urlscan.io logo urlscan.io
SecurityTrails logo

fortune-girl.com Open in urlscan Pro
2600:9000:214f:2800:10:6a1d:3480:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fortune-girl.com/skincare/articles/BkEGA
Effective URL: https://fortune-girl.com/skincare/BkEGA
Submission: On June 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 18 domains to perform 58 HTTP transactions. The main IP is 2600:9000:214f:2800:10:6a1d:3480:93a1, located in United States and belongs to AMAZON-02, US. The main domain is fortune-girl.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 16th 2023. Valid for: a year.
This is the only time fortune-girl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2600:9000:214... 16509 (AMAZON-02)
17 172.67.74.86 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 142.250.186.66 15169 (GOOGLE)
2 2600:9000:235... 16509 (AMAZON-02)
1 18.244.18.50 16509 (AMAZON-02)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2001:4860:480... 15169 (GOOGLE)
1 13.32.110.75 16509 (AMAZON-02)
2 210.140.225.92 4694 (IDCF IDC ...)
1 54.178.139.157 16509 (AMAZON-02)
1 142.250.185.72 15169 (GOOGLE)
1 182.22.25.252 23816 (YAHOO Yah...)
1 72.246.28.191 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 157.240.0.6 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 147.92.191.92 38631 (LINE LINE...)
1 18.180.151.200 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 54.89.92.78 14618 (AMAZON-AES)
1 2 2600:9000:223... 16509 (AMAZON-02)
58 25
2    2600:9000:214f:2800:10:6a1d:3480:93a1 (United States)

ASN16509 (AMAZON-02, US)
fortune-girl.com
17    172.67.74.86 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.clipkit.co
b.clipkit.co
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
pagead2.googlesyndication.com
2    2600:9000:2359:4c00:18:82c:9d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
aml.valuecommerce.com
vpj.valuecommerce.com
1    18.244.18.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-50.fra56.r.cloudfront.net
kitchen.juicer.cc
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    13.32.110.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-75.vie50.r.cloudfront.net
fortune-girl.com
2    210.140.225.92 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: 210-140-225-92.newton.jp-east.compute.idcfcloud.net
dalc.valuecommerce.com
1    54.178.139.157 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-139-157.ap-northeast-1.compute.amazonaws.com
a.imgvc.com
1    142.250.185.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f8.1e100.net
www.googletagmanager.com
1    182.22.25.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
s.yimg.jp
1    72.246.28.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-28-191.deploy.static.akamaitechnologies.com
d.line-scdn.net
1    2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)
tr.line.me
1    18.180.151.200 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-151-200.ap-northeast-1.compute.amazonaws.com
8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com
2    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    54.89.92.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-92-78.compute-1.amazonaws.com
prod.trendemon.com
trackingapi.trendemon.com
2    2600:9000:223c:1600:2:7dc7:8f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.trendemon.com
Apex Domain
Subdomains		 Transfer
17 clipkit.co
cdn.clipkit.co
b.clipkit.co
125 KB
8 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
tpc.googlesyndication.com — Cisco Umbrella Rank: 174
214 KB
4 trendemon.com
prod.trendemon.com
assets.trendemon.com — Cisco Umbrella Rank: 130490
trackingapi.trendemon.com — Cisco Umbrella Rank: 94433
61 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2406
21 KB
4 valuecommerce.com
aml.valuecommerce.com — Cisco Umbrella Rank: 273295
vpj.valuecommerce.com
dalc.valuecommerce.com — Cisco Umbrella Rank: 249492
47 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
74 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
273 KB
3 fortune-girl.com
fortune-girl.com
8 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1268
78 KB
1 amazonaws.com
8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com
159 B
1 line.me
tr.line.me — Cisco Umbrella Rank: 14989
425 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
346 B
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 15261
10 KB
1 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 6996
11 KB
1 imgvc.com
a.imgvc.com — Cisco Umbrella Rank: 232392
319 B
1 juicer.cc
kitchen.juicer.cc — Cisco Umbrella Rank: 283812
306 B
0 yahoo.co.jp Failed
am.yahoo.co.jp Failed
58 18
Domain Requested by
16 cdn.clipkit.co fortune-girl.com
6 pagead2.googlesyndication.com fortune-girl.com
pagead2.googlesyndication.com
4 www.facebook.com fortune-girl.com
3 connect.facebook.net fortune-girl.com
connect.facebook.net
3 www.googletagmanager.com fortune-girl.com
www.googletagmanager.com
3 fortune-girl.com 1 redirects cdn.clipkit.co
2 assets.trendemon.com 1 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 dalc.valuecommerce.com vpj.valuecommerce.com
aml.valuecommerce.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com fortune-girl.com
www.google-analytics.com
2 maxcdn.bootstrapcdn.com fortune-girl.com
maxcdn.bootstrapcdn.com
1 trackingapi.trendemon.com prod.trendemon.com
1 prod.trendemon.com 1 redirects
1 8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com b.clipkit.co
1 tr.line.me fortune-girl.com
1 stats.g.doubleclick.net www.google-analytics.com
1 d.line-scdn.net fortune-girl.com
1 s.yimg.jp www.googletagmanager.com
1 a.imgvc.com fortune-girl.com
1 b.clipkit.co fortune-girl.com
1 vpj.valuecommerce.com fortune-girl.com
1 kitchen.juicer.cc fortune-girl.com
1 aml.valuecommerce.com fortune-girl.com
0 am.yahoo.co.jp Failed s.yimg.jp
58 25

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
twitter.com
www.facebook.com
www.instagram.com
Subject Issuer Validity Valid
fortune-girl.com
Amazon RSA 2048 M03		 2023-10-16 -
2024-11-11		 a year crt.sh
clipkit.co
E1		 2024-05-13 -
2024-08-11		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.valuecommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-31 -
2024-09-30		 a year crt.sh
juicer.cc
Amazon RSA 2048 M03		 2023-12-24 -
2025-01-21		 a year crt.sh
bootstrapcdn.com
GTS CA 1P5		 2024-05-25 -
2024-08-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.imgvc.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-13 -
2024-10-13		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-02-02 -
2025-03-01		 a year crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-13 -
2024-11-13		 a year crt.sh
*.line.me
GlobalSign RSA OV SSL CA 2018		 2023-08-10 -
2024-09-10		 a year crt.sh
*.execute-api.ap-northeast-1.amazonaws.com
Amazon RSA 2048 M02		 2023-07-22 -
2024-08-18		 a year crt.sh
tpc.googlesyndication.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.trendemon.com
SSL.com RSA SSL subCA		 2023-06-18 -
2024-06-26		 a year crt.sh

This page contains 4 frames:

Primary Page: https://fortune-girl.com/skincare/BkEGA
Frame ID: F32DC4D2C1D282CEF5AC846F6DA7E8FB
Requests: 55 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Frame ID: 568E782A4B036B5E8D375E9228B23E91
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9961086187805206&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1717975707&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5~27_15~29_11&aiixl=30_6~27_3~29_5&aifgd=1&aipaq=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717975706989&bpp=83&bdt=1627&idt=228&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7637062426028&frm=20&pv=2&ga_vid=776620906.1717975707&ga_sid=1717975707&ga_hid=951019558&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084257%2C31084348%2C44795922%2C95331696%2C95334510%2C95334525%2C95334572%2C95335249%2C95334052%2C95334160%2C21065724%2C31078668&oid=2&pvsid=2671331582832699&tmod=975829307&uas=0&nvt=1&fsapi=1&fc=1920&brdim=400%2C400%2C400%2C400%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: DA29076A5FE90398FE0D9F5C7D98E861
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5FF7E9657B352AEC3D22BE8BB48DCB6A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ふぉーちゅん(FORTUNE)

Page URL History Show full URLs

  1. https://fortune-girl.com/skincare/articles/BkEGA HTTP 301
    https://fortune-girl.com/skincare/BkEGA Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

58
Requests

95 %
HTTPS

42 %
IPv6

18
Domains

25
Subdomains

25
IPs

5
Countries

925 kB
Transfer

2690 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fortune-girl.com/skincare/articles/BkEGA HTTP 301
    https://fortune-girl.com/skincare/BkEGA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53
  • https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1871&uid=1890&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748 HTTP 302
  • https://assets.trendemon.com/scripts/1890/main.js?ts=638534880000000000 HTTP 301
  • https://assets.trendemon.com/tag/trends.min.js

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request BkEGA
fortune-girl.com/skincare/
Redirect Chain
  • https://fortune-girl.com/skincare/articles/BkEGA
  • https://fortune-girl.com/skincare/BkEGA
17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:2800:10:6a1d:3480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
399a662d8d1b4c4ae819b7b72a2e4babebfec8d44a800d9700ebe25dbcc848f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 09 Jun 2024 23:28:25 GMT
link
<//cdn.clipkit.co/clipkit_assets/http-error-7eff08f5d13187f8652dbd7d53c7f16259ede00aafd5c1a6388b73f1e6376688.css>; rel=preload; as=style; nopush,<//cdn.clipkit.co/clipkit_assets/beacon-21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3.js>; rel=preload; as=script; nopush
p3p
CP='UNI CUR OUR'
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=31536000
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-id
mzYX4Q1r8Y8txX4PUnCcp6w2D_9ouQW0DCAs1gxeWvNhEsMBSYwWDw==
x-amz-cf-pop
FRA53-C1
x-cache
Error from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
c5399af5-176a-4431-bb74-f64c63b54d5f
x-runtime
0.251228
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
content-length
105
content-type
text/html; charset=utf-8
date
Sun, 09 Jun 2024 23:28:24 GMT
location
https://fortune-girl.com/skincare/BkEGA
p3p
CP='UNI CUR OUR'
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=31536000
via
1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
x-amz-cf-id
ZP_mcpji_Db_0qM_ouudssxj6g-Jh16nj3IEraW64xBakJZRTjc-6A==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
553863ca-5eab-44df-aa3d-bab4dbd22084
x-runtime
0.051537
x-xss-protection
0
http-error-7eff08f5d13187f8652dbd7d53c7f16259ede00aafd5c1a6388b73f1e6376688.css
cdn.clipkit.co/clipkit_assets/ 		410 B
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/clipkit_assets/http-error-7eff08f5d13187f8652dbd7d53c7f16259ede00aafd5c1a6388b73f1e6376688.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eff08f5d13187f8652dbd7d53c7f16259ede00aafd5c1a6388b73f1e6376688

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
x-amz-version-id
y8n59i1sduHnB8uSqiQq0cyWTwgKrjH4
via
1.1 042b48eeaf8a253b1b396e09e8bdea20.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
AMS50-C1
age
1193142
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 24 Dec 2021 05:55:48 GMT
server
cloudflare
etag
W/"f258bd712e3cdaaee5104f049b297217"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZPshVWNgY1o680CBiI7FszGEiQb3VKEwDJgLuLvH50kMkfg5X1d%2FDLx2VBlwrbL7vzLaXPI3%2BJgUAbUl9wrtzrIjXJpeoy2E%2FlNS9xGhP9b%2F7N3XF1O9bMh7XMZDtKP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8914e5defb9590e0-FRA
x-amz-cf-id
wdDd5eq9S8zJPtbQP15YgTwX6IS82QbDSONfDb0kd9AiKLMLvysSZA==
beacon-21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3.js
cdn.clipkit.co/clipkit_assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/clipkit_assets/beacon-21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
content-encoding
gzip
via
1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
x-amz-version-id
X2ErPfqYyPS0rSf5DLADA4WwgWeCOwcY
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
1207338
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
619
last-modified
Mon, 27 Nov 2023 08:17:06 GMT
server
cloudflare
etag
"6ccbbd947e0dc9c441044df4de5a26b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=evzmmCY6rLXKfZSIWZtonsAfkOEJhW3C2ea8QSBE9ldJ1aO%2FNBMIez%2FO1YM1gIwb312mhNPbtWQVKE5rUownOY%2FlMXZNERCx4p44vp2NjmRqdNmLYOT3ViYHR0Un4PKP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
cf-ray
8914e5defb9090e0-FRA
x-amz-cf-id
F6W3YDzIB4fxmwq3Q-ib4c6JF8h_n5Dj7CDxy6htmTszf9eXPFRvyw==
expires
Tue, 26 Nov 2024 14:17:05 GMT
js
www.googletagmanager.com/gtag/ 		309 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EWZY3XYP9B
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
81b852201bbd1da8c2cea6ce10975313f871c0feda3748d14edd784c9e0436a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103583
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 09 Jun 2024 23:28:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
19e576af6f77a998ac7063e57434c25809d194ed3f9f75eba859adc6dbca4565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52217
x-xss-protection
0
server
cafe
etag
3657999737169715376
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Sun, 09 Jun 2024 23:28:26 GMT
vcdal.js
aml.valuecommerce.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aml.valuecommerce.com/vcdal.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:4c00:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5dfe339688a05f6e795affb13b1b77449d1ba559a9fd259b559c6ff93656e8c6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:26:43 GMT
via
1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
104
x-guploader-uploadid
ABPtcPqQt6YeV3M_ObWxfgLSCXhJStMuBdp19msEfDYMeEB4P6sNK4JbYaoeZHTpqJZYvGONFA
x-cache
Hit from cloudfront
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
33877
last-modified
Thu, 07 Dec 2023 07:34:40 GMT
server
UploadServer
etag
"81ff5dd84deb4541a7f5d8845a0a7b11"
vary
Accept-Encoding
x-goog-hash
crc32c=Mt4aTA==, md5=gf9d2E3rRUGn9diEWgp7EQ==
x-goog-generation
1701934480342512
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Content-Range,x-goog-resumable
cache-control
max-age=300
x-goog-stored-content-length
33877
accept-ranges
bytes
x-amz-cf-id
91pjtY3F4U56GQM1_zb2ogHaqOfaX7lPssCAv1w9K6GVMdgjTfyq5A==
expires
Sun, 09 Jun 2024 23:31:43 GMT
/
kitchen.juicer.cc/ 		0
306 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kitchen.juicer.cc/?color=qNvHBoGeZCQ=
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-50.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 03:04:03 GMT
via
1.1 6571e9f709b2287f8a30275c17d07140.cloudfront.net (CloudFront)
last-modified
Mon, 21 May 2018 02:46:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
73465
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
MMUGmyFwddAeaJFHA5-C5zRmQf1bI-ZEUomeGOcSQ1LkOm88Ra2-rA==
vcparam_pvd.js
vpj.valuecommerce.com/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpj.valuecommerce.com/vcparam_pvd.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:4c00:18:82c:9d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
063f7fdcb13fef2f1d77f24bff5cc15d0972b71b829f2aa2d738ab77d1c4e63a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:26:20 GMT
via
1.1 425709fb5486bea91d36ef6c75d4ffac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
128
x-guploader-uploadid
ABPtcPppYj3Xi0IvQmv9mh4GaBiZgVzDcPUTz7RiZFFXMrEToug3ae2BtNcgaoNUW0OWvSZucNmp9MJvKA
x-cache
Hit from cloudfront
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
11142
last-modified
Thu, 12 Oct 2023 03:37:41 GMT
server
UploadServer
etag
"b7020a09b89cb8405e1a663474e40960"
vary
Accept-Encoding
x-goog-hash
crc32c=uD6Lzg==, md5=twIKCbicuEBeGmY0dOQJYA==
x-goog-generation
1697081861086047
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Content-Range,x-goog-resumable
cache-control
max-age=300
x-goog-stored-content-length
11142
accept-ranges
bytes
x-amz-cf-id
CtewAPRcX6VaoTWmAAAtrCNkHMJQ1OPtZJGj7HSR48wDm2Syzl6kpg==
expires
Sun, 09 Jun 2024 23:31:17 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		28 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1047
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3304910
cdn-cachedat
11/11/2022 02:14:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"4083f5d376eb849a458cc790b53ba080"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
7bb5bfebd315554cd6dff2f2b91b143e
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8914e5dec8e5aca4-TXL
cdn-requestpullsuccess
True
application-1.0.css
cdn.clipkit.co/clipkit/stylesheets/ 		156 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/clipkit/stylesheets/application-1.0.css
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3f897c41615adc9cc01b9a07e7d3189d3d4b6f5f9ef7dcecabb090bdbcea1a2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
x-amz-version-id
qLAwk6aiotCvbXv2b1cFyEKEqu3STeMB
via
1.1 84c3894c21a4640fb5c0efcf95646dca.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
1229377
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Mar 2024 05:16:27 GMT
server
cloudflare
etag
W/"eace0ea3cf1c6de31b3ee5b2b0f2db30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FscV6ghBrW4ITOfwXrF1KN0KFSw1MTW%2F8mHRLbcQwxnxz330bJV7%2BQ1bMTFz7vUe2Oj0OqfvMOQJeYqTWIMR4G99qjPx2FMQmpDJlhDQ7cUo5R1Kj7HnIV%2BKTSr3axG0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8914e5defb9290e0-FRA
x-amz-cf-id
wSTODdO3sxlOpTeeNeai0x17bwVg5LczFUscxtFGX01hO08qCrnavA==
ragru.css
cdn.clipkit.co/tenants/815/resources/assets/000/000/772/original/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/772/original/ragru.css?1593429209
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96b664aa8a26589b378a98204f26c202479c3dbbb224f71a0fe99460c68df5f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:26 GMT
via
1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
cBP_952sMhPU16PDr.GV7rmkNmheCD60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 29 Jun 2020 11:13:30 GMT
server
cloudflare
etag
W/"bd123da23d2cd198d1e5f81264407001"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NJpb%2BZfLvygN2NahW1KDeKoN9UFUzQVX%2FY2gB5rmTh81MfY6qm0601AzErdRtWedPABZ9p11c5ezd5hQw78uZXF47T7F4HARst3LPd6C%2F16DBmDKvEYO0DAUCALIUE5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31557600
cf-ray
8914e5defb9890e0-FRA
x-amz-cf-id
sP25iG_HVZrrVDNTNBZWJ9hbRSQbB7hbRg8nPiMEWj1t3RRkRcxFyQ==
design.css
cdn.clipkit.co/tenants/815/resources/assets/000/000/002/original/ 		69 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/002/original/design.css?1644374073
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bde291ff0953e501f5e5f60de8cd8fdee0d8c8e8fac53e2ff8bc76cedfc103e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:26 GMT
via
1.1 24c73aa8cdc4e254694e2ac7073f8aea.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
VbbZRaiHDm.FFbuntl9RmMVsba41_Wga
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 09 Feb 2022 02:34:34 GMT
server
cloudflare
etag
W/"0b4a1c94bdfdcb8902f417d530c5581a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Sab%2BluFuqfzvtazJBCR0b2AybV3h4pvrJ2iOj6yEzGUt%2FVS3SOhuEIVWXMtxkK6DD6phd0zdgJh1CFL5B5sdlbID9x0wnICUs7pIUIvAfKWAyTdH3xrb8PQNkhhOm22"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31557600
cf-ray
8914e5defb9490e0-FRA
x-amz-cf-id
_dsc8Wk2yLSgqQGA2pciysxeTXnxCPLG9SJERqzj9t05ChCO25nY7g==
ad_style.css
cdn.clipkit.co/tenants/815/resources/assets/000/001/332/original/ 		189 B
760 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/001/332/original/ad_style.css?1591842333
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3ad9793bfd4744d1d510c7a65dd8abd3c49d60bc67c2d79bbfcea4fc85c77a2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:26 GMT
via
1.1 efb576f3260fb935bd57cce721b78428.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
PVSIAI7qFOoH8bgwSVZKkNp9_BQVPO5l
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 11 Jun 2020 02:25:34 GMT
server
cloudflare
etag
W/"95d59d4a585485ae66bce9054edbbad1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRc7hgcJE2RA8b7W4XFiMdiZE7bSOFT0fTN9QrKX%2FWyBntboWKTJWWR3h3ua%2BeptMEN5q92snVUJ69p26S9FcV1u1pgfJJJ0D5JdZzUkDKtRKrwzyy1yn7qLHFy0RrAx"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31557600
cf-ray
8914e5defb9690e0-FRA
x-amz-cf-id
mu3a-AEXXLUXnjfaYiW0TY2LA-XQJkz8eA1e2dePAKhRmx3AJXacFQ==
default-1.0.js
cdn.clipkit.co/clipkit/javascripts/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/clipkit/javascripts/default-1.0.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5ed097f3e07c53a692ec6acea2576e202ae88563a6ec3f6775f84137227f8e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
x-amz-version-id
XEILH3J3GZynlePHp_4Gd2zWr_VkvnOP
via
1.1 d25e4a27039adc5d5e5994e9610df300.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
1217610
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Mar 2024 05:16:25 GMT
server
cloudflare
etag
W/"9286f949684219d691e939df4d1f4bcb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L95Yj4%2BoksVNbhTtDweiBS60mSYZaM44oaC7uL0qD6N7r3q8AqR65WM0IIIWjczyBZNoyeIV8etj89J%2FQi3dwbByhFZf2mxu8wWtUHzZzHLAnpW1p46ZkLcUi4kk0ePt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8914e5defb9790e0-FRA
x-amz-cf-id
tRQ2pYPZBbXUxNGvKimuFx9Pl4PzsOqnboKsL-WEOt2VrNYtH3dWhw==
application-1.0.js
cdn.clipkit.co/clipkit/javascripts/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/clipkit/javascripts/application-1.0.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfc770c236df62750c1c8b0ed671e4688b35453eea0cdde0c507f1678a95f7c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
x-amz-version-id
46xFata8zpneTji3iJswAp1WDls5smMP
via
1.1 37dd0feed3e180cbd05080c74e7a5a42.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
1229238
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Mar 2024 05:16:25 GMT
server
cloudflare
etag
W/"45fef6b98797ff05d086627e262d5507"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VRZS7DfMh3cpi36%2BIzYTsj4HtJsRDgeVE0pC35%2FiTWB%2F%2BWQYA4JGhDkA0sT49Ebj1%2BWkyDO4uUPkZ1dvI%2BtAXpHZ6ZwK5O8%2F90J7Vl8REZvZEHBtBm%2Fd4BWRHbLRTu5O"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8914e5e95a5690e0-FRA
x-amz-cf-id
CqvCaewL1hvHp_F9EFll-0LstPdz07V8BmDJjsPdZuNIkDm1VpCnng==
7dee6fd9-aacf-4e53-9046-d73f806e8010.png
cdn.clipkit.co/tenants/815/sites/logos/000/000/001/logo_sm/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/sites/logos/000/000/001/logo_sm/7dee6fd9-aacf-4e53-9046-d73f806e8010.png?1523327639
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29a1ef870f196333797ebd3692a6ce4b2d5cc1693166b0cc44625a4848e39eb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
via
1.1 5f82887d0f9036523f9f0366dd9a549a.cloudfront.net (CloudFront)
x-amz-version-id
wiNaEtN2z6dqCqV6PRaixC.YayvL93k1
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P2
age
118030
cf-polished
origFmt=png, origSize=2196
x-cache
Miss from cloudfront
content-disposition
inline; filename="7dee6fd9-aacf-4e53-9046-d73f806e8010.webp"
alt-svc
h3=":443"; ma=86400
content-length
1280
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:12 GMT
server
cloudflare
etag
"8497d105794c59653134d94bc2b06b9c"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JtJgrbDu4zBu%2FyghK05850Ual4V8%2F34jFSzlzSDX5%2FQtwRX%2B6LLN5Vh9lu8DdSFoNvakgnjsDtKrEl9oBujWZTukyfVtpv3CzTaodebCu8%2F5%2BoO7OATIqyHyoN526aQz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5df5bbe90e0-FRA
x-amz-cf-id
_fCFbUh-Z51loQjUe3rQ0APdNALY0FI7_d2yaBvbiNOa77C3H9ClDA==
header-btn-youtube.png
cdn.clipkit.co/tenants/815/resources/assets/000/001/341/original/ 		176 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/001/341/original/header-btn-youtube.png?1598255239
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efcd5d4d2a01e16db7d583ed0643dcb0957d59067baf6d58b71e67642608fad1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
via
1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
x-amz-version-id
cvur5SbdlomIxGsJyphnb4rCmy5uDUbm
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
257405
cf-polished
origFmt=png, origSize=1274
x-cache
Miss from cloudfront
content-disposition
inline; filename="header-btn-youtube.webp"
alt-svc
h3=":443"; ma=86400
content-length
176
cf-bgj
imgq:85,h2pri
last-modified
Mon, 24 Aug 2020 07:47:20 GMT
server
cloudflare
etag
"4f89eb047e3d9d401e93c04e7b021c02"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k3Z%2BhBLpP1%2B%2Ff5mVTeCOk6v3u0CdQS4dG%2BV1U26Lu0hrTXhZzrkXrxO234gFUmLgqBzgrvvMaN4LV7whPKvLBaTZ%2FYlyhzYBegtdZLsTRgQjzhV2yxaIDTZMe3OQgMw%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5df5bbf90e0-FRA
x-amz-cf-id
pn_r0jPsAYzNda8sS6IGcKfdogTWQ0hCTDse5WjC5AthLDG5WIQ7Hg==
header-btn-twitter.png
cdn.clipkit.co/tenants/815/resources/assets/000/000/021/original/ 		336 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/021/original/header-btn-twitter.png?1466497135
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d8d7e5d218087e0274c332eed11c85a95bae520c40d2ff1a2231fb65cbb232

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
via
1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront)
x-amz-version-id
wb9jOBCqrJNAkmUsO1oPV504RPFAQm6_
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
257404
cf-polished
origFmt=png, origSize=1490
x-cache
Miss from cloudfront
content-disposition
inline; filename="header-btn-twitter.webp"
alt-svc
h3=":443"; ma=86400
content-length
336
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:00 GMT
server
cloudflare
etag
"6cc09c2d6ba3d64d4b30889f20aeb845"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bkqxkbg0W1LsYrq%2FoWgeUgLPjzJA7HasAqxOa9gOaFvYnrC2Slga1%2F%2Bfiup1WsjNsw5QEqS6SHgO0OvqyoguIpP%2FWBOBKIpHqiZQ5P8NoFJyzkw%2BODPpU4fH0Rw%2BHK6X"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5e02c2790e0-FRA
x-amz-cf-id
RwUaWTnp1cwIIXg2zRcq-0mfGAjngl5WsUc0-ogLuhRVZRgPXoEGmw==
header-btn-fb.png
cdn.clipkit.co/tenants/815/resources/assets/000/000/022/original/ 		232 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/022/original/header-btn-fb.png?1466497136
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38553993e1974e05266c49dfc8b97b98ef70dfe7e536497942b47697eb0bff02

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
via
1.1 0e49b385c2bbe9db0820bc1551bde98a.cloudfront.net (CloudFront)
x-amz-version-id
mroOgnHbCneHzzNiX.D7WHRiaXHK3i8I
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
257404
cf-polished
origFmt=png, origSize=1275
x-cache
Miss from cloudfront
content-disposition
inline; filename="header-btn-fb.webp"
alt-svc
h3=":443"; ma=86400
content-length
232
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:00 GMT
server
cloudflare
etag
"ceb2479f2f0dedb5c58c955c6cb78d81"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NDrTZUwJ5vS4VXJOCeMSyTuh6Z6K7IJmWoMDWy4NThtztsktrSJXy%2FLQEn1F2MQZipZinooE3%2BEGjeOEwMTFmBCecP0L3DU7cI4%2BBIDND%2BQBZTo%2F85eHmaruVj1x3B0z"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5e02c2990e0-FRA
x-amz-cf-id
4pi9goge4o74Xd_4nU5VtpFcXV3rRlfifI-iHXIJA3OXCT2X3_k0KQ==
header-btn-insta.png
cdn.clipkit.co/tenants/815/resources/assets/000/000/017/original/ 		342 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/017/original/header-btn-insta.png?1466496522
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9b9f79536eb1436774083a668791228f9280ec064cb2db9efcc10fc7262935

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:25 GMT
via
1.1 599ca4c1e171a33647d38b2340e37b20.cloudfront.net (CloudFront)
x-amz-version-id
MJ2HN9I8W0BIJWzx9_3kuiRlTOlA4OKE
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
257404
cf-polished
origFmt=png, origSize=1745
x-cache
Miss from cloudfront
content-disposition
inline; filename="header-btn-insta.webp"
alt-svc
h3=":443"; ma=86400
content-length
342
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:00 GMT
server
cloudflare
etag
"b51bacb7301ac3ceaa4cb4763a76767d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eZA3i56Hmx3bs2MrwOQXmhOPCYQVYNGU1x4Pvyt9NUwOxqOvaHsmrBJ1xUazkDlw7BfiG9owODaBIbammyaJ5ErZYiuw1TqIwAcGN6jT9uDxLdXtE61ycuwLWGQzPJN5"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5e07c5b90e0-FRA
x-amz-cf-id
qqLcBDKIFPLC_oxCa2Zq1BUZcj1_ENamL7FWK-xpH4q-yvNs8yp28g==
header-btn-rss.png
cdn.clipkit.co/tenants/815/resources/assets/000/000/023/original/ 		450 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/resources/assets/000/000/023/original/header-btn-rss.png?1466497136
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68a91b7141d1b6cc50fbfb03e441393c82fc995fb338712e85f8b2ac9a44d423

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
via
1.1 c7fb0ef8cc8bb7055eaaaf9c7fa117ce.cloudfront.net (CloudFront)
x-amz-version-id
rGQR70wJMfeyJeOmFSPHwDg7QccOLAH2
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P2
age
118032
cf-polished
origFmt=png, origSize=1668
x-cache
Miss from cloudfront
content-disposition
inline; filename="header-btn-rss.webp"
alt-svc
h3=":443"; ma=86400
content-length
450
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:00 GMT
server
cloudflare
etag
"1d7a8429ae97674110b5f0a0a35ba8d6"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Fe6xu6xfE8IQxiU87VCVdiVh9Dy2FQGIlDrwzGKYsUPtVCt7ew0G%2FFGSbFiNWoRkhyt5LTbULI9aMWzYl6DNyxvqIP8QEcyOrPCZ8L1fC%2FGmMs8xMzx9wooRGxhrC%2B2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5e95a5990e0-FRA
x-amz-cf-id
NkZbMgJPJONpfTujJWgV9LvqFe_N2DFcfpO9yDUJ7yma_vkyPoCrLg==
foot_logo.png
cdn.clipkit.co/tenants/815/migration_data/original/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.clipkit.co/tenants/815/migration_data/original/foot_logo.png?1501613298
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3d664683a4a889bc7a2999979765b1e1ab7eea69c13cdf95c6864e55a3b0e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
via
1.1 24c73aa8cdc4e254694e2ac7073f8aea.cloudfront.net (CloudFront)
x-amz-version-id
yjlIquOaSpvo5Z.Dd1L5fSjXNGss7NA6
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P8
age
257406
cf-polished
origFmt=png, origSize=2279
x-cache
Miss from cloudfront
content-disposition
inline; filename="foot_logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
1620
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Mar 2020 07:29:53 GMT
server
cloudflare
etag
"d61ceb263115be57ab77196ac7f5c0cd"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2Kl02Yt942wNOS%2FHU5BRoytPJ7edKSQrplpMs3y2AqVQYhtxZsqTEGgtCxVxre0BU%2FB8Utg2uyz6URLm7ohbgXQp12b7UG2xBDzRzAiRKMWGRLtknLhk6QqYGksms8U"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8914e5e95a5a90e0-FRA
x-amz-cf-id
M2qA3SR5WCM_uK25NvQVgiU4g6ybhi90WiW4lPHXZEPuVMyv_IJ6Ww==
/
b.clipkit.co/ 		379 B
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.clipkit.co/
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
411155afe0b111cb5e98dbaf6b85343c3933aa17df59141751410316acda54e6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 20 Apr 2021 06:32:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
CV4H3CN6054XKYGG
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U940IwyC51ob4UnYxNr0VuHFtSv1EssbKkC38UR%2BRaxV155TvEQuwlnfEu84fh113m7Qq8yypYZNyvFDfLuzojztB7rCfQoS9nD1o2i6feyb7RjFN86fvxqdRrae%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
8914e5e96a6990e0-FRA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HYl2ocAodfJgnkHmguY152PWEJeweApjjHcPz6Ll17VVkOY5l9Dn/T0o3OWz7SR4x9a1XJUaUDU=
gtm.js
www.googletagmanager.com/ 		250 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T4JZT33
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
794dd6d097e8841d54821215e1f9c00052d6e1d3907ac16cc728e32f75077d3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91778
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 23:28:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 09 Jun 2024 21:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6444
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 09 Jun 2024 23:41:03 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 23:28:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1297, tbw=2808, tp=-1, tpl=-1, uplat=5, ullat=-1
pragma
public
x-fb-debug
yKMWRCvLb+1i0FCCxiJQlvBZgmwnJqef2J54NssCmKtvnPv1+92MxoI+r+35ZaSAz+uOGZbxHStcw8Ws44ArXg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EWZY3XYP9B&gtm=45je4650v875828015za200&_p=1717975705373&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=776620906.1717975707&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717975706&sct=1&seg=0&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&dt=%E3%81%B5%E3%81%89%E3%83%BC%E3%81%A1%E3%82%85%E3%82%93(FORTUNE)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2559
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWZY3XYP9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 23:28:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune-girl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9961086187805206&plah=fortune-girl.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
21bafa2eb14c0bd051ce801420758a47ebe5d82132d8aa2c51b50e7962d5e289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
147237
x-xss-protection
0
server
cafe
etag
17224346101017899050
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 09 Jun 2024 23:28:27 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Origin
https://fortune-girl.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
1076
cdn-cachedat
10/31/2023 18:59:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
71896
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
d400d9654cce50c38e371cd610184c1e
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8914e5e9ad6f44f8-TXL
cdn-requestpullsuccess
True
beacon
fortune-girl.com/media/ 		5 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fortune-girl.com/media/beacon
Requested by
Host: cdn.clipkit.co
URL: https://cdn.clipkit.co/clipkit_assets/beacon-21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.32.110.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-110-75.vie50.r.cloudfront.net
Software
nginx/1.24.0 /
Resource Hash
69ae0cb0ec9cfb72deb6c3f0b6b17877401b217d4438a5721d2aed2eced0fb27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://fortune-girl.com/skincare/BkEGA
X-Requested-With
XMLHttpRequest
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 5d650f4d20204610aaf075ff8f6494c6.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
none
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP='UNI CUR OUR'
alt-svc
h3=":443"; ma=86400
content-length
5
x-xss-protection
0
x-request-id
9f47630c-a796-40ba-86f9-4971332155d0
x-runtime
0.037162
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
etag
W/"69ae0cb0ec9cfb72deb6c3f0b6b17877"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
no-cache
x-amz-cf-id
qKaROfKUMVHATWrNvkHKhwrbDu4vBbvTIKlrP9OC6P39ulOFcjLp3Q==
vcid
dalc.valuecommerce.com/ 		115 B
609 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dalc.valuecommerce.com/vcid?_s=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA
Requested by
Host: vpj.valuecommerce.com
URL: https://vpj.valuecommerce.com/vcparam_pvd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
210-140-225-92.newton.jp-east.compute.idcfcloud.net
Software
nginx /
Resource Hash
4b1643ea3ddba1ba4379aabf0ea497118f1df17b2a65564565d52b8ce665a4a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:28 GMT
x-content-type-options
nosniff
server
nginx
front-end-https
on
p3p
CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8;
cache-control
private, max-age=0, no-cache
content-length
115
bf.png
a.imgvc.com/i/ 		107 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.imgvc.com/i/bf.png?v=1
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.178.139.157 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-139-157.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e8c5a5ef76b2d07d2155a6aca64c8710690c5b88b944ad6cd3d2feff554f7458

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Origin
https://fortune-girl.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
last-modified
Wed, 09 May 2018 15:00:00 GMT
server
nginx
front-end-https
on
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=63072000, private
content-length
107
expires
Tue, 09 Jun 2026 23:28:27 GMT
destination
www.googletagmanager.com/gtag/ 		225 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-480979840&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4JZT33
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
78b8b0d9678f63661f235ec74692bdc4c145ec8dbe3f5e4b09d837651e868e03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83171
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 09 Jun 2024 23:28:27 GMT
ytag.js
s.yimg.jp/images/listing/tool/cv/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4JZT33
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.25.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

ats-carp-promotion
1
date
Sun, 09 Jun 2024 23:21:40 GMT
content-encoding
gzip
last-modified
Tue, 21 May 2024 02:06:25 GMT
server
nghttpx
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
407
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-z-chihaya
r=1
x-ntap-sg-trace-id
1eea3e6f251c3028
cache-control
public, max-age=600
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
10672
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.28.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-28-191.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
aLHCm1toaevjRzyK9ZlkfyErvpEL9I2
strict-transport-security
max-age=15768000
content-encoding
gzip
date
Sun, 09 Jun 2024 23:28:27 GMT
x-amz-request-id
tx0000006918b62e065fa5b-00651a6066-13dd9984-jp2
content-length
9865
x-amz-expiration
expiry-date="Sat, 02 Dec 2023 00:00:00 GMT", rule-id="bucket_lifecycle"
last-modified
Mon, 02 Oct 2023 06:16:39 GMT
server
VOS
etag
"02e4691c0dcc2f7ecef2712fb0f24921"
vary
Accept-Encoding
content-type
application/javascript
x-rgw-object-type
Normal
cache-control
max-age=1903245
accept-ranges
bytes
expires
Tue, 02 Jul 2024 00:09:12 GMT
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/ Frame 568E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20240605/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9961086187805206&plah=fortune-girl.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fortune-girl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
18096
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4165
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Jun 2024 18:26:51 GMT
etag
3711839061170457607
expires
Sun, 23 Jun 2024 18:26:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-default%20navbar-top%20nav_def&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 23:28:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/pagead/ Frame DA29 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ads?ltd_cs=1&client=ca-pub-9961086187805206&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1717975707&plat=2%3A16777216%2C8%3A4194304%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x540_l%7C236x540_r&format=0x0&url=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&pra=5&wgl=1&easpi=1&aihb=0&asro=0&ailel=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=30~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=30_5~27_15~29_11&aiixl=30_6~27_3~29_5&aifgd=1&aipaq=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNS4wLjY0MjIuMTQxIixudWxsLDAsbnVsbCwiNjQiLFtbIkdvb2dsZSBDaHJvbWUiLCIxMjUuMC42NDIyLjE0MSJdLFsiQ2hyb21pdW0iLCIxMjUuMC42NDIyLjE0MSJdLFsiTm90LkEvQnJhbmQiLCIyNC4wLjAuMCJdXSwwXQ..&dt=1717975706989&bpp=83&bdt=1627&idt=228&shv=r20240605&mjsv=m202406030101&ptt=9&saldr=aa&abxe=1&eoidce=1&nras=1&correlator=7637062426028&frm=20&pv=2&ga_vid=776620906.1717975707&ga_sid=1717975707&ga_hid=951019558&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31084257%2C31084348%2C44795922%2C95331696%2C95334510%2C95334525%2C95334572%2C95335249%2C95334052%2C95334160%2C21065724%2C31078668&oid=2&pvsid=2671331582832699&tmod=975829307&uas=0&nvt=1&fsapi=1&fc=1920&brdim=400%2C400%2C400%2C400%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&nt=1&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9961086187805206&plah=fortune-girl.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fortune-girl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Jun 2024 23:28:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		4 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=951019558&t=pageview&_s=1&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&ul=de-de&de=UTF-8&dt=%E3%81%B5%E3%81%89%E3%83%BC%E3%81%A1%E3%82%85%E3%82%93(FORTUNE)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=627697616&gjid=62853351&cid=776620906.1717975707&tid=UA-76440240-1&_gid=1439928700.1717975707&_r=1&_slc=1&z=453344978
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 23:28:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune-girl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
154781024939444
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/154781024939444?v=2.9.157&r=stable&domain=fortune-girl.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d2116b6faaafcae54b8cd9b19552df48f184f11dfd6a42e9e9b5a8365bfff88
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 23:28:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11903
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1297, tbw=63521, tp=-1, tpl=-1, uplat=5, ullat=-1
pragma
public
x-fb-debug
oOCWqi4zDkEXetux59tgjt6XzAi1qd5pE3cyKVLJ9Ct27A61/nlBp5duO/gaJ7S4ZyCHubZihTzI/MxzzTJ0gw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-76440240-1&cid=776620906.1717975707&jid=627697616&gjid=62853351&_gid=1439928700.1717975707&_u=IADAAEAAAAAAACAAI~&z=1928827815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 09 Jun 2024 23:28:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune-girl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
761030281296891
connect.facebook.net/signals/config/ 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/761030281296891?v=2.9.157&r=stable&domain=fortune-girl.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
e8eebfcdc354eabf6082baf95b6364f3c20c2f71e22dbe723e4fe026e1fc23d0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 23:28:27 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2827
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4335, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
80yOGuDgCsqhRpdmX3lb7oImc+8o2Fm9FzSvxZDK7mJItVB38JUFQpvcrTCTEKcrbzPDMrg7HgdgK6Y/7cXsPw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=154781024939444&ev=PageView&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rl=&if=false&ts=1717975707362&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717975707362.647250522905428048&ler=empty&cdl=API_unavailable&it=1717975707304&coo=false&rqm=GET
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2862, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Jun 2024 23:28:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=154781024939444&ev=PageView&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rl=&if=false&ts=1717975707362&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717975707362.647250522905428048&ler=empty&cdl=API_unavailable&it=1717975707304&coo=false&rqm=FGET
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa6418bd3339c6749","source_keys":["1","2"]},{"key_piece":"0xa966817eac69d148","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 09 Jun 2024 23:28:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=18, mss=1297, tbw=6979, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
u63KL9j6lL+uQ785UKSDkLNn/0jdSIOu/dMvodYC6FNsQ8JonsiBgrQybes7cwTmesjBCPDKLSJrz2kaTSia9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.gif
tr.line.me/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.line.me/tag.gif?b_id=66337770-5154-4cee-b376-ac4a1c30a62f&b_u=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&b_d=fortune-girl.com&b_p=%2Fskincare%2FBkEGA&b_t=%E3%81%B5%E3%81%89%E3%83%BC%E3%81%A1%E3%82%85%E3%82%93(FORTUNE)&c_t=lap&t_id=ddbefe08-0dcc-43e2-8e03-284a2240e272&s_id=6a7d3f65-70507fd9&x4=100&e=pv&v=3.4.1&_t=1717975707375
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 09 Jun 2024 23:28:28 GMT
Cache-Control
private, no-store, no-cache, must-revalidate
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=761030281296891&ev=PageView&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rl=&if=false&ts=1717975707420&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717975707362.647250522905428048&ler=empty&cdl=API_unavailable&it=1717975707304&coo=false&rqm=GET
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=3149, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Jun 2024 23:28:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=761030281296891&ev=PageView&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rl=&if=false&ts=1717975707420&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717975707362.647250522905428048&ler=empty&cdl=API_unavailable&it=1717975707304&coo=false&rqm=FGET
Requested by
Host: fortune-girl.com
URL: https://fortune-girl.com/skincare/BkEGA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x4b30950801f267c7","source_keys":["1","2"]},{"key_piece":"0x6bfa9372d278db9f","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 09 Jun 2024 23:28:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=18, mss=1297, tbw=3305, tp=-1, tpl=-1, uplat=166, ullat=0
pragma
no-cache
x-fb-debug
f/fbv57yNumEEJ7SJH2qY3fU3U5LivJYKL91KA6xbRPFUfkUpiRGTIjMOoD4cP1KHEvlKgESTx0Acm7bxCmzuQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
beacon
8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com/ 		28 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com/beacon
Requested by
Host: b.clipkit.co
URL: https://b.clipkit.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.180.151.200 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-151-200.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
10f733259f56a9a54dfaacc9cace765c53c3e0d618f7af96e738d54864b3d78f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 09 Jun 2024 23:28:28 GMT
content-length
28
apigw-requestid
ZH4YghhbtjMEPOg=
content-type
text/plain; charset=utf-8
/
am.yahoo.co.jp/rt/ 		0
0
app3
dalc.valuecommerce.com/ 		0
492 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dalc.valuecommerce.com/app3?p=884894881&_s=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&vf=iVBORw0KGgoAAAANSUhEUgAAAAMAAAADCAYAAABWKLW%2FAAAAAXNSR0IArs4c6QAAADBJREFUGFdjZBRj%2BJ8aYMVgOusyA%2BPq%2FoD%2FIRWiDNzNCxgYd3N1%2Fffbyccw3zaDAQD3Egzq4NIo%2FgAAAABJRU5ErkJggg%3D%3D
Requested by
Host: aml.valuecommerce.com
URL: https://aml.valuecommerce.com/vcdal.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.140.225.92 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
210-140-225-92.newton.jp-east.compute.idcfcloud.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:28 GMT
x-content-type-options
nosniff
server
nginx
front-end-https
on
p3p
CP="ALL DSP COR CURa OUR BUS"
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8;
cache-control
private, max-age=0, no-cache
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240605&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9961086187805206&plah=fortune-girl.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2c60efa2b58c13cdb7a2347b96af75dc7d7ad1b8a16beb64ca5ab4567c5f18c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12509
x-xss-protection
0
b286ff5e-9433-460f-8921-96b08d042468.png
cdn.clipkit.co/tenants/815/sites/favicons/000/000/001/square/ 		706 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.clipkit.co/tenants/815/sites/favicons/000/000/001/square/b286ff5e-9433-460f-8921-96b08d042468.png?1523327641
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12e9ad342de1ecf70036da48eaee2b2b10d32f5370bf8cff45b1ee3e0601838b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:29 GMT
via
1.1 19c0293f28acaafabb2252122e891b20.cloudfront.net (CloudFront)
x-amz-version-id
o8rXgKsZSX7QdVj5lGeQuYLWER.Rb4Ve
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
VIE50-P2
age
118028
cf-polished
origFmt=png, origSize=1462
x-cache
Miss from cloudfront
content-disposition
inline; filename="b286ff5e-9433-460f-8921-96b08d042468.webp"
alt-svc
h3=":443"; ma=86400
content-length
706
cf-bgj
imgq:85,h2pri
last-modified
Sat, 15 Feb 2020 16:20:12 GMT
server
cloudflare
etag
"d6ae4c123fe9b0d4626412b0e8eb4dbb"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIfnkUhEjgzYu3YyHyHxrp7jq54IcBGbt%2B%2FEcSmRGydsg9J3Iwf7Anm3xSMKBOixglpL4MmP%2BdxaNYNXigTi0ZXIOHP8%2FYfl%2FgzjxHwNgCzRxKcCuK2obczH2iaju3ZU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=31557600
accept-ranges
bytes
cf-ray
8914e5f5eb1890e0-FRA
x-amz-cf-id
KGJTtq_A4mbGF0JCJDnik3z2WOUsj2zZ_ArA2Hq-r6_zUD_pPfZ0Dw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9961086187805206&plah=fortune-girl.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 23:28:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Jun 2024 23:28:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5FF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fortune-girl.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
6919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Jun 2024 21:33:10 GMT
expires
Mon, 09 Jun 2025 21:33:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
trends.min.js
assets.trendemon.com/tag/
Redirect Chain
  • https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1871&uid=1890&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
  • https://assets.trendemon.com/scripts/1890/main.js?ts=638534880000000000
  • https://assets.trendemon.com/tag/trends.min.js
291 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.trendemon.com/tag/trends.min.js
Protocol
H2
Server
2600:9000:223c:1600:2:7dc7:8f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4fa240d2b87d4d2f4e714a6eb95fdd173bc33787301c558bee07e0744a10df22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://fortune-girl.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sat, 08 Jun 2024 23:40:05 GMT
content-encoding
gzip
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
last-modified
Wed, 05 Jun 2024 09:21:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
85706
etag
"1a8e2d56ff84b74b8e6508f249fb9747"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
59602
x-amz-cf-id
CUdsNAR_1MREiNxIebp9eOjb3brUNzFHsPspxR8rVwz6s6Hhb0-qBA==

Redirect headers

date
Sun, 09 Jun 2024 23:28:30 GMT
via
1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P2
x-cache
FunctionGeneratedResponse from cloudfront
location
/tag/trends.min.js
content-length
0
x-amz-cf-id
QHNoU7CHPZcV6_Nm6ha_PncGb1ZMj-mYE_8NaWCsrIgcL9ix1Bwe-w==
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
1890
trackingapi.trendemon.com/api/settings/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trackingapi.trendemon.com/api/settings/1890?callback=jsonp268919&vid=
Requested by
Host: prod.trendemon.com
URL: https://prod.trendemon.com/apis/loadflame/mainflamejs?aid=1871&uid=1890&baseurl=https%3A%2F%2Fprod.trendemon.com%2F&appid=208770359181748
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.92.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-89-92-78.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
f75f24758a7f315b11215592c08704776f68634dd9ec6ae59341e17c8ac6ee4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 23:28:30 GMT
cache-control
no-store,no-cache
server
Kestrel
content-length
1528
content-type
application/x-javascript; charset=UTF-8
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-EWZY3XYP9B&gtm=45je4650v875828015za200&_p=1717975705373&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=776620906.1717975707&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1717975706&sct=1&seg=0&dl=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&dt=%E3%81%B5%E3%81%89%E3%83%BC%E3%81%A1%E3%82%85%E3%82%93(FORTUNE)&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7564
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EWZY3XYP9B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fortune-girl.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 09 Jun 2024 23:28:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fortune-girl.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
am.yahoo.co.jp
URL
https://am.yahoo.co.jp/rt/?p=8FMYRFUKS5&label=&ref=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rref=&pt=&item=&cat=&price=&quantity=&r=1717975708.146367&pvid=vjtxbqmf6fllx86do5e&__lt__cid_valid=true&_impl=ytag&brands=%22Google%20Chrome%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Chromium%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Not.A%2FBrand%22%3B%20v%3D%2224.0.0.0%22&platform=%22Win32%22&platform_version=%2210.0.0%22
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240605&jk=2671331582832699&bg=!MzClMH_NAAb64txl2uI7ADQBe5WfOKLDVwYTWZn5ugtjY0qYq6j3V4eZEa6tBlkQjBCLJMhOi96x6ZKIpvQiQoG3W0OMAgAAACNSAAAAAmgBB34ANbIZruJl2VyMgk2i6AUEGJNXtq_0dGOC70WqVrsjxlQ91sZmD9b4_McIiMrRY2QSGDyRObOiCgCZV0lQJQRoC-h4EKza0IbxHZ_WqK3x9IKjqylEntWFknoTYEwTvlXlt0k4puK6kQYrZ92kHPKxaWuY7a55WTm0R3OLs5_lYKTJz124D1AYlS2jo2lueYwc2z1XrBZ23Kylod4GE3KZ86cYgvfY5OTQWLAPSHTTC61-8sMBkADUGiNnBggHeclDl2gUzuJ8q6xFeIvD11HVOqp4mQKmR-EPcckcHwIa0CnzQ_QW10dE9QXsg6osKKEwazCDBcl1NVM_b-iB9NSuxowblikMFnJpcYDLmDNyMvApDQFvyDgrSL8lRdkOFuOXpRODAzED2Lt-mxkJAC6bsmYTyzCC6v8qdP9Orw7pEcDCDIOQ08UoOUtU1U6I2-w7dXNmKKSU8csOgutEQcpXJYtAnIf1k10mMiA4qh4rcU6TsVRW7lCum0iipKpcfWwK64WfDvESv3jBUcMdQEGVTLq87JSH3yqxHb9NgoIZwyGHUWn8867S8jdooSVxk_-S6PfUdOYVhrIfQVNgx9y0mH2cLbsxlqm4fwakxNHUj-W9WKbXlDm6K2Gy2XMSjd6LN1vxjDDe8lG8rTY9pwh_ANcfjPGsGGnMAMBowBx_MRz3bhiA6zGIz4fRvS9rgmn71ElbbB9BzzAYLKXbX9USCjYw4eDhkvXm_ER1oA-kdfdeEbwS_vrc-yMYe5cBSs6b7z_pjdeyIGsl3BUb74Wx6jEOXzv6JEfncFLbIDyAkvvw6PH1gShcDGNUv05lTyQk-hYJbS6s4MtDkIimqEsmKMDEdfxtBRnjmpvxHa3Wl_NI1tq7754FfAfI2XVDoT7wqevqRtBUYYPCYgpWDk8s1G2OsgZQUD8NwHYTWAXQ2CnuTIPYgyWvBgiGR0QdKr3Or1r14a_8gZJOcUNX8Nc6vn3FjorBMiw8OYgFke6YEEQqXw81y4aXo0yMCDj6KXByQbKdyljx0w-_gg8qICa1c2N-aGSKtKaagpw-2MjfIqRePWOrarwu_LgRwNcpYi5RDOcmXlSDkFLRVueQhDSsoG740SxpUEYxiev70ygA4bQe0vmAkrIWOKzY0Y_OjL0rOCzb1K3hexlSEL8EvAPuXfTupWinyCc07k6r

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag string| JsDomain string| param string| vc_pid function| fbq function| _fbq object| $jscomp function| VcParamProvider function| vc_id_callback object| vppObj undefined| CheckReadyState function| vppDynamicProcess object| vc_parallel_bcookie object| vc_pti_ckls number| vc_pti_ad_count function| VcParallel function| getParamsFromQueryString function| vc_pti_callback object| vcparallelObj boolean| enable_link_convert_flag object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint object| I18n function| $ function| jQuery string| routing_root_path string| site_name function| google_spfd number| google_unique_id object| google_sv_map function| rebasashi function| VcDal function| vc_dal_callback function| vc_linkswitch_callback object| vcdalObj function| dalDynamicProcess function| myLinkBoxDal function| _indexOf function| getPid function| vc_mlb_callback object| mlbObj object| vcpr_param function| VcPr object| vcprObj function| closeMessage object| jQuery1124015625917724977523 function| Cookies function| ClipboardJS object| mylinkbox object| mylinkbox_pid function| postscribe object| google_tag_manager_external object| _ltq function| _lt function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| _ltc object| yjDataLayer object| ytagapi function| ytag object| yahoo_retargeting_sent_urls_counter string| yahoo_retargeting_pv_id object| GoogleGcLKhOms function| $Trd_Base64 function| $Trd_i18n function| __awaiter function| __generator function| $Trd_Utils function| $Trd_Tools function| RecordsService function| __extends function| $Trd_UserPageHistory_Cook object| enRenderModes object| $Trd_InternalEventsTypes object| $Trd_TriggersEventsTypes function| mapBackendTriggers function| $Trd_Context function| $Trd_EnvironmentSettings function| $Trd_ClientCookie function| $Trd_CtaClientCookie function| $Trd_ButtonSelector object| Frequency object| UnitVisibiltyType object| UnitTypeId object| AceVariantType object| AceElementAction object| AceElementAddPosition object| AceElementAddType object| ElementReplaceType object| AceImageReplaceMode object| AceImageObjectFit object| CssSizeUnits object| AceTextAlign object| AcePosition object| AceElementDisplay object| AceBackgroundImageFit object| StreamContentType object| StreamContentDesktopPosition object| StreamContentThumbnailType object| StreamLayoutAutoLoadTrigger function| $Trd_Logger object| COOKIE_NAMES function| $Trd_Visitor string| LOCAL_STORAGE_ITEM_NAME function| $Trd_FormListener function| $Trd_UrlGrabber function| $Trd_Events function| $Trd_Pageview string| $TRD_MA_COOKIE_NAME object| $TRD_MA_COOKIE_NAME_MAP function| $Trd_MarketingAutomation function| $TRD_CtaComponent function| $TRD_CtaContentComponent function| $TRD_GenericLayoutComponent function| $TRD_FormLayoutComponent function| $TRD_RecommendationLayoutComponent function| $TRD_RecommendCarouselLayoutComponent function| $TRD_GenericScriptComponent function| $TRD_FastTextLayoutComponent function| __assign function| __spreadArray function| $Trd_StreamManager function| $TRD_SurveyLayoutComponent number| COOLOFF_DAYS_AFTER_CLOSE number| COOLOFF_MS_AFTER_CLOSE function| $Trd_ExperienceManager function| $TRD_ClientAppFactory function| $TRD_ClientApp function| $TRD_ClientAppDrift function| $TRD_ClientAppSixSense object| trdContext string| src function| $Trd_AceManager string| TRD_HIDER_STYLE_ID function| $Trd_NApi object| TrendemonContext object| $trd_Context object| trd_api

11 Cookies

Domain/Path Name / Value
.fortune-girl.com/ Name: _ga_EWZY3XYP9B
Value: GS1.1.1717975706.1.0.1717975706.0.0.0
.fortune-girl.com/ Name: _ga
Value: GA1.2.776620906.1717975707
.fortune-girl.com/ Name: _gid
Value: GA1.2.1439928700.1717975707
.fortune-girl.com/ Name: _gat
Value: 1
.fortune-girl.com/ Name: _fbp
Value: fb.1.1717975707362.647250522905428048
.fortune-girl.com/ Name: __lt__cid
Value: 66337770-5154-4cee-b376-ac4a1c30a62f
.fortune-girl.com/ Name: __lt__sid
Value: 6a7d3f65-70507fd9
fortune-girl.com/ Name: _clipkit_session_id
Value: abe47b01eb610eb8d61be9c8d627e51b
.fortune-girl.com/ Name: _yjsu_yjad
Value: 1717975708.71adeabb-d989-42f3-9777-c83f9a4ba422
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGZmOpyOJSUO4AicAg==
.valuecommerce.com/ Name: VCB
Value: ZmY6nAAOSo5Q_wdlwKhvIcCob2QKvw&c=9c3a6666&v=2&s=450d13fe

6 Console Messages

Source Level URL
Text
network error URL: https://fortune-girl.com/skincare/BkEGA
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://fortune-girl.com/skincare/BkEGA
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fortune-girl.com/skincare/BkEGA
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://fortune-girl.com/skincare/BkEGA
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://fortune-girl.com/skincare/BkEGA
Message:
Access to fetch at 'https://am.yahoo.co.jp/rt/?p=8FMYRFUKS5&label=&ref=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rref=&pt=&item=&cat=&price=&quantity=&r=1717975708.146367&pvid=vjtxbqmf6fllx86do5e&__lt__cid_valid=true&_impl=ytag&brands=%22Google%20Chrome%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Chromium%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Not.A%2FBrand%22%3B%20v%3D%2224.0.0.0%22&platform=%22Win32%22&platform_version=%2210.0.0%22' from origin 'https://fortune-girl.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://am.yahoo.co.jp/rt/?p=8FMYRFUKS5&label=&ref=https%3A%2F%2Ffortune-girl.com%2Fskincare%2FBkEGA&rref=&pt=&item=&cat=&price=&quantity=&r=1717975708.146367&pvid=vjtxbqmf6fllx86do5e&__lt__cid_valid=true&_impl=ytag&brands=%22Google%20Chrome%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Chromium%22%3B%20v%3D%22125.0.6422.141%22%2C%20%22Not.A%2FBrand%22%3B%20v%3D%2224.0.0.0%22&platform=%22Win32%22&platform_version=%2210.0.0%22
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8n3tgod6p4.execute-api.ap-northeast-1.amazonaws.com
a.imgvc.com
am.yahoo.co.jp
aml.valuecommerce.com
assets.trendemon.com
b.clipkit.co
cdn.clipkit.co
connect.facebook.net
d.line-scdn.net
dalc.valuecommerce.com
fortune-girl.com
kitchen.juicer.cc
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
prod.trendemon.com
region1.google-analytics.com
s.yimg.jp
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.line.me
trackingapi.trendemon.com
vpj.valuecommerce.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
am.yahoo.co.jp
pagead2.googlesyndication.com
104.18.10.207
13.32.110.75
142.250.185.72
142.250.186.66
147.92.191.92
157.240.0.6
172.67.74.86
18.180.151.200
18.244.18.50
182.22.25.252
2001:4860:4802:32::36
210.140.225.92
2600:9000:214f:2800:10:6a1d:3480:93a1
2600:9000:223c:1600:2:7dc7:8f00:93a1
2600:9000:2359:4c00:18:82c:9d80:93a1
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c0d::9d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
54.178.139.157
54.89.92.78
72.246.28.191
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
063f7fdcb13fef2f1d77f24bff5cc15d0972b71b829f2aa2d738ab77d1c4e63a
10f733259f56a9a54dfaacc9cace765c53c3e0d618f7af96e738d54864b3d78f
12e9ad342de1ecf70036da48eaee2b2b10d32f5370bf8cff45b1ee3e0601838b
19e576af6f77a998ac7063e57434c25809d194ed3f9f75eba859adc6dbca4565
21bafa2eb14c0bd051ce801420758a47ebe5d82132d8aa2c51b50e7962d5e289
21da0e1dfded75ddd84b804ef023700a8a348f8fd353e83218b7459dc1b8f8c3
2c60efa2b58c13cdb7a2347b96af75dc7d7ad1b8a16beb64ca5ab4567c5f18c2
38553993e1974e05266c49dfc8b97b98ef70dfe7e536497942b47697eb0bff02
399a662d8d1b4c4ae819b7b72a2e4babebfec8d44a800d9700ebe25dbcc848f3
411155afe0b111cb5e98dbaf6b85343c3933aa17df59141751410316acda54e6
4b1643ea3ddba1ba4379aabf0ea497118f1df17b2a65564565d52b8ce665a4a3
4d2116b6faaafcae54b8cd9b19552df48f184f11dfd6a42e9e9b5a8365bfff88
4fa240d2b87d4d2f4e714a6eb95fdd173bc33787301c558bee07e0744a10df22
5b9b9f79536eb1436774083a668791228f9280ec064cb2db9efcc10fc7262935
5dfe339688a05f6e795affb13b1b77449d1ba559a9fd259b559c6ff93656e8c6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68a91b7141d1b6cc50fbfb03e441393c82fc995fb338712e85f8b2ac9a44d423
69ae0cb0ec9cfb72deb6c3f0b6b17877401b217d4438a5721d2aed2eced0fb27
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78b8b0d9678f63661f235ec74692bdc4c145ec8dbe3f5e4b09d837651e868e03
794dd6d097e8841d54821215e1f9c00052d6e1d3907ac16cc728e32f75077d3f
7bde291ff0953e501f5e5f60de8cd8fdee0d8c8e8fac53e2ff8bc76cedfc103e
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7eff08f5d13187f8652dbd7d53c7f16259ede00aafd5c1a6388b73f1e6376688
81b852201bbd1da8c2cea6ce10975313f871c0feda3748d14edd784c9e0436a7
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
8f3d664683a4a889bc7a2999979765b1e1ab7eea69c13cdf95c6864e55a3b0e3
96b664aa8a26589b378a98204f26c202479c3dbbb224f71a0fe99460c68df5f6
a7d8d7e5d218087e0274c332eed11c85a95bae520c40d2ff1a2231fb65cbb232
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b29a1ef870f196333797ebd3692a6ce4b2d5cc1693166b0cc44625a4848e39eb
b3ad9793bfd4744d1d510c7a65dd8abd3c49d60bc67c2d79bbfcea4fc85c77a2
b5a034ead112699878b523b7cd97438c7799f6392fc5378749d5c8a69166fa9c
bb5ed097f3e07c53a692ec6acea2576e202ae88563a6ec3f6775f84137227f8e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc770c236df62750c1c8b0ed671e4688b35453eea0cdde0c507f1678a95f7c9
d504f72375bcfb65fbf8dbf79ad313aa21df0953bb1efef82695708ba70922b1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c5a5ef76b2d07d2155a6aca64c8710690c5b88b944ad6cd3d2feff554f7458
e8eebfcdc354eabf6082baf95b6364f3c20c2f71e22dbe723e4fe026e1fc23d0
efcd5d4d2a01e16db7d583ed0643dcb0957d59067baf6d58b71e67642608fad1
f3f897c41615adc9cc01b9a07e7d3189d3d4b6f5f9ef7dcecabb090bdbcea1a2
f75f24758a7f315b11215592c08704776f68634dd9ec6ae59341e17c8ac6ee4e