPs in 4 countries across 16 domains to perform 114 HTTP transactions. The main IP is 2606:4700::6812:fbc, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mrfortune.com.
TLS certificate: Issued by GTS CA 1P5 on May 24th 2023. Valid for: 3 months.
This is the only time www.mrfortune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 138.197.192.24 14061 (DIGITALOC...)
1 1 35.234.86.61 396982 (GOOGLE-CL...)
19 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.120.195.249 396982 (GOOGLE-CL...)
12 18.130.199.159 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 146.75.118.49 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
6 2400:52e0:1e0... 200325 (BUNNYCDN)
5 2a06:98c1:312... 13335 (CLOUDFLAR...)
31 2600:9000:26d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.65.44 54113 (FASTLY)
2 2001:4860:480... 15169 (GOOGLE)
8 157.245.25.14 14061 (DIGITALOC...)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
2 34.117.177.207 396982 (GOOGLE-CL...)
2 141.226.228.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
114 18
Apex Domain
Subdomains
Transfer
31 ctfassets.net
images.ctfassets.net — Cisco Umbrella Rank: 3501
1 MB
19 mrfortune.com
www.mrfortune.com
626 KB
18 optimonk.com
onsite.optimonk.com — Cisco Umbrella Rank: 43130
cdn-account.optimonk.com — Cisco Umbrella Rank: 42782
front.optimonk.com — Cisco Umbrella Rank: 23287
gs-cdn.optimonk.com — Cisco Umbrella Rank: 28424
jfapiprod.optimonk.com — Cisco Umbrella Rank: 25719
cdn-asset.optimonk.com — Cisco Umbrella Rank: 42730
cdn-renderer.optimonk.com — Cisco Umbrella Rank: 51453
editor-upload-cdn.optimonk.com — Cisco Umbrella Rank: 53195
342 KB
12 multbrand.com
gateway.multbrand.com
4 KB
9 gstatic.com
fonts.gstatic.com
172 KB
6 contentful.com
cdn.contentful.com — Cisco Umbrella Rank: 9102
191 KB
5 ukliveagent.com
ukliveagent.com
232 KB
4 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 848
trc.taboola.com — Cisco Umbrella Rank: 608
trc-events.taboola.com — Cisco Umbrella Rank: 1870
21 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3749
onesignal.com — Cisco Umbrella Rank: 1349
73 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1771
310 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 69
146 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 74
1 KB
1 cs3api.com
api-mrfortune.cs3api.com
2 KB
1 sentry.io
o273612.ingest.sentry.io
292 B
1 ohmypartners.com
go.ohmypartners.com
619 B
1 dpcw.link
dpcw.link
189 B
114 16
Domain Requested by
31 images.ctfassets.net www.mrfortune.com
19 www.mrfortune.com www.mrfortune.com
12 gateway.multbrand.com www.mrfortune.com
9 fonts.gstatic.com fonts.googleapis.com
8 front.optimonk.com www.mrfortune.com
front.optimonk.com
6 cdn.contentful.com www.mrfortune.com
5 ukliveagent.com www.mrfortune.com
ukliveagent.com
2 trc-events.taboola.com www.mrfortune.com
2 editor-upload-cdn.optimonk.com
2 cdn-asset.optimonk.com front.optimonk.com
2 jfapiprod.optimonk.com gs-cdn.optimonk.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com www.mrfortune.com
www.googletagmanager.com
2 cdn.onesignal.com www.mrfortune.com
cdn.onesignal.com
1 fonts.googleapis.com front.optimonk.com
1 cdn-renderer.optimonk.com front.optimonk.com
1 trc.taboola.com cdn.taboola.com
1 gs-cdn.optimonk.com www.mrfortune.com
1 cdn-account.optimonk.com www.mrfortune.com
1 cdn.taboola.com www.googletagmanager.com
1 api-mrfortune.cs3api.com www.mrfortune.com
1 onsite.optimonk.com www.mrfortune.com
1 onesignal.com cdn.onesignal.com
1 o273612.ingest.sentry.io www.mrfortune.com
1 go.ohmypartners.com 1 redirects
1 dpcw.link 1 redirects
114 26

This site contains links to these domains. Also see Links.

Domain
go.ohmypartners.com
www.gamblersanonymous.org
authorisation.mga.org.mt
ukliveagent.com
Subject Issuer Validity Valid
mrfortune.com
GTS CA 1P5
2023-05-24 -
2023-08-22
3 months crt.sh
ingest.sentry.io
DigiCert TLS RSA SHA256 2020 CA1
2022-07-28 -
2023-08-28
a year crt.sh
clientgateway.ms.multbrand.com
R3
2023-06-18 -
2023-09-16
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-03 -
2024-05-02
a year crt.sh
cdn.contentful.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-01 -
2024-08-01
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
onsite.optimonk.com
R3
2023-06-19 -
2023-09-17
3 months crt.sh
images.ctfassets.net
Amazon RSA 2048 M01
2023-02-28 -
2024-02-16
a year crt.sh
cs3api.com
E1
2023-05-25 -
2023-08-23
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
cdn-account.optimonk.com
R3
2023-06-19 -
2023-09-17
3 months crt.sh
*.optimonk.com
AlphaSSL CA - SHA256 - G4
2023-06-12 -
2024-07-13
a year crt.sh
gs-cdn.optimonk.com
R3
2023-07-20 -
2023-10-18
3 months crt.sh
jfapiprod.optimonk.com
GTS CA 1D4
2023-07-20 -
2023-10-18
3 months crt.sh
cdn-asset.optimonk.com
R3
2023-07-20 -
2023-10-18
3 months crt.sh
cdn-renderer.optimonk.com
R3
2023-06-11 -
2023-09-09
3 months crt.sh
editor-upload-cdn.optimonk.com
R3
2023-07-20 -
2023-10-18
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Frame ID: 1EA81AB2B35A911F6E0200846D67F4DE
Requests: 100 HTTP requests in this frame

Frame: https://ukliveagent.com/chatserver/js/bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
Frame ID: 744FD82C748D0621D09977926C7152F4
Requests: 4 HTTP requests in this frame

Frame: https://cdn-renderer.optimonk.com/ssr/138466/64ad52eeb8a8700023aac010.html?v=1689083280
Frame ID: A8BFEED0CE9D77424A7957B120503508
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Mr Fortune Casino

Page URL History Show full URLs

  1. http://dpcw.link/ZRkruu HTTP 302
    https://go.ohmypartners.com/visit/?bta=37369&nci=6273&utm_campaign=s217232330 HTTP 302
    https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

114
Requests

100 %
HTTPS

55 %
IPv6

16
Domains

26
Subdomains

18
IPs

4
Countries

3069 kB
Transfer

7816 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dpcw.link/ZRkruu HTTP 302
    https://go.ohmypartners.com/visit/?bta=37369&nci=6273&utm_campaign=s217232330 HTTP 302
    https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

114 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request signup
www.mrfortune.com/
Redirect Chain
  • http://dpcw.link/ZRkruu
  • https://go.ohmypartners.com/visit/?bta=37369&nci=6273&utm_campaign=s217232330
  • https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
24 KB
6 KB
Document
General
Full URL
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed5f02190d9478356ec2c23fa78883695609fb80fb70f6dea8424e08ae423ad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=0, s-maxage=600
cf-cache-status
DYNAMIC
cf-ray
7ea6b56ad9cc193f-FRA
content-encoding
br
content-type
text/html
date
Fri, 21 Jul 2023 21:59:01 GMT
last-modified
Wed, 19 Jul 2023 16:59:58 GMT
server
cloudflare

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
3
Content-Type
application/octet-stream
Date
Fri, 21 Jul 2023 21:59:01 GMT
Server
rhino-core-shield
X-Cache-Status
MISS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
location
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
pragma
no-cache
referer
surrogate-control
no-store
runtime.5ec6bd6239fecaab.js
www.mrfortune.com/
4 KB
2 KB
Script
General
Full URL
https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b949373786a52852d45682cd4c9aebd376c74dc1dd289a0d4250841645bee8fc

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:01 GMT
mac
2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-103f"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56bdafb193f-FRA
polyfills.4bc3fdb9628ee953.js
www.mrfortune.com/
99 KB
36 KB
Script
General
Full URL
https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2dc34827ba7b01034184de8095c53987fcba028756db7873470d706403819b1

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:01 GMT
mac
2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-18cea"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56bdb02193f-FRA
main.38b9ab77f4098d44.js
www.mrfortune.com/
2 MB
466 KB
Script
General
Full URL
https://www.mrfortune.com/main.38b9ab77f4098d44.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4798c7102fdfb85069c323602dc705746763ae82217bc78eb79994b773dc67e8

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:01 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-1bf3da"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56bdb08193f-FRA
styles.89fab194fd0d67dd.css
www.mrfortune.com/
35 KB
6 KB
Stylesheet
General
Full URL
https://www.mrfortune.com/styles.89fab194fd0d67dd.css
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff9cc6c0c145d9ce6e4a02bd6a82d8eecac49bcfd95271f6fa24a241905973d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:01 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-8c58"
vary
Accept-Encoding
content-type
text/css
cf-ray
7ea6b56beb0d193f-FRA
dynamic-config.json
www.mrfortune.com/
7 KB
2 KB
XHR
General
Full URL
https://www.mrfortune.com/dynamic-config.json
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be2b0f24f87d23246253cab77041c0f3bbf10707e7375a732817663fa4914549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:58 GMT
server
cloudflare
etag
W/"64b8168e-1a5d"
vary
Accept-Encoding
content-type
application/json
cache-control
public, max-age=0, s-maxage=600
cf-ray
7ea6b56e5ddc193f-FRA
/
o273612.ingest.sentry.io/api/6690662/envelope/
2 B
292 B
Fetch
General
Full URL
https://o273612.ingest.sentry.io/api/6690662/envelope/?sentry_key=68170b477051442a8cb85431ce7d00a4&sentry_version=7&sentry_client=sentry.javascript.angular%2F7.56.0
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
357.d865bb9f32913c43.js
www.mrfortune.com/
11 KB
3 KB
Script
General
Full URL
https://www.mrfortune.com/357.d865bb9f32913c43.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1f0df802637edbbbaaa866c311a6c926603e3b89c012ca321f55023429628d1

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-2caa"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56fe841193f-FRA
common.1c62c6108963a4e8.js
www.mrfortune.com/
46 KB
11 KB
Script
General
Full URL
https://www.mrfortune.com/common.1c62c6108963a4e8.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b809668416d6c92b39c3dec9f80c4fe20864550f9ae68b82ccf20aec8546cf62

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-b798"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56fe842193f-FRA
733.030529ceef1cb546.js
www.mrfortune.com/
37 KB
9 KB
Script
General
Full URL
https://www.mrfortune.com/733.030529ceef1cb546.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd8db0d85b8af8b3acd6fdc0a92bcca08e2b843dc8aaed94132149a4cafeb8d

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-94c1"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b56fe844193f-FRA
jost-latin-400-normal.ddf691de5ff05c7f.woff2
www.mrfortune.com/
9 KB
9 KB
Font
General
Full URL
https://www.mrfortune.com/jost-latin-400-normal.ddf691de5ff05c7f.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a25da21fa46f9ef2ca9d169f57fbf9f605c976f9dfe924a27706900dc3228a8b

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-2344"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b56fe846193f-FRA
content-length
9028
248.b461d4491f54f199.js
www.mrfortune.com/
28 KB
6 KB
Script
General
Full URL
https://www.mrfortune.com/248.b461d4491f54f199.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bed0434e67cad096c406819fb888398c84f45519814a26ff73c271f2dc49cfd

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-6e13"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b570d934193f-FRA
548.f33f3b5ad80a27ca.js
www.mrfortune.com/
84 KB
18 KB
Script
General
Full URL
https://www.mrfortune.com/548.f33f3b5ad80a27ca.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
215f98683ed4b89ca3c75ba91c7382157be2ecdcb179dbc6796696dd89fdfb79

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-1502f"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b570d935193f-FRA
5010
gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/5010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
e36053f2-972b-4b85-8d6f-5d5bf3b75c89
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
e46053f2-972b-4b85-8d6f-5d5bf3b75c89
5010
gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/5010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
fb637bc4-230b-45f9-9b6e-ada56b162351
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
fa637bc4-230b-45f9-9b6e-ada56b162351
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/main.38b9ab77f4098d44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2136
etag
W/"841a8834d1e8a6a8a6de9933a13d2b34"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ea6b571f94a1cb7-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 24 Jul 2023 21:59:02 GMT
5010
gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/
90 B
119 B
XHR
General
Full URL
https://gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/5010
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
f5dc3572e8d9ee7c5ec2dc1060eb38d5903a7b42f340d22757ed082da94ecf88

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
90
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/
2 KB
457 B
XHR
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
c5c4e8bea13813a07cbeca0a5dc3c78c58f9cbbc32bf3b2825308e80b3ef8ab2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
427
5010
gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/
90 B
122 B
XHR
General
Full URL
https://gateway.multbrand.com/gateway/currencies/1.30.00/currencyByIP/5010
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
f5dc3572e8d9ee7c5ec2dc1060eb38d5903a7b42f340d22757ed082da94ecf88

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
90
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/
2 KB
574 B
XHR
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
c5c4e8bea13813a07cbeca0a5dc3c78c58f9cbbc32bf3b2825308e80b3ef8ab2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
427
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2136
etag
W/"22f7e3545bf8cba3cac43d34db3357ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7ea6b57219831cb7-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 24 Jul 2023 21:59:02 GMT
web
onesignal.com/api/v1/sync/6ab11681-1b42-4f55-9f4d-9477325fcc4e/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/6ab11681-1b42-4f55-9f4d-9477325fcc4e/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151603
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dfab054877129f52af4f78d980c0c77b344ac09c2f714a04d9b09e588515175
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
df1dd63e-5e20-48ad-96bd-0425d9e8620c
x-runtime
0.035766
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"3dfab054877129f52af4f78d980c0c77"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7ea6b57269ea1cb7-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 21 Jul 2023 22:59:02 GMT
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/ Frame
0
0
Preflight
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_brand_0_0&content_type=contentSection&locale=en-US&include=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
0
date
Fri, 21 Jul 2023 21:59:03 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
734, 0
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
e37d0d05-f3d6-419e-92f5-df52544c144c
x-served-by
cache-ewr18140-EWR, cache-fra-eddf8230076-FRA
x-timer
S1689976743.921366,VS0,VE86
618.47826e794af0eab9.js
www.mrfortune.com/
22 KB
7 KB
Script
General
Full URL
https://www.mrfortune.com/618.47826e794af0eab9.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12cde86323053a7d0cbaef09e3baf0758f42c0af5ef442840eda6c3f75b600f

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
1
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-576c"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b572fb9a193f-FRA
988.ed8098c2d2f8d79f.js
www.mrfortune.com/
42 KB
11 KB
Script
General
Full URL
https://www.mrfortune.com/988.ed8098c2d2f8d79f.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/runtime.5ec6bd6239fecaab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fbc393cbece8c3ba77fc775a7e24564e960cf33791cae04e2f45f434eb82bd1

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:02 GMT
mac
2
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
W/"64b8168d-a9d8"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7ea6b572fb9c193f-FRA
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/
72 KB
17 KB
XHR
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_brand_0_0&content_type=contentSection&locale=en-US&include=1
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
3d9a1d78ea8567a36d58346b52eba7422df75811235618faa554b14287b028c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/9.3.5; platform browser; os Windows;
Authorization
Bearer 13b47fcf96a516bc2fc63849e9569f0ae4d60f939d1a3560a36f723504e2506a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
26588
cf-organization-id
0FIl1HafqefQIlJ1Mep8Po
cf-environment-uuid
13d62953-fbdf-40d6-9a70-c01941272756
x-cache
HIT
cf-space-id
yfsnrai3uxj5
content-length
16898
x-served-by
cache-ewr18140-EWR, cache-fra-eddf8230076-FRA
x-contentful-request-id
68b7f667-21c0-418e-a297-d2068416fa05
cf-environment-id
master
server
Contentful
x-timer
S1689976743.015117,VS0,VE2
etag
W/"2622672193222046746"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
3, 1
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/ Frame
0
0
Preflight
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_variables_0_0&content_type=contentSection&locale=en-US&include=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
0
date
Fri, 21 Jul 2023 21:59:03 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
664, 0
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
7161e21a-8f78-4063-a89e-136f0be5fc81
x-served-by
cache-ewr18156-EWR, cache-fra-eddf8230076-FRA
x-timer
S1689976743.055194,VS0,VE96
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/
709 KB
130 KB
XHR
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_variables_0_0&content_type=contentSection&locale=en-US&include=10
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
db8e578b11dc2e87e52a253b75d720129e692ec40c269b3ff7b56a85eef79742
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/9.3.5; platform browser; os Windows;
Authorization
Bearer 13b47fcf96a516bc2fc63849e9569f0ae4d60f939d1a3560a36f723504e2506a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
26586
cf-organization-id
0FIl1HafqefQIlJ1Mep8Po
cf-environment-uuid
13d62953-fbdf-40d6-9a70-c01941272756
x-cache
HIT
cf-space-id
yfsnrai3uxj5
content-length
132454
x-served-by
cache-ewr18156-EWR, cache-fra-eddf8230076-FRA
x-contentful-request-id
1622b4e7-1075-450e-87ca-6188da480717
cf-environment-id
master
server
Contentful
x-timer
S1689976743.157856,VS0,VE2
etag
W/"13700216583641090845"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
18, 1
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/ Frame
0
0
Preflight
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_layout_0_0&content_type=contentSection&locale=en-US&include=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
0
date
Fri, 21 Jul 2023 21:59:03 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
655, 0
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
469d3db4-ebf1-4647-b1a7-80036dbb430f
x-served-by
cache-ewr18172-EWR, cache-fra-eddf8230076-FRA
x-timer
S1689976743.270148,VS0,VE88
entries
cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/
297 KB
44 KB
XHR
General
Full URL
https://cdn.contentful.com/spaces/yfsnrai3uxj5/environments/master/entries?fields.slug=mr-fortune-casino_content-section_layout_0_0&content_type=contentSection&locale=en-US&include=10
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
eabc27911b0c29a1dbdf8e14cfd31351ebedb6b6e3303dbb7a3341bfe49794bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/9.3.5; platform browser; os Windows;
Authorization
Bearer 13b47fcf96a516bc2fc63849e9569f0ae4d60f939d1a3560a36f723504e2506a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
26585
cf-organization-id
0FIl1HafqefQIlJ1Mep8Po
cf-environment-uuid
13d62953-fbdf-40d6-9a70-c01941272756
x-cache
HIT
cf-space-id
yfsnrai3uxj5
content-length
44254
x-served-by
cache-ewr18172-EWR, cache-fra-eddf8230076-FRA
x-contentful-request-id
d64001b3-ee03-4b9b-9ded-be81d8d9fd99
cf-environment-id
master
server
Contentful
x-timer
S1689976743.369750,VS0,VE14
etag
W/"6684308025488848582"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
19, 1
gtm.js
www.googletagmanager.com/
160 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T77HSCF
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb9b4b4bf43c10ea21b3f9da7dfa0d7ad32a9c300bc75a53445604554b8ad45e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59528
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Jul 2023 21:59:03 GMT
script.js
onsite.optimonk.com/
159 KB
50 KB
Script
General
Full URL
https://onsite.optimonk.com/script.js?account=138466
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/main.38b9ab77f4098d44.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
6f423c70f7f3f1ceed70f7210798d2cb82d726f55851514ffc8fdfde2212dc87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
1081
x-dns-prefetch-control
off
cdn-cachedat
07/21/2023 08:13:40
cdn-pullzone
950289
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"27df2-6iibK/ZcZbcIio5caH5E5+lpPkg"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control
public, max-age=180
cdn-requestid
9ba00d69bf8cd63267dc5781b25223a2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
livechat.ashx
ukliveagent.com/chatserver/
1 KB
1 KB
Script
General
Full URL
https://ukliveagent.com/chatserver/livechat.ashx?siteId=100013501
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2ad3850475479b991b2d4691f14ecf384299b57166d01d3af8a5c755c48f6e7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BS6s%2BP%2BfrHk%2FM%2FrYE6%2BFN7%2B71%2FHPuB6YcnRtNB31z3nWLESmC9Mws8ErH4mgiHeYhRezw%2Bcc5eIjIYR0VeVhaEqAaAV1jV137etD2gEkgMb26fhV1PUWhRhcmPNnUa6T3EuqN8gKiQC2khvRACk%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
cf-ray
7ea6b5771dca360f-FRA
mr-fortune-casino.svg
images.ctfassets.net/yfsnrai3uxj5/CdMkk8w2v2Nf5pBNLpYdsr/f9d0894d48b9697cf4d5eab5ce33f5b4/
37 KB
14 KB
XHR
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/CdMkk8w2v2Nf5pBNLpYdsr/f9d0894d48b9697cf4d5eab5ce33f5b4/mr-fortune-casino.svg
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5e939c8178446f29835f9968f7987a00a8d91ec47914f702cc4f8e8e7062bb76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
via
1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jul 2023 16:24:41 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
50004
etag
W/"15de336425574315c64d4edc0db8502b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
37UU1O9w_SM4-9N6JIEASkukMvD3wMZCTZrRfuq4BRI7fTLCAVf3sA==
mr-fortune-casino.svg
images.ctfassets.net/yfsnrai3uxj5/CdMkk8w2v2Nf5pBNLpYdsr/f9d0894d48b9697cf4d5eab5ce33f5b4/
37 KB
14 KB
XHR
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/CdMkk8w2v2Nf5pBNLpYdsr/f9d0894d48b9697cf4d5eab5ce33f5b4/mr-fortune-casino.svg
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5e939c8178446f29835f9968f7987a00a8d91ec47914f702cc4f8e8e7062bb76

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
via
1.1 7ad01e16cb039e6f25a50f4e294fd0ae.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jul 2023 16:24:41 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
50004
etag
W/"15de336425574315c64d4edc0db8502b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
rD2JfiDRVl8XyHiaURnYf_AGt9KV3PhM1VLXWjGa4OxMXl0Ai1j9HQ==
registration
api-mrfortune.cs3api.com/
17 KB
2 KB
XHR
General
Full URL
https://api-mrfortune.cs3api.com/registration?currency=EUR&locale=en-US&affiliateId=37369&pageSize=100&pageNumber=1
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ece7df50664b6fc6a0cf3a0a6f51ccbf172eeba280612ddcb1c94611181b13d5

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-powered-by
Express
etag
W/"4438-CAmFbZjWB+FENUK9jnld6hlKsaw"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7ea6b5773e5c9007-FRA
alt-svc
h3=":443"; ma=86400
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/
2 KB
457 B
XHR
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
c5c4e8bea13813a07cbeca0a5dc3c78c58f9cbbc32bf3b2825308e80b3ef8ab2

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
427
5010
gateway.multbrand.com/gateway/cashier/supported/currencies/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/cashier/supported/currencies/5010
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
1d6153f2-972b-4b85-8d6f-5d5bf3b75c89
tfa.js
cdn.taboola.com/libtrc/unip/1536678/
58 KB
18 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1536678/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T77HSCF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cc2446aa9f2aace47e2240299653cd19d273709c5d6f7b9f9e97dc030fcde89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id
YLZGHJuLXRpWNNNITflAq8sexKjjfSm_
content-encoding
gzip
via
1.1 varnish
date
Fri, 21 Jul 2023 21:59:03 GMT
x-amz-request-id
5G6FACSAM1HCTMDF
age
0
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
18350
x-amz-id-2
NT2hr2l1dr4whHF3riGUXQi613XpKrAizP1Nw2tKdx2WaDML70W6SIZU9kAx744puGBa9aJzw+M=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Sun, 09 Jul 2023 11:14:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1689976744.632359,VS0,VE128
etag
"e52cc8ce28de7f366e6a0822e748a314"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
js
www.googletagmanager.com/gtag/
259 KB
87 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WRVC3Z0V55&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T77HSCF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57f9669c80cffe5c3c079586f9a00316065389b295d6762dda45cb5cc5f05536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89033
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 21 Jul 2023 21:59:03 GMT
accountInfo.json
cdn-account.optimonk.com/138466/
150 B
813 B
XHR
General
Full URL
https://cdn-account.optimonk.com/138466/accountInfo.json
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
0f5e8573ea84d5023791172cd0ed8a535dd1fed45cbd32f3c757d668cd311cb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
cdn-edgestorageid
1081
cdn-storageserver
DE-383
cdn-cachedat
07/21/2023 11:36:01
cdn-pullzone
951434
last-modified
Fri, 21 Jul 2023 11:23:09 GMT
server
BunnyCDN-DE1-1081
cdn-fileserver
570
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ba6a9d-96"
x-bunnycdn-countrycode
DE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers
X-BunnyCDN-CountryCode
cache-control
public, max-age=30
cdn-requestid
df001fc85c9593055c4ae5dc7fc935ba
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/
0
256 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WRVC3Z0V55&gtm=45je37j0&_p=142604191&cid=800072899.1689976744&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689976743&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrfortune.com%2Fsignup%3Fbtag%3D37369_615806%257C%257C%257C100FS_s217232330%26bonuscode%3D100fsbbs&dt=Mr%20Fortune%20Casino&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WRVC3Z0V55&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 21:59:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mrfortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
ukliveagent.com/chatserver/js/ Frame 744F
823 KB
215 KB
Script
General
Full URL
https://ukliveagent.com/chatserver/js/bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
Requested by
Host: ukliveagent.com
URL: https://ukliveagent.com/chatserver/livechat.ashx?siteId=100013501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ce2095146d281e0bb9cd98f245bf05b69c1dbeb69ac9ec2a494e5b3254746c4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10727
x-powered-by
ASP.NET
p3p
CP="IDC DSP COR NID CUR OUR NOR"
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 05 May 2019 15:20:44 GMT
server
cloudflare
etag
W/"0ae741b563d51:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYNAhwX%2FBXzcDdV4%2FCAMbUQTYCX5YVS3nfVdZyM6nizLTOB6snv3Cl1LWhkCRJBo0%2FPGXvMVWYto5qutkqCyknKqVENgYdXKvm5tpPs3KjaHiV4BLsN05VPx8mtCJbsqEub8elHAfffHjK6Q6R4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=864000
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
cf-ray
7ea6b5780ea3360f-FRA
jost-latin-500-normal.55f17e3662014f69.woff2
www.mrfortune.com/
10 KB
10 KB
Font
General
Full URL
https://www.mrfortune.com/jost-latin-500-normal.55f17e3662014f69.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99aaa9d35986f17f4b940fdb18ad3eb19eaa6afca98f0ca60b3477c4bd0f819

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-271c"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b5787a1e193f-FRA
content-length
10012
jost-latin-ext-400-normal.40001b6d479dc26c.woff2
www.mrfortune.com/
5 KB
6 KB
Font
General
Full URL
https://www.mrfortune.com/jost-latin-ext-400-normal.40001b6d479dc26c.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
155818f342ead9e222be478069696d0d5c3ec7db6c3a3a8ba85a466d1760f048

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-15fc"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b5787a25193f-FRA
content-length
5628
jost-latin-600-normal.9a41f383b85cf7c5.woff2
www.mrfortune.com/
10 KB
10 KB
Font
General
Full URL
https://www.mrfortune.com/jost-latin-600-normal.9a41f383b85cf7c5.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2761f1c34d9535a6c31ebfdfd28eaad9c3e43af682a36cbe40aca17fbece0174

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-271c"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b578aa61193f-FRA
content-length
10012
Logo-MF-Desktop-_192x60_.svg
images.ctfassets.net/yfsnrai3uxj5/y0kQ1I59a0agwdjgSyiFDX/b6ea4a5528b43fd6f68c728e072c212c/
11 KB
5 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/y0kQ1I59a0agwdjgSyiFDX/b6ea4a5528b43fd6f68c728e072c212c/Logo-MF-Desktop-_192x60_.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
817e6df8c1615f3ed7446845cbdde75b986b4b50160c41d015df759b39cafc72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Wed, 02 Nov 2022 13:38:57 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
56310
etag
W/"2ba8fb29222927fcd9e1e8c3a1e31592"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
P1xJz-0uoCgM0zK7dRO6CQ6MWKtQ28eF3y58SDLa47znQUlqp0b_vA==
MF_Registration_Offer_Default.png
images.ctfassets.net/yfsnrai3uxj5/ASr9oJyCdFpOV00j6NuFod/ff625cecd6eb3e1c897daeb3c062134f/
23 KB
24 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/ASr9oJyCdFpOV00j6NuFod/ff625cecd6eb3e1c897daeb3c062134f/MF_Registration_Offer_Default.png?w=350&h=190&q=90&fm=webp&fit=fill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
61c09192c6eb99b465075921b69ebf39831b14ee03ee2a003a9f69536175ee07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 08:56:27 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 13:23:03 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
46956
etag
"cd1a7d56f2cb73c8c4b620a55b3a4406"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
23762
x-amz-cf-id
kLFn2I1Nlzu_uhnijBGvfe_HrU_GuZWG4EHNVLXuFBBm4T_y8IDytw==
Registration-Dialog-Background.png
images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/
180 KB
181 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/Registration-Dialog-Background.png?w=1680&h=1080&q=90&fm=webp&fit=fill
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0b95a5ded1123dcae734e37665ee8dfe339a8ba73aa94a50468b1e0e896fb881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 05:46:54 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
37887
etag
"d3ecf251ad9e3917bf1b217d1d1a4c1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
184826
x-amz-cf-id
rUkUhqrwcUunpj-g2A9BuBZrNhkB9o5hp8I8ZJNbMjCfgSh31x_NHw==
Visa.svg
images.ctfassets.net/yfsnrai3uxj5/75YTlH7eqZVWPaTMxDYWmd/48280ec094b6ae257524f0df1c414809/
1 KB
971 B
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/75YTlH7eqZVWPaTMxDYWmd/48280ec094b6ae257524f0df1c414809/Visa.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
04c69f9ef1857adaab1a2da242b12205113791abf84e2797b95c49fb1259cdf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:20:55 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
72381
etag
W/"993123a08f2fbce956ff12fe6d4b15eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
bfil66TLlC4VYWYxNZ3iw6fLQBTHqo--VhM85fqgXo5HvAjEysItmg==
payment-method-mastercard.svg
images.ctfassets.net/yfsnrai3uxj5/8F35edPdmdYY/66aacb07b12ae6d2d109a4ee04424be0/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/8F35edPdmdYY/66aacb07b12ae6d2d109a4ee04424be0/payment-method-mastercard.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
32b3b34e79b7b227677d8a2098dc516a60273ac73fd772a910c6a4cc4217c934

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 08:49:56 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
54693
etag
W/"473378720744883212f0d20b83f78046"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
hayxfqUmpOoAUq-dR4Ar_r2QYl5rNm31GSIuzOq6C7wtyTB1cs3P3w==
PIX.svg
images.ctfassets.net/yfsnrai3uxj5/2qx4KIqcKUE5xY3oO6FEww/7e441395a74658c3b5486956ace2968c/
13 KB
5 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/2qx4KIqcKUE5xY3oO6FEww/7e441395a74658c3b5486956ace2968c/PIX.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
3b436f993b3f19e834a7aea6ab6ace72f00dc5c928dce4607adf126218b940a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 05:32:41 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 10:10:33 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
59183
etag
W/"28d9df5b979087a338b2f4aa2bc12c75"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
1jvnv8QrNCBkab08g8_NsP9YxsS84IcPycwJmRCWQzzHcxU2Gn_r6A==
Trustly.svg
images.ctfassets.net/yfsnrai3uxj5/A31HzcbZMwr1/746c66f4e3f9ce2e663291d78088569e/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/A31HzcbZMwr1/746c66f4e3f9ce2e663291d78088569e/Trustly.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0e6a855d19b44af4aa403746af358833fd33c9d1f1d712382e7d85e2ca6dacae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Wed, 25 Nov 2020 15:19:43 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
67725
etag
W/"59d7ad062539bed84fb18fe525074237"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
eFbnJqo0tRAAeyey3M8uJvRfc8-QqD7gP7IHteMJZ_dDdo2YPZovBQ==
Paysafecard.svg
images.ctfassets.net/yfsnrai3uxj5/4fUOjMbBcsBeoPxS9ym2zB/79d7f4ae2273f93c0adb450279e90d2b/
4 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/4fUOjMbBcsBeoPxS9ym2zB/79d7f4ae2273f93c0adb450279e90d2b/Paysafecard.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
64e55167d667abb4e1a1d0d5f5564e955c0285edb9152fed590e65963ac68e4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 03:10:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Thu, 04 Feb 2021 11:31:59 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
67725
etag
W/"0305108e838f484bf8dcfc5f21e8227a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Kvmuf99Hq329GZNj0yCyKZdpXaAR3M02wV4jpTgh4zex-r3SCU7p6A==
Skrill.svg
images.ctfassets.net/yfsnrai3uxj5/tFaJAjEQg2Mv/a841b2508d4f242f949f4bf78dbe0a6e/
997 B
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/tFaJAjEQg2Mv/a841b2508d4f242f949f4bf78dbe0a6e/Skrill.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
b9129489104b3f5b8d30997f23e18a4041d557f38e8cb2fe52349ed5f8862275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 08:47:54 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
59169
etag
"2e188c4c8218fb25f9d1f10f14f6b1b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
997
x-amz-cf-id
tlhnjHUy-lCFipZAIZb39Mkh7S1Fy59ZPBRruABGxEXwInACf4GeJQ==
Neteller.svg
images.ctfassets.net/yfsnrai3uxj5/kojMX9slLE63/dfee6aa4d2fe4d0d423570e92a5b2d7e/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/kojMX9slLE63/dfee6aa4d2fe4d0d423570e92a5b2d7e/Neteller.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
98bca1dcc379875200b488bb664ce7844536e9968784e95ff0de3263c64a4b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 08:49:53 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
69722
etag
W/"aeb289cc95d65654b0fc233da72fe42f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
WGik_hgtuyvH6iM6aCmSCKrKgtXgJasbt0LPLUPnduK8DYluBxTKkQ==
EcoPayz.svg
images.ctfassets.net/yfsnrai3uxj5/AQqkq3eGG3qR/b074b91504f27c71a67c32dd3996d823/
5 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/AQqkq3eGG3qR/b074b91504f27c71a67c32dd3996d823/EcoPayz.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
ec64ab79ca6723cb91aae735889b57bfa72221fb3c08d5d5974f79e124489a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 05:58:06 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 08:49:55 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
57658
etag
W/"02be7f132298e37ee073f9d1c75d0461"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
O2ccL3BuyLJofpUA-LbY9RTsEfgAk4rpfy-Y7Wg1VMqGeX-MkMisgg==
Jeton.svg
images.ctfassets.net/yfsnrai3uxj5/3uZWalAOdu74llGzXJAhln/90d2e8930d1b12050f9278df47d7f6f6/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/3uZWalAOdu74llGzXJAhln/90d2e8930d1b12050f9278df47d7f6f6/Jeton.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
43dacf93cc6165db78740a20baadf4ce6b3ceecd775c78b577bd20f109d6ccaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 00:58:02 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 14 May 2021 12:53:21 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
75662
etag
W/"4d714539ee1046320c4f9518335bbf32"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
aZIV07iHYvULncmjTVrpHrzo744Y6KO5qgBNYtg5FMrAETscb7nWFg==
Neosurf.svg
images.ctfassets.net/yfsnrai3uxj5/3LcR5AYmowFcItE9hRrae9/b2cdd95a23495bb932e091447c964aeb/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/3LcR5AYmowFcItE9hRrae9/b2cdd95a23495bb932e091447c964aeb/Neosurf.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
c8e6f1bd9e8739c4787eeaf0ac5fd775f979853513be9b294835ab7659152003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 05 Feb 2021 09:31:21 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
64107
etag
W/"6f9ef2901905e8c0d4f70cc0d59f261a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
TStpiTItywF5MJrN2-61xgRRX4fYMMdWpNrz_msGozg719GJV70bqg==
Flexepin.svg
images.ctfassets.net/yfsnrai3uxj5/3xtokzZIHnP08AHpgLBcZ1/512e0859760bc2726fcf84b851ae00ee/
1 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/3xtokzZIHnP08AHpgLBcZ1/512e0859760bc2726fcf84b851ae00ee/Flexepin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a46a9e99a5c5d78e1d9110ea776df8411c90e9ab9f652970494e46ca228fbd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 05 Feb 2021 09:32:15 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
54693
etag
W/"fa408b3235809abc0665293933315a06"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
QRnVgzBjQVuvh1qBoRe0coxqh8ksdjo5B0pz1OF6VsH9GXGvvi_jzA==
astropay-white.svg
images.ctfassets.net/yfsnrai3uxj5/2J1HYsf9EinJJkUSkrAkez/58d6f2af47908f98073c09c3c11252c5/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/2J1HYsf9EinJJkUSkrAkez/58d6f2af47908f98073c09c3c11252c5/astropay-white.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
597e02bda147337413dadebfccf1b8d558b94107a44db1784a474fa3c40d97c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 08:27:06 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
59835
etag
W/"e2c6caa1f690de9880bab60f2b1d4356"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
DDop5EbrpURYZpc--u0sxdFV26aRpdFP2ZfYkOA0w72OlR7COYHgJQ==
JCB.svg
images.ctfassets.net/yfsnrai3uxj5/3Hp2ZiyS9L79ExDBRewoGL/e09ff40b05bc187787c341f6a349f964/
3 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/3Hp2ZiyS9L79ExDBRewoGL/e09ff40b05bc187787c341f6a349f964/JCB.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
dcc8a173e3a77e09b61db0921d3430536982fa16dd162d28731fa1bcd0eda0ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Sat, 02 Oct 2021 05:35:37 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
61044
etag
W/"d0d5d19efdd6d9a1a0de9298ca6c4f38"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
bkHB7oc7iz4VW3kai6yMdI2tedERMthmiHYtYti400Rvxn3_Y9GSjg==
help2pay.svg
images.ctfassets.net/yfsnrai3uxj5/25cPEpDW4Bx4jmDLEzW51/71c2a62c509fe5b3e1a5c31444dc73d4/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/25cPEpDW4Bx4jmDLEzW51/71c2a62c509fe5b3e1a5c31444dc73d4/help2pay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
871e70f293164dc51b5a55aaaf0141f924e69b2deffa75dcf17b429637ae80b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:27:25 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
73464
etag
W/"2be701efc76e61abea09e60649f335f9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
jkSaPLDyngiz1DoTHPfo17rEuAGMvkmwVbUkQPhDST1odRSV9rb_-Q==
BancoEstado.svg
images.ctfassets.net/yfsnrai3uxj5/1xrHmFUxnMeSSuumwycPNV/1cbc02d609988d19b0606e7a80c6ca11/
8 KB
3 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/1xrHmFUxnMeSSuumwycPNV/1cbc02d609988d19b0606e7a80c6ca11/BancoEstado.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
4e6ca66e55ccc3882f50f610c84f62dc58620cb3ad5054727e4c33aaeb9a8ac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 08:09:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:33:10 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
49784
etag
W/"795db1a8c81cf12ba6ed819bf0ec1637"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
YtKlWPEOXfRBsjOx1IJuxLSg_APhJjoUlDZjSoRlshcwbo_FI7Bf6g==
webpay.svg
images.ctfassets.net/yfsnrai3uxj5/5WyuL1ecAKyfrnfXVrf0sv/3baa41df0041ff3adcdb146f346fa82c/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/5WyuL1ecAKyfrnfXVrf0sv/3baa41df0041ff3adcdb146f346fa82c/webpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0eb0d5a2dfef80d3acbd47040a1e0b3ebc686a91bd46105b1084fd9d23600d70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:35:01 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
66978
etag
W/"8b5c56babefacd447cb3285f20077ef9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
sxWXs8cZdxxgcdCf_V9H-vy_Koh4ZrbXfv4l6eFW_ySPyskzEwqC2A==
Paytrail.svg
images.ctfassets.net/yfsnrai3uxj5/4tkYcxLdyyqDHAl04x4JQw/42138f6a7ec9569c98e36b017215e94b/
5 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/4tkYcxLdyyqDHAl04x4JQw/42138f6a7ec9569c98e36b017215e94b/Paytrail.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
ea76d4f0f6a2950bf8560634d2a84017f6b23315e62cdac0305b1ed90e3c46ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 06:25:43 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:45:45 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
56001
etag
W/"78a4c066a7a3e71abefdb2761b6009fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
hYNrsaqg1ryyLsB3DiUMXyVi71CffwkgpInYU1gx1YhLn4z0rP2XKw==
CashtoCode.svg
images.ctfassets.net/yfsnrai3uxj5/SR8TgueXMDtLYti3url5A/87abb5dad83c67f0da38d5a86e017451/
5 KB
3 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/SR8TgueXMDtLYti3url5A/87abb5dad83c67f0da38d5a86e017451/CashtoCode.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5734c7be4793e4e28ceb8735147864b9fd3e45a8bda764de6cc7e2dfd698f514

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 00:50:49 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:47:47 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
76095
etag
W/"71f43b15ae2ea766e61044cd1d0fbce6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
mn1D1PjWotVNwbvNKMLRw8O8sX3QmMJndLil00XKRr1ai9JFvEbDIg==
OXXO.svg
images.ctfassets.net/yfsnrai3uxj5/4MYARXUaSh5D7EJcMKTood/13b682e7be4b5d67f0a08d21ca7e9f6d/
12 KB
3 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/4MYARXUaSh5D7EJcMKTood/13b682e7be4b5d67f0a08d21ca7e9f6d/OXXO.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
f9909d535a3ad7bc4427da0467eca207a93c55d96e47a82e76d05fc4abe5b0ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 02:38:07 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 09:58:08 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
69657
etag
W/"40827dd01909c2c393fd58f38fd322d9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
Dn98e0Rtl1YEHdJI9n6zx21A2JBK6h24DP3XQL-ERCVLjv53eJbVFw==
SPEI.svg
images.ctfassets.net/yfsnrai3uxj5/50iYt6xSY7c1pRS9gvheiw/8c3b94f34155fa2805c9833118a268e5/
2 KB
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/50iYt6xSY7c1pRS9gvheiw/8c3b94f34155fa2805c9833118a268e5/SPEI.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
7bd4d73ba4ad07c478011190f7b83d0068a98e2fef643e1fb712658a8758cb89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 20:42:19 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Fri, 24 Feb 2023 10:05:49 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
67725
etag
W/"97d05cf7c42a9d2ff85d7c186a04ba8b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
nYX2oeI7enXHfu5F_1BLL7l52z2GWrefK43rMn2_-XRIo_hQGYsXQg==
Interac__1_.svg
images.ctfassets.net/yfsnrai3uxj5/eeDYBGzjB1bjfpgkAK3oA/57e6d7dd5b60dcfeedc70014a3f887e3/
807 KB
595 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/eeDYBGzjB1bjfpgkAK3oA/57e6d7dd5b60dcfeedc70014a3f887e3/Interac__1_.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
a31bf86f33c60d56da251ba2d3b686918af46409810b7767978792fda4d6de5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 01:04:50 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jun 2023 13:27:41 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
75253
etag
W/"b81ce080a5fc24e2d170eb05b4d5c8f6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
588kQrSFVSmhHfXfVvM4RIEc2bDpoxqjo3p0VcOsCPhtwbrs3-Fm0A==
MGA-new.svg
images.ctfassets.net/yfsnrai3uxj5/hTwiXxGuqrIB/7bf385c92350f6e1e418ab7e1dfb085d/
3 KB
2 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/hTwiXxGuqrIB/7bf385c92350f6e1e418ab7e1dfb085d/MGA-new.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
5878f00581fca0f89fe52f0b1a2fc3341a67c7e268559c43079a761f4acb3a0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 08:29:10 GMT
content-encoding
gzip
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Tue, 31 Mar 2020 12:39:03 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
48594
etag
W/"8e20f71997b5f8d380354badf244d8c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-id
KbK07tcU9VysopbQJr3e5K7ciHonyP6hW3nMw8F0uYeNcmHV2dSqGg==
license-18-plus.svg
images.ctfassets.net/yfsnrai3uxj5/mi45mZPA8FAp/576054d9234155a5247f114faf3da67b/
977 B
1 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/mi45mZPA8FAp/576054d9234155a5247f114faf3da67b/license-18-plus.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
3f05b4172c00a225947db74f446307eb1811a2699195e2bc676250f7cac43233

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 04:12:37 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 08:50:22 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
63987
etag
"c1a25e0507f5ed01c98cc7d48c2b99e3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
977
x-amz-cf-id
Y9oSeZBXByYx9sLmZz-RO8SGSQfkzZy9ni2RpslR2hMM2D2cUhrzYw==
after-pre-init
front.optimonk.com/public/138466/embedded/
152 B
508 B
XHR
General
Full URL
https://front.optimonk.com/public/138466/embedded/after-pre-init
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"98-lC3A9CNC58A3Xk5qtOzmLLQkxH0"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding
content-type
text/html; charset=utf-8
x-dns-prefetch-control
off
access-control-allow-origin
*
cache-control
no-cache
x-xss-protection
1; mode=block
jfclientsdk.min.js
gs-cdn.optimonk.com/jfclientsdk/latest/
90 KB
31 KB
Script
General
Full URL
https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
aa7a9e304de02544efb6d212545ee34181d9d6def23a0f96d974a5895d6ce01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
br
cdn-edgestorageid
1081
age
2589
x-guploader-uploadid
ADPycduUTnFtJFcDfSnKQ1b1C2GkfJEu-pHZ9WnPP1EpOgSbROGtna4SnuvBF2cNuGOvRAVEpOdkj31aTRI1kG7n05SWmjGzrEep
x-goog-storage-class
STANDARD
x-goog-metageneration
1
cdn-cachedat
07/07/2023 01:54:51
cdn-pullzone
592317
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
last-modified
Mon, 06 Mar 2023 13:44:21 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"b3bfb67a86f184618c3fbaecb75fcd0c"
vary
Accept-Encoding, Accept-Encoding
x-goog-generation
1678110260910049
content-type
application/javascript
cdn-cache
HIT
x-goog-hash
crc32c=/EYgog==, md5=s7+2eobxhGGMP7rst1/NDA==
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
cache-control
public, max-age=2592000
x-goog-stored-content-length
91957
cdn-requestid
04eb765c74224fd9fa8be113e238b9ac
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
preload.js
front.optimonk.com/public/138466/js/
5 KB
2 KB
Script
General
Full URL
https://front.optimonk.com/public/138466/js/preload.js?
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
fc5be329fa84c8a79a8c013a23f8946b0e90b974fcb78a4a2f5de2656800a64f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"157b-UcZ7symQVjwxUbeCEKgTF0ScQZU"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1350
vary
Accept-Encoding
x-xss-protection
1; mode=block
json
trc.taboola.com/1536678/trc/3/
2 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1536678/trc/3/json?tim=1689976743821&data=%7B%22id%22%3A342%2C%22ii%22%3A%22%2Fen%2Fsignup%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1689976743812%2C%22cv%22%3A%2220230702-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.mrfortune.com%2Fen%2Fsignup%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgalaxyno-casino-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1689976743820%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.mrfortune.com%2Fen%2Fsignup%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1536678/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b156f5245f1aed99df69e417d05b5540a7640644bbcd7bcdf9e7068346fb65f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-vcl-time-ms
18
date
Fri, 21 Jul 2023 21:59:03 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7578
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230072-FRA
server
nginx
x-timer
S1689976744.843573,VS0,VE18
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
visitor.ashx
ukliveagent.com/chatserver/ Frame 744F
2 KB
3 KB
XHR
General
Full URL
https://ukliveagent.com/chatserver/visitor.ashx?siteId=100013501&chatGroup=5010
Requested by
Host: ukliveagent.com
URL: https://ukliveagent.com/chatserver/js/bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a8a5cd04cf40b93f7fd6408ea3f360d40c95e2992728543bba40456458decdef

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8Fc4hAG22iiSwSFmosMAE%2B%2Bb%2BqIBK55Rk%2BK2PxdnJFrK5VcBUqYJi2mJIiXyuM3HQini6sVD2mH9lUQRXpvjX%2Ff2nOD6mKQxDbWL5U10Tko77G6x0atVwrFpGLkC%2BO27FxLjgNyzHGKpopt0C8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/json; charset=utf-8
access-control-allow-origin
https://www.mrfortune.com
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE", CP="IDC DSP COR NID CUR OUR NOR"
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
cf-ray
7ea6b5793f50bbaf-FRA
preload-base.fef2afa2.js
front.optimonk.com/
60 KB
19 KB
Script
General
Full URL
https://front.optimonk.com/preload-base.fef2afa2.js
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/public/138466/js/preload.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
694ac350848ba21c11642c30a59ba98c4008751d53721c246f089dbf2419d07d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"f139-a/FMs+bVdqss4C+AGXPG+IzJ3yo"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
vary
Accept-Encoding
x-xss-protection
1; mode=block
/
jfapiprod.optimonk.com/v2/
26 B
187 B
Fetch
General
Full URL
https://jfapiprod.optimonk.com/v2/
Requested by
Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.177.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:04 GMT
via
1.1 google
etag
W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length
26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
load
front.optimonk.com/public/138466/js/
62 KB
15 KB
XHR
General
Full URL
https://front.optimonk.com/public/138466/js/load
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
96df2bc2f8de2c53b921bb48055c1074ef4022fe5617cefd0f516739933a142b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"f926-c9uBnGkVQ/HKwIhp8v9EeO7FMew"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding
x-xss-protection
1; mode=block
visitor.ashx
ukliveagent.com/chatserver/ Frame 744F
694 B
1 KB
XHR
General
Full URL
https://ukliveagent.com/chatserver/visitor.ashx?siteId=100013501&chatGroup=5010
Requested by
Host: ukliveagent.com
URL: https://ukliveagent.com/chatserver/js/bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7faec2ec9ec7cec0f1610e426bade6c03477eb22acab8417bab01eecb996846c

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hhl%2FfcPHRHrlpy6SPVw%2BmzplmxZIaZLG7NcUUSqHpH0zjIhCjF%2B0v%2FACNBv5fn4obmaIm%2Fs7JEWRn38X3kzhODJ9IA76fH8nIwv6PzGWAjoXYGDxezutE%2FuDR7D58bhl3ed3KsmFB9%2BI6QzzAIw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/json; charset=utf-8
access-control-allow-origin
https://www.mrfortune.com
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE", CP="IDC DSP COR NID CUR OUR NOR"
cache-control
private
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
cf-ray
7ea6b57a287cbbaf-FRA
100fsbbs
gateway.multbrand.com/gateway/bonus/1.30.00/validate/5010/ Frame
0
0
Preflight
General
Full URL
https://gateway.multbrand.com/gateway/bonus/1.30.00/validate/5010/100fsbbs?btag=37369_615806%7C%7C%7C100FS_s217232330&currency=EUR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
ngsw-bypass
Access-Control-Request-Method
GET
Origin
https://www.mrfortune.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:03 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-request-id
57647bc4-230b-45f9-9b6e-ada56b162351
100fsbbs
gateway.multbrand.com/gateway/bonus/1.30.00/validate/5010/
2 KB
2 KB
XHR
General
Full URL
https://gateway.multbrand.com/gateway/bonus/1.30.00/validate/5010/100fsbbs?btag=37369_615806%7C%7C%7C100FS_s217232330&currency=EUR
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.130.199.159 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-130-199-159.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
f209ba2689450aedb368886e5df6b6c6c83019f016bd45f4e1c817e1f6b2d91f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
ngsw-bypass
anyValueCanBePresented

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
x-content-type-options
nosniff
vary
Origin
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-auth-token,Date,jwt-auth,X-Request-ID
x-frame-options
SAMEORIGIN
access-control-allow-headers
*
content-length
1748
x-xss-protection
1; mode=block
x-request-id
30fa7408-69f3-4fac-a221-d22a1cf69a07
Registration-Dialog-Background.png
images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/
180 KB
181 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/Registration-Dialog-Background.png?w=1680&h=1080&q=90&fm=webp&fit=fill
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/main.38b9ab77f4098d44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0b95a5ded1123dcae734e37665ee8dfe339a8ba73aa94a50468b1e0e896fb881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 05:46:54 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
37888
etag
"d3ecf251ad9e3917bf1b217d1d1a4c1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
184826
x-amz-cf-id
tuxy_mlbzfxPRlA8rdpNZs4Qe7Lr4PBg54WZUPj9OP4upLx9qGVKxg==
load.4a646f18.js
front.optimonk.com/load.esm/
256 KB
71 KB
Script
General
Full URL
https://front.optimonk.com/load.esm/load.4a646f18.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
68f425f93a9121ab2bfbff838ac4322c0f13e12a4d401b107653ade7f780295a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.mrfortune.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"3fe56-yPl2uLulX+Nxl4wI9dKcOm6VYLs"
x-download-options
noopen
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=604800
vary
Accept-Encoding
x-xss-protection
1; mode=block
campaign.ashx
ukliveagent.com/chatserver/ Frame 744F
10 KB
11 KB
XHR
General
Full URL
https://ukliveagent.com/chatserver/campaign.ashx?siteId=100013501&campaignId=44&lastUpdateTime=A94F9C898BF19FEE2FCEBCDDEE270E045DDF5E52677B0D98EFDC159403406BDF
Requested by
Host: ukliveagent.com
URL: https://ukliveagent.com/chatserver/js/bundle.d959ff62cd1b2acc8bdcd25ad917dcbf.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a94f9c898bf19fee2fcebcddee270e045ddf5e52677b0d98efdc159403406bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W6FGfMpzzUltDq9F22X1fb3CpgVnOtwNTduwP%2BsI2Q4DYbtr9%2Faz7dHuTdGVG9b2t6kZ5qu07QYNzfAgqfLLQrFM35HYhvx4zw5Ma602x4gkTLq6GFpNkRHuMAZGlT60BrhuGGaTdoXJr2tw6fw%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="IDC DSP COR NID CUR OUR NOR"
access-control-allow-origin
*
content-type
text/json; charset=utf-8
cache-control
max-age=31536000
x-robots-tag
noindex, nofollow
access-control-allow-headers
Content-type,api-key,Authorization,X-Requested-With
alt-svc
h3=":443"; ma=86400
cf-ray
7ea6b57a8c7a39ca-FRA
optimonk.5d3c34f7.js
front.optimonk.com/load.esm/
44 B
434 B
Script
General
Full URL
https://front.optimonk.com/load.esm/optimonk.5d3c34f7.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://front.optimonk.com/load.esm/load.4a646f18.js
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"2c-PP9xovXOpjsVds3Gr04DXoLaxdY"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-dns-prefetch-control
off
access-control-allow-origin
*
cache-control
public, max-age=604800
x-xss-protection
1; mode=block
subscriptionFactory.975253fc.js
front.optimonk.com/load.esm/
742 B
768 B
Script
General
Full URL
https://front.optimonk.com/load.esm/subscriptionFactory.975253fc.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
664f02a806d156533d6b3baf1616008a8650133e66683b3112912e0c72c96d68
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://front.optimonk.com/load.esm/load.4a646f18.js
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"2e6-kJMxxngF+mGS7+/z/1XpRZVDsRg"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-dns-prefetch-control
off
access-control-allow-origin
*
cache-control
public, max-age=604800
x-xss-protection
1; mode=block
videoFactory.d9b6d53e.js
front.optimonk.com/load.esm/
171 B
533 B
Script
General
Full URL
https://front.optimonk.com/load.esm/videoFactory.d9b6d53e.js
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.245.25.14 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://front.optimonk.com/load.esm/load.4a646f18.js
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
nginx
etag
W/"ab-7+puoeInCgrrEYILjxVDJpCdVEA"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
x-dns-prefetch-control
off
access-control-allow-origin
*
cache-control
public, max-age=604800
x-xss-protection
1; mode=block
optimonk.min.css
cdn-asset.optimonk.com/bundles/wseoptimonk/css/
15 KB
3 KB
Stylesheet
General
Full URL
https://cdn-asset.optimonk.com/bundles/wseoptimonk/css/optimonk.min.css?v=b2efbc5949
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.4a646f18.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
1082
x-dns-prefetch-control
off
cdn-cachedat
07/07/2023 01:18:58
cdn-pullzone
580384
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"3c5f-+aJzZURpEvNsmjMFlnXjMeoe03w"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
38691ead5aa0b514bab2120d0536603c
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
jfapiprod.optimonk.com/v2/
26 B
76 B
Fetch
General
Full URL
https://jfapiprod.optimonk.com/v2/
Requested by
Host: gs-cdn.optimonk.com
URL: https://gs-cdn.optimonk.com/jfclientsdk/latest/jfclientsdk.min.js?ts=14
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.177.207 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
207.177.117.34.bc.googleusercontent.com
Software
/
Resource Hash
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 21 Jul 2023 21:59:04 GMT
via
1.1 google
etag
W/"1a-oDk6RB3+SLV96sulj5WuSYroQto"
content-length
26
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
64ad52eeb8a8700023aac010.html
cdn-renderer.optimonk.com/ssr/138466/ Frame A8BF
45 KB
6 KB
XHR
General
Full URL
https://cdn-renderer.optimonk.com/ssr/138466/64ad52eeb8a8700023aac010.html?v=1689083280
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.4a646f18.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
5a502bd3f6243798eb35c4981e281cb9f07dc970dcf7133bf271cf58aec56a44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
x-permitted-cross-domain-policies
none
cdn-edgestorageid
1081
x-dns-prefetch-control
off
cdn-cachedat
07/11/2023 15:03:20
cdn-pullzone
736120
x-xss-protection
0
referrer-policy
no-referrer
server
BunnyCDN-DE1-1080
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"b385-oQDOBxd3BsnoUnoEAzpXQrYGVEc"
x-download-options
noopen
expect-ct
max-age=0
vary
Accept-Encoding
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://www.mrfortune.com
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
cdn-cache
HIT
access-control-allow-credentials
true
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
959ccfd4bd1da83464a620695494c334
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
MrF_450x536_1648216471888.png
editor-upload-cdn.optimonk.com/userImages/138466/623dbcb8c57eeb0024f1da57/
54 KB
55 KB
Image
General
Full URL
https://editor-upload-cdn.optimonk.com/userImages/138466/623dbcb8c57eeb0024f1da57/MrF_450x536_1648216471888.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
f2ee4c5b381eaf72549f66fcdb8ac0a91371fc7da460f7a24419a78149722ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:04 GMT
x-downloadsize
170288
cdn-edgestorageid
1081
x-bo-processingtime
5
cdn-cachedat
07/12/2023 14:09:08
cdn-pullzone
573677
content-length
55150
x-bo-server
DE-223
last-modified
Wed, 12 Jul 2023 14:09:08 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
306
content-type
image/webp
access-control-allow-origin
*
cdn-cache
REVALIDATED
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
x-bo-compressionratio
67.61%
cdn-requestid
50e5916825043cc410631a4de9a8bcd4
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
MF_Registration_Offer_Default.png
images.ctfassets.net/yfsnrai3uxj5/ASr9oJyCdFpOV00j6NuFod/ff625cecd6eb3e1c897daeb3c062134f/
23 KB
24 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/ASr9oJyCdFpOV00j6NuFod/ff625cecd6eb3e1c897daeb3c062134f/MF_Registration_Offer_Default.png?w=350&h=190&q=90&fm=webp&fit=fill
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/main.38b9ab77f4098d44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
61c09192c6eb99b465075921b69ebf39831b14ee03ee2a003a9f69536175ee07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 08:56:27 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Mon, 05 Jun 2023 13:23:03 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
46957
etag
"cd1a7d56f2cb73c8c4b620a55b3a4406"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
23762
x-amz-cf-id
40vKREYpbnUICOShT3Hhm6849yX1viS_O87mwa-6kztV3TQbJSG_fw==
Registration-Dialog-Background.png
images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/
180 KB
181 KB
Image
General
Full URL
https://images.ctfassets.net/yfsnrai3uxj5/xFR64DhiLkLtzRIkvpIhsh/b931cf252f3ec0e5c962c318904cf1df/Registration-Dialog-Background.png?w=1680&h=1080&q=90&fm=webp&fit=fill
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/main.38b9ab77f4098d44.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:d800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Contentful Images API /
Resource Hash
0b95a5ded1123dcae734e37665ee8dfe339a8ba73aa94a50468b1e0e896fb881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:03 GMT
via
1.1 d32cecfb780f448e04918056be10c37a.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jul 2023 05:46:54 GMT
server
Contentful Images API
x-amz-cf-pop
MUC50-P3
age
37888
etag
"d3ecf251ad9e3917bf1b217d1d1a4c1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
content-length
184826
x-amz-cf-id
J0hDD9_XSM8PHY9vEKQaToYK-9S_7SHXwsjgYEMtjQztcrzRqUW7ZQ==
unip
trc-events.taboola.com/1536678/log/3/
0
249 B
XHR
General
Full URL
https://trc-events.taboola.com/1536678/log/3/unip?en=pre_d_eng_tb&tos=1586&scd=0&ssd=1&est=1689976743815&ver=36&isls=true&src=i&invt=1500&msa=477&rv=1&tim=1689976745400&vi=1689976743812&ri=7dc05b1a799ed2479a1b67778228681f&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fwww.mrfortune.com%2Fen%2Fsignup
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin
https://www.mrfortune.com
pragma
no-cache
date
Fri, 21 Jul 2023 21:59:05 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
om.base.3c92bca85913a7dba50d.css
cdn-asset.optimonk.com/assets/css/
285 KB
32 KB
Stylesheet
General
Full URL
https://cdn-asset.optimonk.com/assets/css/om.base.3c92bca85913a7dba50d.css
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.4a646f18.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
7b9f89a6c3e0a73f43e9c246a360be96eb827631bc5fa139a161308d166a2c72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:07 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
content-encoding
br
cdn-edgestorageid
1081
x-dns-prefetch-control
off
cdn-cachedat
07/21/2023 08:11:02
cdn-pullzone
580384
x-xss-protection
1; mode=block
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"4729f-v4Uuje3sD/C3wmkweQmRW7FwubI"
x-download-options
noopen
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000
cdn-requestid
c0ca1d11c813b664050b9cd3c53c2568
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Requested by
Host: front.optimonk.com
URL: https://front.optimonk.com/load.esm/load.4a646f18.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7d1bc7f749c29bc2e9f7378325036d8ca16e98393568e2017dee92ac9429591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 21 Jul 2023 21:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 21 Jul 2023 21:59:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 21 Jul 2023 21:59:07 GMT
MrF_450x536_1648216471888.png
editor-upload-cdn.optimonk.com/userImages/138466/623dbcb8c57eeb0024f1da57/
54 KB
55 KB
Image
General
Full URL
https://editor-upload-cdn.optimonk.com/userImages/138466/623dbcb8c57eeb0024f1da57/MrF_450x536_1648216471888.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
f2ee4c5b381eaf72549f66fcdb8ac0a91371fc7da460f7a24419a78149722ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:07 GMT
x-downloadsize
170288
cdn-edgestorageid
1081
x-bo-processingtime
5
cdn-cachedat
07/12/2023 14:09:08
cdn-pullzone
573677
content-length
55150
x-bo-server
DE-223
last-modified
Wed, 12 Jul 2023 14:09:08 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.03
cdn-requestpullcode
200
x-bo-origindownloadtime
306
content-type
image/webp
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
03887a3a-e2eb-4f9c-b547-bb29001e27f6
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=86400
x-bo-compressionratio
67.61%
cdn-requestid
7c6b039265e29b5aca1a9d16d40fca27
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
jost-cyrillic-400-normal.62a3f12dc1790116.woff2
www.mrfortune.com/
4 KB
4 KB
Font
General
Full URL
https://www.mrfortune.com/jost-cyrillic-400-normal.62a3f12dc1790116.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8499a2ee65e618e4a555b4c41f92f331821f33d33dc5099f0265fc5d01f2e69

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:07 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-ee0"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b5909e54193f-FRA
content-length
3808
jost-cyrillic-500-normal.e372757d6ac50af9.woff2
www.mrfortune.com/
4 KB
4 KB
Font
General
Full URL
https://www.mrfortune.com/jost-cyrillic-500-normal.e372757d6ac50af9.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
366e5d63f3cc3ea0fa7ee3bab909c3e47aea321650357de15a6d2810b840d0a7

Request headers

Referer
https://www.mrfortune.com/signup?btag=37369_615806%7C%7C%7C100FS_s217232330&bonuscode=100fsbbs
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 21:59:07 GMT
cf-cache-status
REVALIDATED
last-modified
Wed, 19 Jul 2023 16:59:57 GMT
server
cloudflare
etag
"64b8168d-1030"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=0, s-maxage=600
accept-ranges
bytes
cf-ray
7ea6b5909e56193f-FRA
content-length
4144
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 01:54:53 GMT
x-content-type-options
nosniff
age
245054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jul 2024 01:54:53 GMT
92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v14/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oTd4g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 01:54:53 GMT
x-content-type-options
nosniff
age
245054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26304
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:29:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jul 2024 01:54:53 GMT
92zatBhPNqw73ord4iYl.woff2
fonts.gstatic.com/s/jost/v14/
16 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73ord4iYl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be91d4b4c218dd20016c65b841b46ce9e4cf8277fee2a2845ef4434012a360b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 02:02:10 GMT
x-content-type-options
nosniff
age
590217
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16788
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:28:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 02:02:10 GMT
WwkfxPmzE06v_ZW1XnrB.woff2
fonts.gstatic.com/s/gruppo/v17/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/gruppo/v17/WwkfxPmzE06v_ZW1XnrB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e598bdc4d27b7b6eecde3ae3b6fb268b9de4294320e220202aaa13335fd7f7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 20:12:04 GMT
x-content-type-options
nosniff
age
265623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23080
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:34:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 20:12:04 GMT
92zatBhPNqw73oDd4iYl.woff2
fonts.gstatic.com/s/jost/v14/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oDd4iYl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6312fa45e35f9fb6bbbb1c29f6c1aa63326ed5f6f15c6b9e2460668be7409b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:42:10 GMT
x-content-type-options
nosniff
age
544617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10104
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 14:42:10 GMT
92zatBhPNqw73oDd4iYl.woff2
fonts.gstatic.com/s/jost/v14/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/jost/v14/92zatBhPNqw73oDd4iYl.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6312fa45e35f9fb6bbbb1c29f6c1aa63326ed5f6f15c6b9e2460668be7409b83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 14:42:10 GMT
x-content-type-options
nosniff
age
544617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10104
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 14:42:10 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 02:30:05 GMT
x-content-type-options
nosniff
age
588542
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18664
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:19:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 14 Jul 2024 02:30:05 GMT
PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
fonts.gstatic.com/s/passionone/v16/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/passionone/v16/PbynFmL8HhTPqbjUzux3JEuR9ls.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 17:22:08 GMT
x-content-type-options
nosniff
age
275819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7540
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:37:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jul 2024 17:22:08 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Gruppo:400%7CJost:400,500%7COpen+Sans:400%7CPassion+One%7CRubik:400,700&display=swap&subset=cyrillic,latin,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.mrfortune.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 03:08:24 GMT
x-content-type-options
nosniff
age
154243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35448
x-xss-protection
0
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 03:08:24 GMT
unip
trc-events.taboola.com/1536678/log/3/
0
248 B
XHR
General
Full URL
https://trc-events.taboola.com/1536678/log/3/unip?en=pre_d_eng_tb&tos=4587&scd=0&ssd=1&est=1689976743815&ver=36&isls=true&src=i&invt=3000&msa=477&rv=1&tim=1689976748402&vi=1689976743812&ri=7dc05b1a799ed2479a1b67778228681f&ref=null&cv=20230702-3-RELEASE&item-url=https%3A%2F%2Fwww.mrfortune.com%2Fen%2Fsignup
Requested by
Host: www.mrfortune.com
URL: https://www.mrfortune.com/polyfills.4bc3fdb9628ee953.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.mrfortune.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin
https://www.mrfortune.com
pragma
no-cache
date
Fri, 21 Jul 2023 21:59:08 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-WRVC3Z0V55&gtm=45je37j0&_p=142604191&cid=800072899.1689976744&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1689976743&sct=1&seg=0&dl=https%3A%2F%2Fwww.mrfortune.com%2Fsignup%3Fbtag%3D37369_615806%257C%257C%257C100FS_s217232330%26bonuscode%3D100fsbbs&dt=Mr%20Fortune%20Casino&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WRVC3Z0V55&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mrfortune.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 21 Jul 2023 21:59:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mrfortune.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| webpackChunkclient_brands_gfo_mr_fortune_casino function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched object| __SENTRY__ function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse function| __zone_symbol__ON_PROPERTYunhandledrejection object| __zone_symbol__unhandledrejectionfalse object| __zone_symbol__beforeinstallpromptfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__visibilitychangetrue object| __zone_symbol__pagehidetrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue function| __zone_symbol__ON_PROPERTYpopstate function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| OneSignal number| __oneSignalSdkLoadCount function| __jp0 object| __zone_symbol__focusfalse function| init object| dataLayer object| gsLiveChatData object| onLoadPromise object| Comm100API object| onComm100LoadPromise object| google_tag_manager object| google_tag_data object| OptiMonkEmbedded object| OptiMonkRegistry boolean| OptiMonkPreloadStarted object| __tfa_pixel_init object| _tfa object| __zone_symbol__pagehidefalse function| onYouTubeIframeAPIReady object| __zone_symbol__blurfalse object| __zone_symbol__pageshowfalse object| gaGlobal object| __zone_symbol__scrollfalse function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| __zone_symbol__storagefalse object| __zone_symbol__messagefalse object| __zone_symbol__beforeunloadfalse object| omPreloadScript function| ns function| generateUUID function| getVersionedFile function| getStaticUrlFor function| getAssetUrlFor object| OptiMonk object| webpackChunkJFClientSDK object| JFClientSDK object| __zone_symbol__optimonk#campaign-showfalse object| __zone_symbol__optimonk#campaign-closefalse object| __zone_symbol__optimonk#minimizefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

11 Cookies

Domain/Path Name / Value
go.ohmypartners.com/ Name: mrfortune-v
Value: 615806
www.mrfortune.com/ Name: btag
Value: 37369_615806%7C%7C%7C100FS_s217232330
.onesignal.com/ Name: __cf_bm
Value: A.LXMcAcDGDaYvOZftn_AIWrtllripttxim4jlHHrUQ-1689976742-0-AQ9F1VKdk4grAKHsyxxJJX7+VRxeY+M7r2twOUhzn3L9A5pTCzE8P8z8qa4i8nw+RMu894DXSaqUWL8U7Y/DD8U=
www.mrfortune.com/ Name: optiMonkClientId
Value: 3fd7031d-449e-81c0-82ee-0f271a218058
.mrfortune.com/ Name: _ga
Value: GA1.1.800072899.1689976744
www.mrfortune.com/ Name: optiMonkSession
Value: 1689976743
www.mrfortune.com/ Name: optiMonkEmbedded138466
Value: N4IgFghgzgMglgWzgFwEoFMIGMzoCYgBcAZhADZToC+QA===
www.mrfortune.com/ Name: new2_Y3l2ssgGY_Control
Value: 1689976743984
www.mrfortune.com/ Name: optiMonkClient
Value: N4IgjAzAHALAbHEAuUBjAhs4BfANCAMwDdkw4oBOCgdjmphnwBsSkzKa6H8A7AewAOrMNmxA
www.mrfortune.com/ Name: comm100_guid2_100013501_5010
Value: zsanyBelXkC_0fvG3RH0cg
.mrfortune.com/ Name: _ga_WRVC3Z0V55
Value: GS1.1.1689976743.1.1.1689976744.0.0.0

2 Console Messages

Source Level URL
Text
other warning URL: https://cdn.taboola.com/libtrc/unip/1536678/tfa.js(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://cdn.taboola.com/libtrc/unip/1536678/tfa.js(Line 2)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-mrfortune.cs3api.com
cdn-account.optimonk.com
cdn-asset.optimonk.com
cdn-renderer.optimonk.com
cdn.contentful.com
cdn.onesignal.com
cdn.taboola.com
dpcw.link
editor-upload-cdn.optimonk.com
fonts.googleapis.com
fonts.gstatic.com
front.optimonk.com
gateway.multbrand.com
go.ohmypartners.com
gs-cdn.optimonk.com
images.ctfassets.net
jfapiprod.optimonk.com
o273612.ingest.sentry.io
onesignal.com
onsite.optimonk.com
region1.google-analytics.com
trc-events.taboola.com
trc.taboola.com
ukliveagent.com
www.googletagmanager.com
www.mrfortune.com
138.197.192.24
141.226.228.48
146.75.118.49
151.101.65.44
157.245.25.14
18.130.199.159
2001:4860:4802:32::36
2400:52e0:1e00::1080:1
2400:52e0:1e00::1081:1
2600:9000:26db:d800:12:94b3:c380:93a1
2606:4700::6812:1bc
2606:4700::6812:d73b
2606:4700::6812:fbc
2a00:1450:4001:801::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::2008
2a06:98c1:3121::3
34.117.177.207
34.120.195.249
35.234.86.61
04c69f9ef1857adaab1a2da242b12205113791abf84e2797b95c49fb1259cdf8
0b7e3af1cb23f3b1cc2c3418f3c31ab3bbadeaa2ba5e72f3cb818e4b44c420f4
0b95a5ded1123dcae734e37665ee8dfe339a8ba73aa94a50468b1e0e896fb881
0e6a855d19b44af4aa403746af358833fd33c9d1f1d712382e7d85e2ca6dacae
0eb0d5a2dfef80d3acbd47040a1e0b3ebc686a91bd46105b1084fd9d23600d70
0f5e8573ea84d5023791172cd0ed8a535dd1fed45cbd32f3c757d668cd311cb3
155818f342ead9e222be478069696d0d5c3ec7db6c3a3a8ba85a466d1760f048
1ed5f02190d9478356ec2c23fa78883695609fb80fb70f6dea8424e08ae423ad
215f98683ed4b89ca3c75ba91c7382157be2ecdcb179dbc6796696dd89fdfb79
22a799158fe74ae3e802bb4708fa9b5888b3553ca8296ae1f4a23799a006d1ba
2761f1c34d9535a6c31ebfdfd28eaad9c3e43af682a36cbe40aca17fbece0174
2ad3850475479b991b2d4691f14ecf384299b57166d01d3af8a5c755c48f6e7d
2b156f5245f1aed99df69e417d05b5540a7640644bbcd7bcdf9e7068346fb65f
2ff9cc6c0c145d9ce6e4a02bd6a82d8eecac49bcfd95271f6fa24a241905973d
304adf5eb6dd395fd121fb062ffc6d507859591fdd6dbc792b2e1fe5145ab4b9
32b3b34e79b7b227677d8a2098dc516a60273ac73fd772a910c6a4cc4217c934
366e5d63f3cc3ea0fa7ee3bab909c3e47aea321650357de15a6d2810b840d0a7
3b436f993b3f19e834a7aea6ab6ace72f00dc5c928dce4607adf126218b940a5
3d9a1d78ea8567a36d58346b52eba7422df75811235618faa554b14287b028c8
3dfab054877129f52af4f78d980c0c77b344ac09c2f714a04d9b09e588515175
3e9b76cd18916b141392804403064f5b92bcbf054ca0b20036d44b04405fd854
3f05b4172c00a225947db74f446307eb1811a2699195e2bc676250f7cac43233
43dacf93cc6165db78740a20baadf4ce6b3ceecd775c78b577bd20f109d6ccaa
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441e23601fe7525a142857c98cbb2784997579d51a17f736d7964dceee609709
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4798c7102fdfb85069c323602dc705746763ae82217bc78eb79994b773dc67e8
4e6ca66e55ccc3882f50f610c84f62dc58620cb3ad5054727e4c33aaeb9a8ac6
5734c7be4793e4e28ceb8735147864b9fd3e45a8bda764de6cc7e2dfd698f514
57f9669c80cffe5c3c079586f9a00316065389b295d6762dda45cb5cc5f05536
5878f00581fca0f89fe52f0b1a2fc3341a67c7e268559c43079a761f4acb3a0a
597e02bda147337413dadebfccf1b8d558b94107a44db1784a474fa3c40d97c5
5a502bd3f6243798eb35c4981e281cb9f07dc970dcf7133bf271cf58aec56a44
5e939c8178446f29835f9968f7987a00a8d91ec47914f702cc4f8e8e7062bb76
5fbc393cbece8c3ba77fc775a7e24564e960cf33791cae04e2f45f434eb82bd1
61c09192c6eb99b465075921b69ebf39831b14ee03ee2a003a9f69536175ee07
6312fa45e35f9fb6bbbb1c29f6c1aa63326ed5f6f15c6b9e2460668be7409b83
64e55167d667abb4e1a1d0d5f5564e955c0285edb9152fed590e65963ac68e4b
664f02a806d156533d6b3baf1616008a8650133e66683b3112912e0c72c96d68
68f425f93a9121ab2bfbff838ac4322c0f13e12a4d401b107653ade7f780295a
694ac350848ba21c11642c30a59ba98c4008751d53721c246f089dbf2419d07d
6f423c70f7f3f1ceed70f7210798d2cb82d726f55851514ffc8fdfde2212dc87
7647a4c48c5804e526f18b451327c1496cfbb04e6c01b806e7e8991cd60c3c42
7b9f89a6c3e0a73f43e9c246a360be96eb827631bc5fa139a161308d166a2c72
7bc2093fddc50bfc2e60a164b34bff71975b3d3d467d8d6b657f4c6324b1a76a
7bd4d73ba4ad07c478011190f7b83d0068a98e2fef643e1fb712658a8758cb89
7cc2446aa9f2aace47e2240299653cd19d273709c5d6f7b9f9e97dc030fcde89
7faec2ec9ec7cec0f1610e426bade6c03477eb22acab8417bab01eecb996846c
817e6df8c1615f3ed7446845cbdde75b986b4b50160c41d015df759b39cafc72
871e70f293164dc51b5a55aaaf0141f924e69b2deffa75dcf17b429637ae80b5
8bed0434e67cad096c406819fb888398c84f45519814a26ff73c271f2dc49cfd
96df2bc2f8de2c53b921bb48055c1074ef4022fe5617cefd0f516739933a142b
98bca1dcc379875200b488bb664ce7844536e9968784e95ff0de3263c64a4b7a
9be2d6412eae24dc1e616cc56dcdef97920513dff73c3136b1a808622989aeb0
a25da21fa46f9ef2ca9d169f57fbf9f605c976f9dfe924a27706900dc3228a8b
a31bf86f33c60d56da251ba2d3b686918af46409810b7767978792fda4d6de5a
a46a9e99a5c5d78e1d9110ea776df8411c90e9ab9f652970494e46ca228fbd5d
a7d1bc7f749c29bc2e9f7378325036d8ca16e98393568e2017dee92ac9429591
a8a5cd04cf40b93f7fd6408ea3f360d40c95e2992728543bba40456458decdef
a94f9c898bf19fee2fcebcddee270e045ddf5e52677b0d98efdc159403406bdf
aa7a9e304de02544efb6d212545ee34181d9d6def23a0f96d974a5895d6ce01f
afd8db0d85b8af8b3acd6fdc0a92bcca08e2b843dc8aaed94132149a4cafeb8d
b809668416d6c92b39c3dec9f80c4fe20864550f9ae68b82ccf20aec8546cf62
b9129489104b3f5b8d30997f23e18a4041d557f38e8cb2fe52349ed5f8862275
b949373786a52852d45682cd4c9aebd376c74dc1dd289a0d4250841645bee8fc
be2b0f24f87d23246253cab77041c0f3bbf10707e7375a732817663fa4914549
be91d4b4c218dd20016c65b841b46ce9e4cf8277fee2a2845ef4434012a360b5
c0eda55ec47640c00aa84096fabdb63c66f5e456f7b141e1ba1d153c2b6ebceb
c5c4e8bea13813a07cbeca0a5dc3c78c58f9cbbc32bf3b2825308e80b3ef8ab2
c8e6f1bd9e8739c4787eeaf0ac5fd775f979853513be9b294835ab7659152003
c99aaa9d35986f17f4b940fdb18ad3eb19eaa6afca98f0ca60b3477c4bd0f819
ce2095146d281e0bb9cd98f245bf05b69c1dbeb69ac9ec2a494e5b3254746c4c
db8e578b11dc2e87e52a253b75d720129e692ec40c269b3ff7b56a85eef79742
dcc8a173e3a77e09b61db0921d3430536982fa16dd162d28731fa1bcd0eda0ee
e1f0df802637edbbbaaa866c311a6c926603e3b89c012ca321f55023429628d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e598bdc4d27b7b6eecde3ae3b6fb268b9de4294320e220202aaa13335fd7f7cb
e8499a2ee65e618e4a555b4c41f92f331821f33d33dc5099f0265fc5d01f2e69
ea76d4f0f6a2950bf8560634d2a84017f6b23315e62cdac0305b1ed90e3c46ca
eabc27911b0c29a1dbdf8e14cfd31351ebedb6b6e3303dbb7a3341bfe49794bd
eb49ce211df074142d735927bb3e8b655ccf39a7cc444baf02e871bcd47986df
eb9b4b4bf43c10ea21b3f9da7dfa0d7ad32a9c300bc75a53445604554b8ad45e
ec64ab79ca6723cb91aae735889b57bfa72221fb3c08d5d5974f79e124489a7d
ece7df50664b6fc6a0cf3a0a6f51ccbf172eeba280612ddcb1c94611181b13d5
f12cde86323053a7d0cbaef09e3baf0758f42c0af5ef442840eda6c3f75b600f
f209ba2689450aedb368886e5df6b6c6c83019f016bd45f4e1c817e1f6b2d91f
f2dc34827ba7b01034184de8095c53987fcba028756db7873470d706403819b1
f2ee4c5b381eaf72549f66fcdb8ac0a91371fc7da460f7a24419a78149722ec9
f5dc3572e8d9ee7c5ec2dc1060eb38d5903a7b42f340d22757ed082da94ecf88
f9909d535a3ad7bc4427da0467eca207a93c55d96e47a82e76d05fc4abe5b0ae
fc5be329fa84c8a79a8c013a23f8946b0e90b974fcb78a4a2f5de2656800a64f