urlscan.io logo urlscan.io
SecurityTrails logo

my.fortunefling.com Open in urlscan Pro
209.133.211.186  Public Scan

Go To Rescan Add Verdict Report
URL: https://my.fortunefling.com/
Submission: On March 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 39 HTTP transactions. The main IP is 209.133.211.186, located in Tampa, United States and belongs to HVC-AS, US. The main domain is my.fortunefling.com.
TLS certificate: Issued by R3 on March 21st 2024. Valid for: 3 months.
This is the only time my.fortunefling.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 209.133.211.186 29802 (HVC-AS)
2 2a04:4e42:400... 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:200... 54113 (FASTLY)
1 52.92.137.144 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 3.162.3.99 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 18.235.186.238 14618 (AMAZON-AES)
1 13.225.189.47 16509 (AMAZON-02)
3 45.223.17.68 19551 (INCAPSULA)
39 14
13    209.133.211.186 (Tampa, United States)

ASN29802 (HVC-AS, US)
PTR: 209-133-211-186.static.hvvc.us
my.fortunefling.com
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    52.92.137.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com
s3-us-west-2.amazonaws.com
1    2607:f8b0:4004:c09::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2606:4700:e0::ac40:6a24 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-keingent.com
event.trk-keingent.com
1    3.162.3.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net
static.hotjar.com
4    2607:f8b0:4004:c0b::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
5    18.235.186.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-186-238.compute-1.amazonaws.com
create.leadid.com
1    13.225.189.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-189-47.yul62.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
3    45.223.17.68 (United States)

ASN19551 (INCAPSULA, US)
deviceid.trueleadid.com
Apex Domain
Subdomains		 Transfer
13 fortunefling.com
my.fortunefling.com
2 MB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 20248
3 KB
5 trk-keingent.com
trk-keingent.com — Cisco Umbrella Rank: 23624
event.trk-keingent.com — Cisco Umbrella Rank: 64457
3 KB
4 gstatic.com
fonts.gstatic.com
32 KB
3 trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 26076
23 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
59 KB
1 cloudfront.net
d2m2wsoho8qq12.cloudfront.net
2 KB
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 30424
38 KB
1 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 1239
431 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 amazonaws.com
s3-us-west-2.amazonaws.com
173 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1217
30 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 387
11 KB
39 13
Domain Requested by
13 my.fortunefling.com my.fortunefling.com
5 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
4 event.trk-keingent.com trk-keingent.com
4 fonts.gstatic.com fonts.googleapis.com
3 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
2 cdn.jsdelivr.net my.fortunefling.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com my.fortunefling.com
1 static.hotjar.com my.fortunefling.com
1 trk-keingent.com my.fortunefling.com
1 fonts.googleapis.com my.fortunefling.com
1 s3-us-west-2.amazonaws.com my.fortunefling.com
1 code.jquery.com my.fortunefling.com
1 cdnjs.cloudflare.com my.fortunefling.com
39 14

This site contains no links.

Subject Issuer Validity Valid
my.fortunefling.com
R3		 2024-03-21 -
2024-06-19		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.s3-us-west-2.amazonaws.com
Amazon RSA 2048 M01		 2024-01-23 -
2024-12-31		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
trk-keingent.com
GTS CA 1P5		 2024-01-29 -
2024-04-28		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
lidstatic.com
E1		 2024-01-28 -
2024-04-27		 3 months crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-01-16 -
2024-07-14		 6 months crt.sh

This page contains 3 frames:

Primary Page: https://my.fortunefling.com/
Frame ID: B77442D342196F35A488EC53655929E3
Requests: 33 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Frame ID: 4E2C1C6E2B884930680C479B4C8958DE
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Frame ID: 1A4EE306BF1656ADCC1EF9F341470979
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fortune Fling

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

39
Requests

100 %
HTTPS

54 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

2221 kB
Transfer

2790 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.fortunefling.com/ 		43 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
542243e79b03e6e83eef26bd81a86a24118ee5acb9d91ff10e3fcfe40a9410b1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store
content-type
text/html; charset=utf-8
date
Sun, 24 Mar 2024 14:21:08 GMT
pragma
no-cache
server
Kestrel
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
x-powered-by-plesk
PleskWin
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/ 		227 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://my.fortunefling.com/
Origin
https://my.fortunefling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Mar 2024 14:21:08 GMT
x-content-type-options
nosniff
content-encoding
br
age
2411198
x-jsd-version
5.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34902
x-served-by
cache-fra-etou8220083-FRA, cache-nyc-kteb1890078-NYC
x-jsd-version-type
version
etag
W/"38df4-HxOZgbm0enZu+gphu3ito1HxbEs"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:21:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
722680
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10462
last-modified
Mon, 13 Sep 2021 19:10:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"613fa20b-28de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQrdtwDbzgUIm%2ByuuIsjlwPBkcuVucldW2V0bLVucKQQcN938wj9GpbX3X9YHsfOMi25AXoy4%2F4E2iCR2%2FMXxBviaUBAhKygScERoGLmIVQYj%2Bh22Qqj2WWFIngk5HYzgwF67grt2tySSqLZPQxa4ZcN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86974e525eab4bcd-BUF
expires
Fri, 14 Mar 2025 14:21:08 GMT
style.css
my.fortunefling.com/css/ 		27 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.fortunefling.com/css/style.css
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
3a9bff7d6b72af7ca5ad4a659e2c223c1e94bc23f500c26a43d5d1daaaf39a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:08 GMT
last-modified
Thu, 21 Mar 2024 23:05:56 GMT
server
Kestrel
etag
"1da7be4546c0feb"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
28139
coregoffer.css
my.fortunefling.com/css/ 		651 B
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.fortunefling.com/css/coregoffer.css
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
5dbc39894d3dca635020472cc6bba118560144163e9c3964f7cb5cc5fa80282f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:08 GMT
last-modified
Fri, 22 Mar 2024 00:33:39 GMT
server
Kestrel
etag
"1da7bf0956a710b"
x-powered-by
ASP.NET
content-type
text/css
accept-ranges
bytes
content-length
651
logo.png
my.fortunefling.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/logo.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
d4fde1ebb5a9d1874cd3ea6f159bdde5f3296d6f5b7ff8bc2b941e39c192b20f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:08 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4de21a"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
7066
banner.png
my.fortunefling.com/images/ 		506 KB
507 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/banner.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
d791c3fedb4a05b222bb8da7f79197dcff29a496bad9e37044cc69bd566c322e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:08 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4a119b"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
518171
banner-mobile.png
my.fortunefling.com/images/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/banner-mobile.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
366c0828afa03da2d9660c9dddc2aaa788a28db771751131be968a0aa9e24b3e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4c5294"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
109332
woman-laptop.png
my.fortunefling.com/images/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/woman-laptop.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
2662938c8a38ba7ed9b1627a09ce87fd483eeb0daf22eb6b7bb7a7b9a38be963

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4e8f21"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
226977
man-laptop.png
my.fortunefling.com/images/ 		165 KB
166 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/man-laptop.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
41b5d70079ec5760aea5a549b9f11cdadb3fd98d0b1e1f7f0600219476afce50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4f6bcc"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
168524
keyboard.png
my.fortunefling.com/images/ 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/keyboard.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
e79bd36acc4801ff644e9df56718e23fce59cfc243613f1226e69a1762fe6ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4e3b74"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
246516
beach.png
my.fortunefling.com/images/ 		123 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/beach.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
72489a776726df5d7c021ab76dfe19de12bc105fd1865e94a5f32d97432e33c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4c121d"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
125853
girl-in-car.png
my.fortunefling.com/images/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/girl-in-car.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
2865bb82a9e69ce64bd4a5c8ec7fae0bd9ba5274c4d255fcc8df15f4d92038a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4fdd84"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
140292
money-in-hand.png
my.fortunefling.com/images/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/money-in-hand.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
9aaa3fcf144bf7f35e7f978e1e4840a2532382db1670092b1564dc60b07e67ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4c3ad8"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
115544
calculating.png
my.fortunefling.com/images/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.fortunefling.com/images/calculating.png
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.133.211.186 Tampa, United States, ASN29802 (HVC-AS, US),
Reverse DNS
209-133-211-186.static.hvvc.us
Software
Kestrel / ASP.NET
Resource Hash
10ff0d596d786c87964ddb3087e350f094fcfdbbff4545a739a9fe48c3da1ebf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 24 Mar 2024 14:21:09 GMT
last-modified
Wed, 20 Mar 2024 22:35:11 GMT
server
Kestrel
etag
"1da7b16de4fb913"
x-powered-by
ASP.NET
content-type
image/png
accept-ranges
bytes
content-length
147603
jquery-3.7.1.min.js
code.jquery.com/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.7.1.min.js
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:21:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
16091395
x-cache
HIT, HIT
content-length
30336
x-served-by
cache-lga21978-LGA, cache-nyc-kteb1890081-NYC
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1711290070.136188,VS0,VE0
etag
W/"28feccc0-155ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
5165, 44422
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/ 		79 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 24 Mar 2024 14:21:09 GMT
x-content-type-options
nosniff
content-encoding
br
age
3910684
x-jsd-version
5.3.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25109
x-served-by
cache-fra-etou8220085-FRA, cache-nyc-kteb1890096-NYC
x-jsd-version-type
version
etag
W/"13b17-9/0PPchLLPk7+B6DJQWmc/NU4KM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.inputmask.bundle.js
s3-us-west-2.amazonaws.com/s.cdpn.io/3/ 		172 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3-us-west-2.amazonaws.com/s.cdpn.io/3/jquery.inputmask.bundle.js
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.137.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sun, 24 Mar 2024 14:21:11 GMT
x-amz-version-id
null
Last-Modified
Wed, 30 Nov 2016 13:28:36 GMT
Server
AmazonS3
x-amz-request-id
AFCVESZV0B73YFFT
ETag
"f0b02d9f2d3c6679556e63935ac23320"
Content-Type
text/javascript
Cache-Control
public
Accept-Ranges
bytes
Content-Length
176433
x-amz-id-2
nU1zCeOvOhwxScoI6EA5DzPcR4E3EY4fld8TxQ/WKLLlULOAvZALErPFUHyMJ0KirdQcnRNnT2M=
Expires
Mon, 30 Nov 2026 13:28:34 GMT
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
82cf6c06a8d7a89854fc20155b5613bc5886627c0da0305204824864854bec8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 24 Mar 2024 14:21:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 24 Mar 2024 12:39:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 24 Mar 2024 14:21:09 GMT
l4ev3o7d1w
trk-keingent.com/scripts/push/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-keingent.com/scripts/push/script/l4ev3o7d1w?url=my.fortunefling.com&alturl=/
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69f33dc9397bf4bf0a99b7dd833ba7000b07a87bb93de47274980f75dac2ed5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:21:10 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Sun, 24 Mar 2024 14:21:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9F6QTrWm%2FzKBb3D%2FSKXm73gi3pZsPN%2BaFpiS5REXENp2t7ZSIBEhBuvS3fc37LSnRc6xBKHCpJZUgG1GNYCppWyFbvanLUFgJZMcnk%2FU%2BXKBOzv28w6GMambjGzQOMiZQg2QSg2lx50dbVL7Q72Z"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86974e5a5f5bb9c5-EWR
expires
0
hotjar-3824608.js
static.hotjar.com/c/ 		0
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3824608.js?sv=6
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-99.yul62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
date
Sun, 24 Mar 2024 14:21:10 GMT
x-content-type-options
nosniff
via
1.1 141b2a0bfdcf3225afbe04affb901120.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
etag
W/d41d8cd98f00b204e9800998ecf8427e
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
content-length
0
x-amz-cf-id
dwhA_xxI_j1qK8TgVFiFKptFxFjtkTVj9RIltlyfGnQm_4OSljNQ1Q==
truncated
/ 		181 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.fortunefling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:49:44 GMT
x-content-type-options
nosniff
age
232286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 21:49:44 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.fortunefling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:57:29 GMT
x-content-type-options
nosniff
age
231821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 21:57:29 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.fortunefling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:02:41 GMT
x-content-type-options
nosniff
age
231509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 22:02:41 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://my.fortunefling.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 21:57:30 GMT
x-content-type-options
nosniff
age
231820
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 21 Mar 2025 21:57:30 GMT
22dcab83-e748-bb6c-09f5-1243f50c58ce.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Requested by
Host: my.fortunefling.com
URL: https://my.fortunefling.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5612f331df43f48eab4fc4776553d9e75b5f8027f4a837d14bc02b1a84e8667a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://my.fortunefling.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:21:10 GMT
x-amz-version-id
Hl4TSLk55Pi4C0tV4nDMRaFJ6A3gkPaY
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
P4NXT7V9MAB6DQ72
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
zckSYf8dZNE5nTRd0QWAq13XAt5bq6PGGtaGom4N3+oz4QUobpsmkatYgGBtZmXZ0Uf63oCYl7M=
last-modified
Mon, 18 Mar 2024 21:24:30 GMT
server
cloudflare
etag
W/"1f6e8a4040da533ee2f7759f995e3c98"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
86974e5dccd04bc3-BUF
GenerateToken
create.leadid.com/2.12.1/ 		36 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=1363414c-6ba0-46bf-8174-24d2f77d3391&_=776145602
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.186.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-186-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9354aead88e9cb5bd5323a516e0f8db674461c8b9481dc893c3f3626fa9ccf80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Mar 2024 14:21:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 4E2C 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.189.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-189-47.yul62.r.cloudfront.net
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.fortunefling.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
21542
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 24 Mar 2024 08:28:22 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 5f928efc6cc9f0bbea9fe5327d80c446.cloudfront.net (CloudFront)
X-Amz-Cf-Id
n-9lxmlkJxhrort69LioYjntBhBpB6ru_11AO_-UsMYhuRIyYw_9XQ==
X-Amz-Cf-Pop
YUL62-C1
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=1363414c-6ba0-46bf-8174-24d2f77d3391&token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&_=776145603
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.186.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-186-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Mar 2024 14:21:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=1363414c-6ba0-46bf-8174-24d2f77d3391&token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&_=776145604
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.186.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-186-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Mar 2024 14:21:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 1A4E 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.17.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d20133e705903bf132dffac694940bdf888911f49c3c2117090ac6fb11cf4ed0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Sun, 24 Mar 2024 14:21:12 GMT
etag
W/"6554d155-1049"
expires
Mon, 25 Mar 2024 14:21:12 GMT
last-modified
Wed, 15 Nov 2023 14:10:29 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
strict-transport-security
max-age=31536000
x-cdn
Imperva
x-iinfo
17-6096209-6049206 pNNy RT(1711290070751 668) q(0 0 0 0) r(0 0) U24
x-incap-sess-cookie-hdr
gAHqA7fzXRcgwgmKL0rlCNc2AGYAAAAAmt+MoGu82AF/cJwVpqFBAw==
Snap
create.leadid.com/2.12.1/ 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=1363414c-6ba0-46bf-8174-24d2f77d3391&token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&_=776145605
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/22dcab83-e748-bb6c-09f5-1243f50c58ce.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.186.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-186-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 24 Mar 2024 14:21:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
_Incapsula_Resource
deviceid.trueleadid.com/ Frame 1A4E 		145 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://deviceid.trueleadid.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=549448106
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.17.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c60398679079b5cb920a825e4ca74f2664d29fd5640236c19b4af31d503115e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20979
content-type
application/javascript
SaveDeviceId.js
create.leadid.com/2.12.1/ Frame 1A4E 		0
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDeviceId.js?lac=025A0669-DAB5-7F9F-84E2-227599989E8A&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&methods=48&token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&uuid=fcf62defb4f447bc82218128725a7594
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.235.186.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-186-238.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 24 Mar 2024 14:21:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
_Incapsula_Resource
deviceid.trueleadid.com/ Frame 1A4E 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://deviceid.trueleadid.com/_Incapsula_Resource?SWKMTFSR=1&e=0.24833663661618588
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.223.17.68 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deviceid.trueleadid.com/iframe.html?token=D2C8F534-2E8E-932E-F2C1-6D1246CD2C12&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=22DCAB83-E748-BB6C-09F5-1243F50C58CE&lac=025A0669-DAB5-7F9F-84E2-227599989E8A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
q2golpy8gr
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q2golpy8gr
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l4ev3o7d1w?url=my.fortunefling.com&alturl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 24 Mar 2024 14:21:16 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAN8rE3l3itgBQgmUVIOlVJl3kmYGM%2FF%2BfSAHPHZUuub6Jkn2xooNyAwrpvRy2Vsas539QRpfwXHd7pGEYUPKfKri73MbNoFwEyGw3H0cc6u2gen5SEWs6lo9UTxSyui8NTVDHVqMOqlPMOIStUdRZSUhzx7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86974e820b2c78d3-EWR
x-pushplatformapp-params
q2golpy8gr
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q2golpy8gr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.fortunefling.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86974e817a6478d3-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 24 Mar 2024 14:21:16 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1yc%2BPseU%2FnMTvJw5g2O8eO1WwIxietZ3iRATuTcw8KPqf2n2tLI0yiVQd0YyOVUxQQFcfyFqREjgyujWhawpdgYYQNvyVar0HPOWO7GUJN1QataLjOlsaCrzIpsPNjUi459ykRTQk0X0UdaIjV4q4FnLc61d"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
q2golpy8gr
event.trk-keingent.com/register/event_log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q2golpy8gr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://my.fortunefling.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
86974e817a6678d3-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Sun, 24 Mar 2024 14:21:16 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VccZoKq3KJtA6YJIG8fqJZ5inWRrHL1E1y9ihMOoR14pQs2W8mbrWSFnY8hVWWUw9ZihBzF5gO5cNSvP0F2s2%2BMi%2FRuREY8zNma%2FtQgP9pG%2B8OmOKo0YOck%2FsQtL46LsRbbu8LquX61YqPOO%2BuU9%2BzAvzHc3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
q2golpy8gr
event.trk-keingent.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-keingent.com/register/event_log/q2golpy8gr
Requested by
Host: trk-keingent.com
URL: https://trk-keingent.com/scripts/push/script/l4ev3o7d1w?url=my.fortunefling.com&alturl=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6a24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://my.fortunefling.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Sun, 24 Mar 2024 14:21:16 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VZPRK8eN7PYdUCTYoswnt2atucghQ2dsRGArNGbht%2BMtFzwqq6G2nXXskN4DnaLtwdPHGU0BK%2B%2FNfQskM%2BJJ%2BD92gRjq7HrDI9DGpLMyvdKiWNQxjow7Gx3n5k0JV4XMTZR%2BygrPS2M2t1mCy5R9PIaamT1v"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
86974e820b2e78d3-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| hj object| _hjSettings function| $ function| jQuery number| uidEvent object| bootstrap function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| Inputmask function| showTCPA function| showMobilePrivacyPolicy function| showTerms function| showNetspendDisclaimer function| showLoader function| hideLoader function| finish function| showHideControls function| validateEmail function| validateFirstDisclosure_1 function| validateFirstDisclosure_2 function| validateSecondDisclosure function| validatePhone function| validateFirstName function| SubmitRegisterInfo function| skipSecondCoregStep function| openPrivacyPolicy function| openTerms function| saveOfferclick function| updateTimer function| removeParameterFromQueryString function| addParameterToQueryString function| replaceParamValue object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData object| defaultStyleFrame

6 Cookies

Domain/Path Name / Value
my.fortunefling.com/ Name: .AspNetCore.Antiforgery.4-qQjELqiFw
Value: CfDJ8Ic-5NpzYCdDo30uV0cwJiNn_kLoUidUluoxx13V-pPl9l3R91lteaxcioFXwIqzlc9E3CrtkdIJvm3AoNOwYmVQNFwanh9vWuslg5QYRfqxxoGFPsszBGY_Tu-ZoN8Q-FYaQS5BXhNPKg-68vcrMp0
my.fortunefling.com/ Name: leadid_token-025A0669-DAB5-7F9F-84E2-227599989E8A-22DCAB83-E748-BB6C-09F5-1243F50C58CE
Value: D2C8F534-2E8E-932E-F2C1-6D1246CD2C12
.trueleadid.com/ Name: nlbi_3051494
Value: tPimTDvMSkfSs5IqC30iGwAAAAA+GfnVrxEbWWEOIpWE+hne
.trueleadid.com/ Name: visid_incap_3051494
Value: Lsv6KsjBQVORU2E1LrnvkNc2AGYAAAAAQUIPAAAAAAB602j84uKWEZCQ4kvPD3O1
.trueleadid.com/ Name: incap_ses_641_3051494
Value: clDgAuCYplMgwgmKL0rlCNc2AGYAAAAAdG2KEKKhzlS5RLCwZT21Jw==
.deviceid.trueleadid.com/ Name: uuid
Value: fcf62defb4f447bc82218128725a7594

15 Console Messages

Source Level URL
Text
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://my.fortunefling.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other error URL: https://my.fortunefling.com/
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
deviceid.trueleadid.com
event.trk-keingent.com
fonts.googleapis.com
fonts.gstatic.com
my.fortunefling.com
s3-us-west-2.amazonaws.com
static.hotjar.com
trk-keingent.com
13.225.189.47
18.235.186.238
209.133.211.186
2606:4700:10::ac43:29e5
2606:4700::6811:180e
2606:4700:e0::ac40:6a24
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c0b::5e
2a04:4e42:200::649
2a04:4e42:400::485
3.162.3.99
45.223.17.68
52.92.137.144
10ff0d596d786c87964ddb3087e350f094fcfdbbff4545a739a9fe48c3da1ebf
2662938c8a38ba7ed9b1627a09ce87fd483eeb0daf22eb6b7bb7a7b9a38be963
2865bb82a9e69ce64bd4a5c8ec7fae0bd9ba5274c4d255fcc8df15f4d92038a2
3017df4a76db5f01c2b99b603d88b03106df13bcfe18e67b7c13c2341d3a67df
366c0828afa03da2d9660c9dddc2aaa788a28db771751131be968a0aa9e24b3e
3a9bff7d6b72af7ca5ad4a659e2c223c1e94bc23f500c26a43d5d1daaaf39a36
41b5d70079ec5760aea5a549b9f11cdadb3fd98d0b1e1f7f0600219476afce50
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
542243e79b03e6e83eef26bd81a86a24118ee5acb9d91ff10e3fcfe40a9410b1
5612f331df43f48eab4fc4776553d9e75b5f8027f4a837d14bc02b1a84e8667a
5dbc39894d3dca635020472cc6bba118560144163e9c3964f7cb5cc5fa80282f
72489a776726df5d7c021ab76dfe19de12bc105fd1865e94a5f32d97432e33c2
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fd467d27ef40cdaed73685e3d55006dd24a34223c2183d8d805f94f17b3aa1d
82cf6c06a8d7a89854fc20155b5613bc5886627c0da0305204824864854bec8b
82f64f62bb03c1bc1824b0f9c9e05f70dba33e146818e63cdf5c306c8cf3dedd
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9354aead88e9cb5bd5323a516e0f8db674461c8b9481dc893c3f3626fa9ccf80
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9aaa3fcf144bf7f35e7f978e1e4840a2532382db1670092b1564dc60b07e67ab
c60398679079b5cb920a825e4ca74f2664d29fd5640236c19b4af31d503115e6
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d20133e705903bf132dffac694940bdf888911f49c3c2117090ac6fb11cf4ed0
d4fde1ebb5a9d1874cd3ea6f159bdde5f3296d6f5b7ff8bc2b941e39c192b20f
d791c3fedb4a05b222bb8da7f79197dcff29a496bad9e37044cc69bd566c322e
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f33dc9397bf4bf0a99b7dd833ba7000b07a87bb93de47274980f75dac2ed5
e79bd36acc4801ff644e9df56718e23fce59cfc243613f1226e69a1762fe6ec6
f708ad894d421f32ed297a914632db6bc1577841d1c210b34f1a0821ea0aaa4b
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a