Submitted URL: http://thefortunefavor.com/
Effective URL: https://thefortunefavor.com/
Submission: On May 23 via api from AU — Scanned from AU

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 51 HTTP transactions. The main IP is 51.81.201.141, located in Hillsboro, United States and belongs to OVH, FR. The main domain is thefortunefavor.com.
TLS certificate: Issued by R3 on May 21st 2024. Valid for: 3 months.
This is the only time thefortunefavor.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37 51.81.201.141 16276 (OVH)
1 172.67.186.159 13335 (CLOUDFLAR...)
1 142.250.204.10 15169 (GOOGLE)
4 9 93.158.134.119 13238 (YANDEX)
2 193.163.7.113 204601 (ON-LINE-D...)
1 45.150.67.235 44477 (STARK-IND...)
1 142.251.221.67 15169 (GOOGLE)
1 172.67.209.227 13335 (CLOUDFLAR...)
2 172.67.185.53 13335 (CLOUDFLAR...)
51 10
Apex Domain
Subdomains
Transfer
37 thefortunefavor.com
thefortunefavor.com
788 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9603
4 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4550
74 KB
2 restartyourchoices.com
jquery.restartyourchoices.com — Cisco Umbrella Rank: 401052
done.restartyourchoices.com — Cisco Umbrella Rank: 658504
6 KB
2 bestresulttostart.com
bind.bestresulttostart.com — Cisco Umbrella Rank: 192146
9 KB
1 cdntoswitchspirit.com
js.cdntoswitchspirit.com — Cisco Umbrella Rank: 312765
16 KB
1 gstatic.com
fonts.gstatic.com
28 KB
1 startservicefounds.com
api.startservicefounds.com — Cisco Umbrella Rank: 238218
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
1 cloudswiftcdn.com
cache.cloudswiftcdn.com — Cisco Umbrella Rank: 562379
1 KB
51 10
Domain Requested by
37 thefortunefavor.com 1 redirects thefortunefavor.com
5 mc.yandex.com 2 redirects thefortunefavor.com
4 mc.yandex.ru 2 redirects cache.cloudswiftcdn.com
thefortunefavor.com
2 bind.bestresulttostart.com thefortunefavor.com
1 done.restartyourchoices.com jquery.restartyourchoices.com
1 jquery.restartyourchoices.com js.cdntoswitchspirit.com
1 js.cdntoswitchspirit.com api.startservicefounds.com
1 fonts.gstatic.com fonts.googleapis.com
1 api.startservicefounds.com thefortunefavor.com
1 fonts.googleapis.com thefortunefavor.com
1 cache.cloudswiftcdn.com thefortunefavor.com
51 11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
Subject Issuer Validity Valid
www.thefortunefavor.com
R3
2024-05-21 -
2024-08-19
3 months crt.sh
cloudswiftcdn.com
GTS CA 1P5
2024-05-05 -
2024-08-03
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018
2023-12-26 -
2024-06-05
5 months crt.sh
bestresulttostart.com
R3
2024-04-08 -
2024-07-07
3 months crt.sh
api.startservicefounds.com
R3
2024-04-26 -
2024-07-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
cdntoswitchspirit.com
E1
2024-04-29 -
2024-07-28
3 months crt.sh
restartyourchoices.com
E1
2024-05-02 -
2024-07-31
3 months crt.sh

This page contains 1 frames:

Primary Page: https://thefortunefavor.com/
Frame ID: 1056EEB537FDBAEC9F6D216736F45561
Requests: 51 HTTP requests in this frame

Screenshot

Page Title

The Fortune Favor – Investing and Stock News

Page URL History Show full URLs

  1. http://thefortunefavor.com/ HTTP 307
    https://thefortunefavor.com/ HTTP 307
    http://thefortunefavor.com/ HTTP 301
    https://thefortunefavor.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

51
Requests

92 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

4
Countries

930 kB
Transfer

2504 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thefortunefavor.com/ HTTP 307
    https://thefortunefavor.com/ HTTP 307
    http://thefortunefavor.com/ HTTP 301
    https://thefortunefavor.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://mc.yandex.ru/watch/96299872 HTTP 302
  • https://mc.yandex.ru/watch/96299872/1?redirnss=1
Request Chain 33
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10378.T1exB1bqb7IT56lyp1Yhnjt2NxefmvsBxg3cwviHa50bIRJowvURD-W7IGSpQxE7.r7mC7XrKlP2IYjMLIuL7gRvipUI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10378.Hrf7qtr9OXNaa5t9JaxpMrqqidohyx77xiO1WoqwGhal4Ef_v8U9sRqCRWZ4Hzyi1Z0O4WRbX5CahgV6Wt_xaHJ1_68lFeNm74v3dFQMcQgfF0LdlPSM8EY09jp95ioQgyzKAg3BQGRydqjboAnWb3-jamTBSgcrfdVhf4mfGldltHGKmIMwdiPBt9Ynzz8NmXj6g9RYwTWODKBs71a8kAwmao-htMk-GFYLYyUpHwY%2C.olbHF8OJIed6Kao7RGul8NNwzyI%2C
Request Chain 36
  • https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22125%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A125.0.6422.76%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22125.0.6422.76%22%2C%22Chromium%22%3Bv%3D%22125.0.6422.76%22%2C%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbpzx3l1styalxkrdy3ffr2z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-AU%3Av%3A1340%3Acn%3A1%3Adp%3A0%3Als%3A1112613004637%3Ahid%3A395230858%3Az%3A480%3Ai%3A20240524072053%3Aet%3A1716506453%3Ac%3A1%3Arn%3A955965836%3Arqn%3A1%3Au%3A1716506453395656290%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9443%3Awv%3A2%3Ads%3A0%2C2563%2C1608%2C160%2C3179%2C0%2C%2C2935%2C1%2C%2C%2C%2C10445%3Aco%3A0%3Acpf%3A1%3Ans%3A1716506442116%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716506455%3At%3AThe%20Fortune%20Favor%20%E2%80%93%20Investing%20and%20Stock%20News&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21037572)ti(1) HTTP 302
  • https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22125%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A125.0.6422.76%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22125.0.6422.76%22%2C%22Chromium%22%3Bv%3D%22125.0.6422.76%22%2C%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbpzx3l1styalxkrdy3ffr2z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-AU%3Av%3A1340%3Acn%3A1%3Adp%3A0%3Als%3A1112613004637%3Ahid%3A395230858%3Az%3A480%3Ai%3A20240524072053%3Aet%3A1716506453%3Ac%3A1%3Arn%3A955965836%3Arqn%3A1%3Au%3A1716506453395656290%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9443%3Awv%3A2%3Ads%3A0%2C2563%2C1608%2C160%2C3179%2C0%2C%2C2935%2C1%2C%2C%2C%2C10445%3Aco%3A0%3Acpf%3A1%3Ans%3A1716506442116%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716506455%3At%3AThe%20Fortune%20Favor%20%E2%80%93%20Investing%20and%20Stock%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29

51 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
thefortunefavor.com/
Redirect Chain
  • http://thefortunefavor.com/
  • https://thefortunefavor.com/
  • http://thefortunefavor.com/
  • https://thefortunefavor.com/
120 KB
25 KB
Document
General
Full URL
https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
845ee9c64736e369d516ef3d3aa054d6011d72d45e6570d0ec1bca63ac87567e

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
25145
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 May 2024 23:20:47 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Vary
Accept-Encoding,User-Agent

Redirect headers

Connection
Keep-Alive
Content-Length
236
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 23 May 2024 23:20:45 GMT
Keep-Alive
timeout=5, max=100
Location
https://thefortunefavor.com/
Server
Apache
/
cache.cloudswiftcdn.com/
1 KB
1 KB
Script
General
Full URL
https://cache.cloudswiftcdn.com/
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.186.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jG7Dn4XyYSS4kMfIB%2BlzEFTtKNq7nA3%2FpMVM0wpfIXs%2B4%2BXONpH6Bm9AYkvpOmw6t1rR2DzKtSi8deoYUqejUejZEIdCX7lY8rfOixys562DRaa9mSpBxLfys2T0dmZNMWnr61CBBAxgFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cf-ray
8888c75d6a09dfb9-SYD
alt-svc
h3=":443"; ma=86400
style.min.css
thefortunefavor.com/wp-includes/css/dist/block-library/
111 KB
15 KB
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2024 08:49:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
14991
cs-remove-version-number-from-css-js-public.css
thefortunefavor.com/wp-content/plugins/cs-remove-version-number-from-css-js/public/css/
98 B
404 B
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/plugins/cs-remove-version-number-from-css-js/public/css/cs-remove-version-number-from-css-js-public.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:37:50 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
106
css
fonts.googleapis.com/
63 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7COswald%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
ESF /
Resource Hash
350a497a09b38aa49aa8af4e429641d09f0910ff1c420fee99757b3719fb882c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 May 2024 23:20:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 May 2024 23:20:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 May 2024 23:20:49 GMT
main.css
thefortunefavor.com/wp-content/themes/soledad/
797 KB
100 KB
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/main.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
b76ea70b21511dc3f590a762d9542426f9792bf5d3e50ac10c8b8d25d5bbb09a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
font-awesome.4.7.0.swap.min.css
thefortunefavor.com/wp-content/themes/soledad/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
7070
weather-icon.swap.css
thefortunefavor.com/wp-content/themes/soledad/css/
1 KB
769 B
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/css/weather-icon.swap.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
2ab07a1e0cc7ae9a58af3aec47b945353d1fca8f4f5c1816416c82dfa1cf543b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
471
penci-icon.css
thefortunefavor.com/wp-content/themes/soledad/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/css/penci-icon.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
6ec085016ccde0baf74503229d9f4ba44dd6dba50941274789ce7f5e52b75b51

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1216
style.css
thefortunefavor.com/wp-content/themes/soledad/
712 B
723 B
Stylesheet
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/style.css
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
323649208b05bbef8b8ae4f36a831272b342b05f0112d41a0f3fd6d33fb9939e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
425
jquery.min.js
thefortunefavor.com/wp-includes/js/jquery/
86 KB
30 KB
Script
General
Full URL
https://thefortunefavor.com/wp-includes/js/jquery/jquery.min.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Nov 2023 17:01:47 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
30368
jquery-migrate.min.js
thefortunefavor.com/wp-includes/js/jquery/
14 KB
5 KB
Script
General
Full URL
https://thefortunefavor.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
47dece01ed661572ab893a23cfa868df1074e86378fc3dc2bc534c5610e144b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 06 Apr 2024 11:05:40 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
5233
cs-remove-version-number-from-css-js-public.js
thefortunefavor.com/wp-content/plugins/cs-remove-version-number-from-css-js/public/js/
838 B
784 B
Script
General
Full URL
https://thefortunefavor.com/wp-content/plugins/cs-remove-version-number-from-css-js/public/js/cs-remove-version-number-from-css-js-public.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Sep 2023 11:37:50 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
479
the_fortune_favor-1.png
thefortunefavor.com/wp-content/uploads/2023/03/
21 KB
22 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2023/03/the_fortune_favor-1.png
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
4613d51b9d453589fc683c83b280a77d67701dbc7704dfc0b726b22f6a4a2371

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Last-Modified
Tue, 28 Mar 2023 12:50:57 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
21803
penci-holder.png
thefortunefavor.com/wp-content/themes/soledad/images/
125 B
366 B
Image
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/images/penci-holder.png
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=86
Content-Length
125
libs-script.min.js
thefortunefavor.com/wp-content/themes/soledad/js/
169 KB
47 KB
Script
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/js/libs-script.min.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
b502364d386c7cec8866d76dcb7c89291bd919d1653ee64958e2078ce8495089

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
47703
main.js
thefortunefavor.com/wp-content/themes/soledad/js/
60 KB
12 KB
Script
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/js/main.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
bded3da5a4b99669eb9867ec3d1d1cd11e072a52f497c8ecb79bf435e89a2a28

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12381
post-like.js
thefortunefavor.com/wp-content/themes/soledad/js/
1 KB
771 B
Script
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/js/post-like.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
465
tag.js
mc.yandex.ru/metrika/
207 KB
72 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: cache.cloudswiftcdn.com
URL: https://cache.cloudswiftcdn.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
126463720fb502f31f302e4a9773c65474a82e5158e509433980576d222a70be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 13:30:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664f44e2-11db0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
73136
expires
Fri, 24 May 2024 00:20:52 GMT
1
mc.yandex.ru/watch/96299872/
Redirect Chain
  • https://mc.yandex.ru/watch/96299872
  • https://mc.yandex.ru/watch/96299872/1?redirnss=1
43 B
84 B
Image
General
Full URL
https://mc.yandex.ru/watch/96299872/1?redirnss=1
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://thefortunefavor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2024 23:20:52 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23-May-2024 23:20:52 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 23-May-2024 23:20:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 May 2024 23:20:52 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23-May-2024 23:20:52 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96299872/1?redirnss=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection
1; mode=block
expires
Thu, 23-May-2024 23:20:52 GMT
e2bd8973-a994-4b40-a751-fc16049b40ae
https://thefortunefavor.com/
1 KB
0
Other
General
Full URL
blob:https://thefortunefavor.com/e2bd8973-a994-4b40-a751-fc16049b40ae
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
statistics.js
bind.bestresulttostart.com/scripts/
10 KB
5 KB
Script
General
Full URL
https://bind.bestresulttostart.com/scripts/statistics.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.163.7.113 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm76183.vps.client-server.site
Software
nginx /
Resource Hash
c97d2621e7e098aab41dfae76dc18919579ef8c1e79dbb27d2172396da956829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:53 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 15:15:36 GMT
server
nginx
etag
W/"66310b18-285b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
sort.js
api.startservicefounds.com/service/
10 KB
5 KB
Script
General
Full URL
https://api.startservicefounds.com/service/sort.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.150.67.235 Chisinau, Moldova, ASN44477 (STARK-INDUSTRIES, GB),
Reverse DNS
vm2121949.stark-industries.solutions
Software
nginx /
Resource Hash
d5b3b109f4bc1b1b1c2c326e4ad30780ce6bb1cd4e38c842fb9cc082fda085ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:52 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 15:10:04 GMT
server
nginx
etag
W/"663109cc-2893"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=864000
expires
Sun, 02 Jun 2024 23:20:52 GMT
statistics.js
bind.bestresulttostart.com/scripts/
10 KB
5 KB
Script
General
Full URL
https://bind.bestresulttostart.com/scripts/statistics.js?s=7.8.2
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.163.7.113 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm76183.vps.client-server.site
Software
nginx /
Resource Hash
c97d2621e7e098aab41dfae76dc18919579ef8c1e79dbb27d2172396da956829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:53 GMT
strict-transport-security
max-age=31536000;
content-encoding
gzip
last-modified
Tue, 30 Apr 2024 15:15:36 GMT
server
nginx
etag
W/"66310b18-285b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v53/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v53/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPT+Serif%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CPlayfair+Display+SC%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7CMontserrat%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%7COswald%3A300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%26subset%3Dlatin%2Ccyrillic%2Ccyrillic-ext%2Cgreek%2Cgreek-ext%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://thefortunefavor.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 18 May 2024 20:23:37 GMT
x-content-type-options
nosniff
age
442634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28512
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:12 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 18 May 2025 20:23:37 GMT
penciicon.ttf
thefortunefavor.com/wp-content/themes/soledad/fonts/
41 KB
21 KB
Font
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/fonts/penciicon.ttf
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/wp-content/themes/soledad/css/penci-icon.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
14d58600f8072475498254d3d389a0522150add829da0f109178137c43286cf5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/wp-content/themes/soledad/css/penci-icon.css
Origin
https://thefortunefavor.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
font/ttf
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=88
Content-Length
21311
fontawesome-webfont.woff2
thefortunefavor.com/wp-content/themes/soledad/fonts/
75 KB
76 KB
Font
General
Full URL
https://thefortunefavor.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/wp-content/themes/soledad/css/font-awesome.4.7.0.swap.min.css
Origin
https://thefortunefavor.com
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Mar 2023 12:07:13 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Transfer-Encoding
chunked
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
wp-emoji-release.min.js
thefortunefavor.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://thefortunefavor.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Apr 2024 08:49:48 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
5062
U2KFJ4PX66ZBBGTCO7FPLTQXNA_size-normalized-QCsAHS-800x533-1-585x533.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
63 KB
63 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/U2KFJ4PX66ZBBGTCO7FPLTQXNA_size-normalized-QCsAHS-800x533-1-585x533.jpeg
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
79356210446ccac39bfbdf6cc21a113db84d9dc60da12c016773f4a818cb39d3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Last-Modified
Thu, 23 May 2024 03:05:16 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
64742
QABOXIXBLP6YSJTIE4JOUCMERU-W743PS-800x533-1-585x390.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
57 KB
57 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/QABOXIXBLP6YSJTIE4JOUCMERU-W743PS-800x533-1-585x390.jpeg
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
5581795f1def7e3e18d9a268ba5f971cf53c089342559f0ff3d7e7a068c6d24b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Last-Modified
Thu, 23 May 2024 03:05:10 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
58075
3F7G6HRDLHL6WGKE3YGMQBBYXA_size-normalized-kmNPbW-800x534-1-585x390.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
33 KB
33 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/3F7G6HRDLHL6WGKE3YGMQBBYXA_size-normalized-kmNPbW-800x534-1-585x390.jpeg
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
50266d4c8dc0295dcfbcf14b067752f44bdc397cb9870b63a2db1a6dfc437f38

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Last-Modified
Thu, 23 May 2024 03:05:07 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=85
Content-Length
33318
OMLB4K6UBVRX4XBHHED6A566FM_size-normalized-lJ1rgf-800x533-1-585x390.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
17 KB
17 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/OMLB4K6UBVRX4XBHHED6A566FM_size-normalized-lJ1rgf-800x533-1-585x390.jpeg
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
52a66d33ee155d63787b8e7a9143073052a192c6b6bb9be5675ea6d7be0e583c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:52 GMT
Last-Modified
Thu, 23 May 2024 03:05:01 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
17440
split.js
js.cdntoswitchspirit.com/source/
43 KB
16 KB
Script
General
Full URL
https://js.cdntoswitchspirit.com/source/split.js
Requested by
Host: api.startservicefounds.com
URL: https://api.startservicefounds.com/service/sort.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 May 2024 08:18:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
743677
etag
W/"66446fc3-ab1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vei1SdZDAn9%2FpsMXHDpKeUFbWJ1%2F%2Fc0ZUCNgYtAr6Oq2ZDrH9mm2boJbdwVzJnR%2FQmwPRhSSFT9ytjCAa4tfNPDaIFW3bBeZPcgcIjJ9EhO9ubKjbHe7rOdBRaPz80C4FlCl01htM3t2AQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
cf-ray
8888c7719e78a7f3-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
cdncollect
jquery.restartyourchoices.com/
10 KB
5 KB
Script
General
Full URL
https://jquery.restartyourchoices.com/cdncollect?r1=thefortunefavor.com
Requested by
Host: js.cdntoswitchspirit.com
URL: https://js.cdntoswitchspirit.com/source/split.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GImJOgdHhMlMyXkzObqf56zUYGwuUBSEw9%2FCzdzIVQu1paNrKDsq93mOXrdzWZ%2FXcu%2F3GM6G8VhE8pwkARs6UiSeB9by7y%2F0Zch7TDyA%2FlRSDV3IqJTCjE50FjfwwDS3ndBozoOgXHbAqEwDL3%2Bygw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8888c771f9f8a96e-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 23 May 2024 23:20:53 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10378.T1exB1bqb7IT56lyp1Yhnjt2NxefmvsBxg3cwviHa50bIRJowvURD-W7IGSpQxE7.r7mC7XrKlP2IYjMLIuL7gRvipUI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10378.Hrf7qtr9OXNaa5t9JaxpMrqqidohyx77xiO1WoqwGhal4Ef_v8U9sRqCRWZ4Hzyi1Z0O4WRbX5CahgV6Wt_xaHJ1_68lFeNm74v3dFQMcQgfF0LdlPSM8EY09jp95ioQgyzKAg3BQG...
43 B
699 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10378.Hrf7qtr9OXNaa5t9JaxpMrqqidohyx77xiO1WoqwGhal4Ef_v8U9sRqCRWZ4Hzyi1Z0O4WRbX5CahgV6Wt_xaHJ1_68lFeNm74v3dFQMcQgfF0LdlPSM8EY09jp95ioQgyzKAg3BQGRydqjboAnWb3-jamTBSgcrfdVhf4mfGldltHGKmIMwdiPBt9Ynzz8NmXj6g9RYwTWODKBs71a8kAwmao-htMk-GFYLYyUpHwY%2C.olbHF8OJIed6Kao7RGul8NNwzyI%2C
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://thefortunefavor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 23 May 2024 23:20:54 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10378.Hrf7qtr9OXNaa5t9JaxpMrqqidohyx77xiO1WoqwGhal4Ef_v8U9sRqCRWZ4Hzyi1Z0O4WRbX5CahgV6Wt_xaHJ1_68lFeNm74v3dFQMcQgfF0LdlPSM8EY09jp95ioQgyzKAg3BQGRydqjboAnWb3-jamTBSgcrfdVhf4mfGldltHGKmIMwdiPBt9Ynzz8NmXj6g9RYwTWODKBs71a8kAwmao-htMk-GFYLYyUpHwY%2C.olbHF8OJIed6Kao7RGul8NNwzyI%2C
date
Thu, 23 May 2024 23:20:54 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
587 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: thefortunefavor.com
URL: https://thefortunefavor.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:54 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23 May 2024 13:30:10 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"664f44e2-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 24 May 2024 00:20:54 GMT
stepone
done.restartyourchoices.com/
0
748 B
Script
General
Full URL
https://done.restartyourchoices.com/stepone
Requested by
Host: jquery.restartyourchoices.com
URL: https://jquery.restartyourchoices.com/cdncollect?r1=thefortunefavor.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.185.53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 23:20:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mOTNPU7FZPoMKyVlcnT5HsXoJhNkeBRgTRBznp7o2rywU%2FtUHfHO9%2Fgph9TCv%2B3ibKQk%2BAQ7Tg8VasvGE7JJ6QGEHlS7bxYtMCjDGqIddaPjwqeCiApiIPVR9%2FNLdsWXU7dptC1ExLcPMJeD48I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
8888c7762e9aa96e-SYD
alt-svc
h3=":443"; ma=86400
content-length
0
expires
Thu, 23 May 2024 23:20:54 GMT
1
mc.yandex.com/watch/96299872/
Redirect Chain
  • https://mc.yandex.com/watch/96299872?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chr...
  • https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22C...
447 B
635 B
Fetch
General
Full URL
https://mc.yandex.com/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22125%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A125.0.6422.76%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22125.0.6422.76%22%2C%22Chromium%22%3Bv%3D%22125.0.6422.76%22%2C%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbpzx3l1styalxkrdy3ffr2z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-AU%3Av%3A1340%3Acn%3A1%3Adp%3A0%3Als%3A1112613004637%3Ahid%3A395230858%3Az%3A480%3Ai%3A20240524072053%3Aet%3A1716506453%3Ac%3A1%3Arn%3A955965836%3Arqn%3A1%3Au%3A1716506453395656290%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9443%3Awv%3A2%3Ads%3A0%2C2563%2C1608%2C160%2C3179%2C0%2C%2C2935%2C1%2C%2C%2C%2C10445%3Aco%3A0%3Acpf%3A1%3Ans%3A1716506442116%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716506455%3At%3AThe%20Fortune%20Favor%20%E2%80%93%20Investing%20and%20Stock%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
Protocol
H2
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
9ddb2caebfa77b757f19c80378293e6df85d911b0d6514844e4bc2bb5b58ad5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-AU,en;q=0.9;q=0.9
Referer
https://thefortunefavor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 May 2024 23:20:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Thu, 23-May-2024 23:20:55 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thefortunefavor.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Thu, 23-May-2024 23:20:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 May 2024 23:20:54 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 23-May-2024 23:20:54 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/96299872/1?wmode=7&page-url=https%3A%2F%2Fthefortunefavor.com%2F&charset=utf-8&uah=chu%0A%22Google%20Chrome%22%3Bv%3D%22125%22%2C%22Not%3AA-Brand%22%3Bv%3D%228%22%2C%22Chromium%22%3Bv%3D%22125%22%0Acha%0Ax86%0Achb%0A64%0Achf%0A125.0.6422.76%0Achl%0A%22Google%20Chrome%22%3Bv%3D%22125.0.6422.76%22%2C%22Chromium%22%3Bv%3D%22125.0.6422.76%22%2C%22Not.A%2FBrand%22%3Bv%3D%2224.0.0.0%22%0Achm%0A%3F0%0Achp%0AWin32%0Achv%0A10.0.0&browser-info=pv%3A1%3Avf%3Adgbpzx3l1styalxkrdy3ffr2z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-AU%3Av%3A1340%3Acn%3A1%3Adp%3A0%3Als%3A1112613004637%3Ahid%3A395230858%3Az%3A480%3Ai%3A20240524072053%3Aet%3A1716506453%3Ac%3A1%3Arn%3A955965836%3Arqn%3A1%3Au%3A1716506453395656290%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A9443%3Awv%3A2%3Ads%3A0%2C2563%2C1608%2C160%2C3179%2C0%2C%2C2935%2C1%2C%2C%2C%2C10445%3Aco%3A0%3Acpf%3A1%3Ans%3A1716506442116%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1716506455%3At%3AThe%20Fortune%20Favor%20%E2%80%93%20Investing%20and%20Stock%20News&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821037572%29ti%281%29
access-control-allow-origin
https://thefortunefavor.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 23-May-2024 23:20:54 GMT
U2KFJ4PX66ZBBGTCO7FPLTQXNA_size-normalized-QCsAHS-800x533-1-585x390.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
44 KB
44 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/U2KFJ4PX66ZBBGTCO7FPLTQXNA_size-normalized-QCsAHS-800x533-1-585x390.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
c376480e219376be241a23f3dfccaaef55ce152bda6c29a856b835af09044923

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:05:16 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
44832
3JDA5SFXOEI6ZA2YECVBMNK7WQ_size-normalized-Ecte9s-800x533-1-585x390.jpeg
thefortunefavor.com/wp-content/uploads/2024/05/
30 KB
31 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/3JDA5SFXOEI6ZA2YECVBMNK7WQ_size-normalized-Ecte9s-800x533-1-585x390.jpeg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
ce7e8fa3f60fd7e58546c86069a4b6e030f20f27108abab4dca1dd3435080666

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:57 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30989
Psyche_ion_thruster.0-585x390.png
thefortunefavor.com/wp-content/uploads/2024/05/
13 KB
13 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/Psyche_ion_thruster.0-585x390.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
2e26f1129f2b43f698786ff9193529436205789280bb48ebdaeeed542acbc114

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:52 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
13479
acastro_180529_1777_nvidia_0001.0.0-585x390.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
20 KB
20 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/acastro_180529_1777_nvidia_0001.0.0-585x390.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
76a582aac2e75efad28dd0838ae3da701d77f63d659c221f8ec62f161ad175a2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:48 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=84
Content-Length
20153
STK095_Microsoft_04.0-1-585x390.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
16 KB
16 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/STK095_Microsoft_04.0-1-585x390.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
15c9bf396008e6e6456a55cbe98b2ef2c836604bce411b17e00a10daeae57b16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:44 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
16151
240520-hims-hers-health-semaglutide-vl-200p-bf9a69-2-800x533-1-263x175.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
9 KB
9 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/240520-hims-hers-health-semaglutide-vl-200p-bf9a69-2-800x533-1-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
5898e8ae62accd4151f824da63d0082f9f2f18fc3641493c25561db205b93df7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:31 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8770
240520-hims-hers-health-semaglutide-vl-200p-bf9a69-1-800x533-1-263x175.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
9 KB
9 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/240520-hims-hers-health-semaglutide-vl-200p-bf9a69-1-800x533-1-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
5898e8ae62accd4151f824da63d0082f9f2f18fc3641493c25561db205b93df7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:27 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
8770
240521-nestle-ch-0821-675c6b-263x175.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
13 KB
13 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/240521-nestle-ch-0821-675c6b-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
b53d88be20445e894af1af8ef2f38ca156715dc0fb9d6553a32049f415ec1084

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:22 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
13048
240520-truth-social-se-524p-0791f6-263x175.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
9 KB
9 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/240520-truth-social-se-524p-0791f6-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
b63620520756f214118b5086aeeadb19c89f254a2e1248c767e707b71a149833

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:18 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=83
Content-Length
9193
20231204-samuel-ailito-sj-246p-bb898f-800x533-1-263x175.jpg
thefortunefavor.com/wp-content/uploads/2024/05/
6 KB
6 KB
Image
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2024/05/20231204-samuel-ailito-sj-246p-bb898f-800x533-1-263x175.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
f18a93c53135af2b53405f36152b68c0974fca1a041e09d4b533ab846af670ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Thu, 23 May 2024 03:04:15 GMT
Server
Apache
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
6146
Favicon_the_fortune_favor.png
thefortunefavor.com/wp-content/uploads/2023/03/
77 KB
77 KB
Other
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2023/03/Favicon_the_fortune_favor.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
a474e822725ede4e9c789076a9a9be5a2e54f186b3c5085148d6d9ead0f64946

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Tue, 28 Mar 2023 12:51:51 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
78494
Favicon_the_fortune_favor.png
thefortunefavor.com/wp-content/uploads/2023/03/
77 KB
0
Other
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2023/03/Favicon_the_fortune_favor.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
a474e822725ede4e9c789076a9a9be5a2e54f186b3c5085148d6d9ead0f64946

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Tue, 28 Mar 2023 12:51:51 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
78494
Content-Type
image/png
Favicon_the_fortune_favor.png
thefortunefavor.com/wp-content/uploads/2023/03/
77 KB
0
Other
General
Full URL
https://thefortunefavor.com/wp-content/uploads/2023/03/Favicon_the_fortune_favor.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.81.201.141 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-bafadde2.vps.ovh.us
Software
Apache /
Resource Hash
a474e822725ede4e9c789076a9a9be5a2e54f186b3c5085148d6d9ead0f64946

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://thefortunefavor.com/
Accept-Language
en-AU,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Thu, 23 May 2024 23:20:55 GMT
Last-Modified
Tue, 28 Mar 2023 12:51:51 GMT
Server
Apache
Accept-Ranges
bytes
Content-Length
78494
Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| div object| img undefined| _paq function| ym object| _wpemojiSettings undefined| $ function| jQuery function| ywdszewm string| xdgunhwt function| sswzt object| d object| s function| _0x27138f function| _0x5157 function| _0x57f4 function| _0x53fe9b function| _0x4a7ec6 string| _0x7aa2b1 function| _0x2228f4 function| _0x186cbf string| _0x2e4104 function| _0x2f24c8 object| penciBlocksArray object| portfolioDataJs object| PENCILOCALCACHE function| penciBlock object| st function| get_l function| PenciISJson function| onYouTubeIframeAPIReady string| video_postmessage_event_func string| video_postmessage_event function| jarallax function| VideoWorker function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry object| ajax_var_more object| ajax_var function| _0x4624 function| _0x5c8e function| _0x4dbd8d function| _0x258b08 function| _0x2e1b27 function| _0x26f8c1 function| _0x7ffbcb function| _0x500740 object| twemoji object| wp function| _0x4f9b31 function| _0x5da5ce function| _0x347d73 function| _0x2d36 function| _0x4b1c04 function| _0x319000 function| _0xc0c4a3 function| _0x1d50 function| _0x2984de string| _0x180eb5 string| _0x5527db function| _0x5ad6 function| _0x3669 function| _0x8961b5 object| Ya object| yaCounter96299872 number| fr function| _0x1c4805 function| _0x57cb function| _0x342075 function| _0x18658d function| _0x10ad11 function| _0x372391 function| _0x3382cc function| _0x5c6a function| _0x201ee6 function| _0x4a446b function| _0x387604 function| _0x500a function| _0x3dc8 function| _0x38cdcb function| _0x428586 function| _0x2bf545

26 Cookies

Domain/Path Name / Value
mc.yandex.ru/ Name: yabs-sid
Value: 1987717231716506452
.yandex.ru/ Name: yuidss
Value: 3210879781716506452
.yandex.ru/ Name: ymex
Value: 2031866452.yrts.1716506452#2031866452.yrtsi.1716506452
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI1IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjUiKgI/MDoHIldpbjMyIg==
mc.yandex.ru/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI1IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjUiKgI/MDoHIldpbjMyIg==
.yandex.ru/ Name: i
Value: 7KBPy5qqkizXmWmSGEvyTcge+NgAZq2i3hIT71ebpfOGuGunZq43B9qz2YTPOWyg2DepSy44gyJ2DKjZQl0AMazlplo=
.yandex.ru/ Name: yandexuid
Value: 7970807871716506452
.yandex.ru/ Name: yashr
Value: 4351391821716506452
.thefortunefavor.com/ Name: _ym_uid
Value: 1716506453395656290
.thefortunefavor.com/ Name: _ym_d
Value: 1716506453
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 832542356fake
mc.yandex.com/ Name: bh
Value: EkAiR29vZ2xlIENocm9tZSI7dj0iMTI1IiwgIk5vdDpBLUJyYW5kIjt2PSI4IiwgIkNocm9taXVtIjt2PSIxMjUiKgI/MDoHIldpbjMyIg==
.yandex.com/ Name: yashr
Value: 7707811121716506454
.thefortunefavor.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2873697880fake
.yandex.com/ Name: i
Value: 7KBPy5qqkizXmWmSGEvyTcge+NgAZq2i3hIT71ebpfOGuGunZq43B9qz2YTPOWyg2DepSy44gyJ2DKjZQl0AMazlplo=
.yandex.com/ Name: yp
Value: 1716592854.yu.2631892881716506454
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
mc.yandex.com/ Name: yabs-sid
Value: 1411143511716506454
.yandex.com/ Name: yandexuid
Value: 2631892881716506454
.yandex.com/ Name: yuidss
Value: 2631892881716506454
.yandex.com/ Name: ymex
Value: 2031866454.yrts.1716506454
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: Ej4iR29vZ2xlIENocm9tZSI7dj0iMTI1IiwiTm90OkEtQnJhbmQiO3Y9IjgiLCJDaHJvbWl1bSI7dj0iMTI1IhoFIng4NiIiDyIxMjUuMC42NDIyLjc2IioCPzA6ByJXaW4zMiJCCCIxMC4wLjAiSgQiNjQiUloiR29vZ2xlIENocm9tZSI7dj0iMTI1LjAuNjQyMi43NiIsIkNocm9taXVtIjt2PSIxMjUuMC42NDIyLjc2IiwiTm90LkEvQnJhbmQiO3Y9IjI0LjAuMC4wIiI=
.thefortunefavor.com/ Name: _ym_visorc
Value: b

65 Console Messages

Source Level URL
Text
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://thefortunefavor.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.startservicefounds.com
bind.bestresulttostart.com
cache.cloudswiftcdn.com
done.restartyourchoices.com
fonts.googleapis.com
fonts.gstatic.com
jquery.restartyourchoices.com
js.cdntoswitchspirit.com
mc.yandex.com
mc.yandex.ru
thefortunefavor.com
142.250.204.10
142.251.221.67
172.67.185.53
172.67.186.159
172.67.209.227
193.163.7.113
45.150.67.235
51.81.201.141
93.158.134.119
012f916c0da7df9f2f60c07ecac0fb5112fca218ae271b22f976aeb4ae811d02
126463720fb502f31f302e4a9773c65474a82e5158e509433980576d222a70be
14d58600f8072475498254d3d389a0522150add829da0f109178137c43286cf5
15c9bf396008e6e6456a55cbe98b2ef2c836604bce411b17e00a10daeae57b16
241ced7f220982f5679a64cc6db34ed42cd21274508cc5814616d9efe374afde
2ab07a1e0cc7ae9a58af3aec47b945353d1fca8f4f5c1816416c82dfa1cf543b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e26f1129f2b43f698786ff9193529436205789280bb48ebdaeeed542acbc114
323649208b05bbef8b8ae4f36a831272b342b05f0112d41a0f3fd6d33fb9939e
350a497a09b38aa49aa8af4e429641d09f0910ff1c420fee99757b3719fb882c
4613d51b9d453589fc683c83b280a77d67701dbc7704dfc0b726b22f6a4a2371
47dece01ed661572ab893a23cfa868df1074e86378fc3dc2bc534c5610e144b5
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
50266d4c8dc0295dcfbcf14b067752f44bdc397cb9870b63a2db1a6dfc437f38
52a66d33ee155d63787b8e7a9143073052a192c6b6bb9be5675ea6d7be0e583c
547dda3c14b284819be511be1e410da94a5efc6ccc4a9afe1c75394f9333191a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5581795f1def7e3e18d9a268ba5f971cf53c089342559f0ff3d7e7a068c6d24b
57a50c99a31ef4e89e86664e96f6dfbdde163a2eb96e88b3b492c49aa4be2f37
582c413cbd7988d2047f667ccda947fcb5b1df3505ff0506fe9fd90188236b1b
5898e8ae62accd4151f824da63d0082f9f2f18fc3641493c25561db205b93df7
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
6ec085016ccde0baf74503229d9f4ba44dd6dba50941274789ce7f5e52b75b51
76a582aac2e75efad28dd0838ae3da701d77f63d659c221f8ec62f161ad175a2
79356210446ccac39bfbdf6cc21a113db84d9dc60da12c016773f4a818cb39d3
845ee9c64736e369d516ef3d3aa054d6011d72d45e6570d0ec1bca63ac87567e
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
9ddb2caebfa77b757f19c80378293e6df85d911b0d6514844e4bc2bb5b58ad5f
a474e822725ede4e9c789076a9a9be5a2e54f186b3c5085148d6d9ead0f64946
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
aab06f07d645295baa4c503c0b7f40972b3e4678b27aae74171b6177ce4f1c33
b502364d386c7cec8866d76dcb7c89291bd919d1653ee64958e2078ce8495089
b53d88be20445e894af1af8ef2f38ca156715dc0fb9d6553a32049f415ec1084
b63620520756f214118b5086aeeadb19c89f254a2e1248c767e707b71a149833
b76ea70b21511dc3f590a762d9542426f9792bf5d3e50ac10c8b8d25d5bbb09a
bded3da5a4b99669eb9867ec3d1d1cd11e072a52f497c8ecb79bf435e89a2a28
c376480e219376be241a23f3dfccaaef55ce152bda6c29a856b835af09044923
c97d2621e7e098aab41dfae76dc18919579ef8c1e79dbb27d2172396da956829
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce7e8fa3f60fd7e58546c86069a4b6e030f20f27108abab4dca1dd3435080666
d5b3b109f4bc1b1b1c2c326e4ad30780ce6bb1cd4e38c842fb9cc082fda085ec
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f18a93c53135af2b53405f36152b68c0974fca1a041e09d4b533ab846af670ab