www.pailottery.com Open in urlscan Pro
2606:4700::6812:13fa Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pailottery.com/
Effective URL:
https://www.pailottery.com/
Submission: On November 26 via api (November 26th 2023, 6:36:47 pm UTC) from US — Scanned from DE

Summary HTTP 122 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 38 domains to perform 122 HTTP transactions. The main IP is 2606:4700::6812:13fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pailottery.com. The Cisco Umbrella rank of the primary domain is 325640.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 23rd 2023. Valid for: a year.

This is the only time www.pailottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:12fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 38	2606:4700::68... 2606:4700::6812:13fa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:310... 2a02:26f0:3100:38a::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2.17.191.240 2.17.191.240	16625 (AKAMAI-AS) (AKAMAI-AS)
7 12	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	104.18.15.89 104.18.15.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.222.139.58 52.222.139.58	16509 (AMAZON-02) (AMAZON-02)
6	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	52.13.2.21 52.13.2.21	16509 (AMAZON-02) (AMAZON-02)
1	146.75.117.230 146.75.117.230	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	104.18.14.89 104.18.14.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	54.208.112.155 54.208.112.155	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.23.65.67 23.23.65.67	14618 (AMAZON-AES) (AMAZON-AES)
1	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.194.84.132 18.194.84.132	16509 (AMAZON-02) (AMAZON-02)
1 2	54.156.17.57 54.156.17.57	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4 5	18.239.83.23 18.239.83.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20b... 2600:9000:20b4:3a00:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.239.69.21 18.239.69.21	16509 (AMAZON-02) (AMAZON-02)
4 7	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	54.145.128.220 54.145.128.220	14618 (AMAZON-AES) (AMAZON-AES)
3	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 2	34.248.152.66 34.248.152.66	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.120.214.218 3.120.214.218	16509 (AMAZON-02) (AMAZON-02)
1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	44.216.205.237 44.216.205.237	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4280:65cc:ec18:ffd9:693	14618 (AMAZON-AES) (AMAZON-AES)
1	52.213.93.159 52.213.93.159	16509 (AMAZON-02) (AMAZON-02)
1	63.33.100.143 63.33.100.143	16509 (AMAZON-02) (AMAZON-02)
1	18.192.0.107 18.192.0.107	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	54.225.184.7 54.225.184.7	14618 (AMAZON-AES) (AMAZON-AES)
122	53

1 2606:4700::6812:12fa (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pailottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2606:4700::6812:13fa (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.pailottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100:38a::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.191.240 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-191-240.deploy.static.akamaitechnologies.com

a11202468046.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.74.198 (Plainview, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

2620894.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
11380201.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.15.89 (None, )

ASN13335 (CLOUDFLARENET, US)

tracker.mnixdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 37.252.171.85 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-58.ams50.r.cloudfront.net

cdn.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.13.2.21 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-13-2-21.us-west-2.compute.amazonaws.com

js-api.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.117.230 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

resources.digital-cloud-west.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.14.89 (None, )

ASN13335 (CLOUDFLARENET, US)

pixelconnector.mnixdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

pail.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.112.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-112-155.compute-1.amazonaws.com

capidashboard.pailottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.23.65.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-65-67.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.84.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-84-132.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.156.17.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-17-57.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.239.83.23 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-23.ams58.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:3a00:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.69.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-21.ams58.r.cloudfront.net

cdn.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.130 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20842193p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.128.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-128-220.compute-1.amazonaws.com

people.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.152.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-152-66.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.214.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.216.205.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-205-237.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4280:65cc:ec18:ffd9:693 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.93.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.0.107 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-0-107.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.184.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-184-7.compute-1.amazonaws.com

events.api.boomtrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	pailottery.com 4 redirects www.pailottery.com — Cisco Umbrella Rank: 325640 capidashboard.pailottery.com — Cisco Umbrella Rank: 247664	1 MB
16	doubleclick.net 8 redirects 2620894.fls.doubleclick.net — Cisco Umbrella Rank: 242569 11380201.fls.doubleclick.net ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	9 KB
10	adnxs.com 3 redirects secure.adnxs.com — Cisco Umbrella Rank: 495 acdn.adnxs.com — Cisco Umbrella Rank: 609 ib.adnxs.com — Cisco Umbrella Rank: 246	10 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	2 KB
7	rfihub.com 4 redirects 20842193p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 868 a.rfihub.com — Cisco Umbrella Rank: 2969	12 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2137 ekr.zdassets.com — Cisco Umbrella Rank: 2470	349 KB
6	google.de 2 redirects adservice.google.de — Cisco Umbrella Rank: 14376 www.google.de — Cisco Umbrella Rank: 6862	2 KB
5	rezync.com 4 redirects live.rezync.com — Cisco Umbrella Rank: 1922	6 KB
4	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org — Cisco Umbrella Rank: 584	5 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 834 a11202468046.cdn.optimizely.com — Cisco Umbrella Rank: 462569 logx.optimizely.com — Cisco Umbrella Rank: 1496	95 KB
3	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	151 B
3	boomtrain.com cdn.boomtrain.com — Cisco Umbrella Rank: 5248 people.api.boomtrain.com — Cisco Umbrella Rank: 5652 events.api.boomtrain.com — Cisco Umbrella Rank: 8746	31 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
3	otherlevels.com cdn.otherlevels.com — Cisco Umbrella Rank: 56610 js-api.otherlevels.com — Cisco Umbrella Rank: 30913	38 KB
3	mnixdata.com tracker.mnixdata.com — Cisco Umbrella Rank: 90388 pixelconnector.mnixdata.com — Cisco Umbrella Rank: 87853	5 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 709	621 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	1 KB
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228	1 KB
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 2412	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	168 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	203 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	147 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 758	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 560	378 B
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	176 B
1	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1652	184 B
1	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1570	110 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 691	618 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1148	344 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	274 B
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 924	226 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5089	6 KB
1	mediaiqdigital.com pixel.mediaiqdigital.com — Cisco Umbrella Rank: 12519	83 B
1	simpli.fi tag.simpli.fi — Cisco Umbrella Rank: 4323	554 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	186 B
1	zendesk.com pail.zendesk.com	1 KB
1	medallia.com resources.digital-cloud-west.medallia.com — Cisco Umbrella Rank: 4548	992 B
122	38

	Domain	Requested by
39	www.pailottery.com	4 redirects www.pailottery.com
7	secure.adnxs.com	3 redirects www.pailottery.com 2620894.fls.doubleclick.net live.rezync.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com www.pailottery.com
6	2620894.fls.doubleclick.net	2 redirects www.googletagmanager.com adservice.google.com
5	live.rezync.com	4 redirects 2620894.fls.doubleclick.net
5	adservice.google.com	1 redirects 2620894.fls.doubleclick.net 11380201.fls.doubleclick.net
4	p.rfihub.com	3 redirects 2620894.fls.doubleclick.net
4	ad.doubleclick.net	4 redirects
3	idsync.rlcdn.com	2620894.fls.doubleclick.net
3	www.google.de	www.pailottery.com
3	www.google.com	www.pailottery.com
3	bat.bing.com	www.pailottery.com bat.bing.com
3	adservice.google.de	2 redirects www.pailottery.com
2	sync-tm.everesttech.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects 2620894.fls.doubleclick.net
2	dpm.demdex.net	1 redirects 2620894.fls.doubleclick.net
2	a.rfihub.com	1 redirects c1.rfihub.net
2	ib.adnxs.com	2620894.fls.doubleclick.net
2	trkn.us	1 redirects 2620894.fls.doubleclick.net
2	logx.optimizely.com	cdn.optimizely.com
2	insight.adsrvr.org	js.adsrvr.org 2620894.fls.doubleclick.net
2	pixelconnector.mnixdata.com	tracker.mnixdata.com
2	js-api.otherlevels.com	cdn.otherlevels.com
2	js.adsrvr.org	www.googletagmanager.com 11380201.fls.doubleclick.net
2	connect.facebook.net	www.pailottery.com connect.facebook.net
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	11380201.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.pailottery.com www.googletagmanager.com
1	events.api.boomtrain.com	cdn.boomtrain.com
1	x.bidswitch.net	2620894.fls.doubleclick.net
1	beacon.krxd.net	2620894.fls.doubleclick.net
1	aa.agkn.com	2620894.fls.doubleclick.net
1	partners.tremorhub.com	2620894.fls.doubleclick.net
1	x.dlx.addthis.com	2620894.fls.doubleclick.net
1	bpi.rtactivate.com	2620894.fls.doubleclick.net
1	contextual.media.net	2620894.fls.doubleclick.net
1	ps.eyeota.net	2620894.fls.doubleclick.net
1	us-u.openx.net	2620894.fls.doubleclick.net
1	image2.pubmatic.com	2620894.fls.doubleclick.net
1	cm.g.doubleclick.net	1 redirects
1	people.api.boomtrain.com	cdn.boomtrain.com
1	20842193p.rfihub.com	c1.rfihub.net
1	cdn.boomtrain.com	www.pailottery.com
1	c1.rfihub.net	www.pailottery.com
1	acdn.adnxs.com	2620894.fls.doubleclick.net
1	pixel.mediaiqdigital.com	2620894.fls.doubleclick.net
1	tag.simpli.fi	2620894.fls.doubleclick.net
1	www.facebook.com	www.pailottery.com
1	capidashboard.pailottery.com	connect.facebook.net
1	pail.zendesk.com	static.zdassets.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	resources.digital-cloud-west.medallia.com	www.googletagmanager.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.otherlevels.com	www.pailottery.com
1	tracker.mnixdata.com	www.googletagmanager.com
1	a11202468046.cdn.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	www.pailottery.com
122	59

This site contains links to these domains. Also see Links.

Domain
www.palottery.state.pa.us
help.pailottery.com
apps.apple.com
play.google.com
facebook.com
twitter.com
instagram.com
vimeo.com
youtube.com
www.flickr.com
www.pa.gov
www.governor.pa.gov
www.pacouncil.com
www.ncpgambling.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-23` - `2024-08-21`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cdn.optimizely.com GeoTrust RSA CA 2018	`2023-02-26` - `2024-02-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.otherlevels.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-05` - `2023-12-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.digital-cloud-west.medallia.com SSL.com RSA SSL subCA	`2023-11-01` - `2024-12-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
pail.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-21` - `2024-03-20`	a year	crt.sh
capidashboard.pailottery.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
logx.optimizely.com Amazon RSA 2048 M01	`2023-06-24` - `2024-07-22`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.rezync.com Amazon RSA 2048 M02	`2023-10-25` - `2024-11-21`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
*.boomtrain.com Amazon RSA 2048 M02	`2023-02-09` - `2024-03-09`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
*.api.boomtrain.com Amazon RSA 2048 M03	`2023-09-16` - `2024-10-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.pailottery.com/
Frame ID: CCA7C729C6DE08CA35137F70C374424D
Requests: 72 HTTP requests in this frame

Frame: https://a11202468046.cdn.optimizely.com/client_storage/a11202468046.html
Frame ID: 9FD3ABE681350036BBC805EEBE90C8B2
Requests: 1 HTTP requests in this frame

Frame: https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: D5D0FA4F999F73E97A4493241C8CED8F
Requests: 1 HTTP requests in this frame

Frame: https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: 566E482F1984643541D6853A8E92753B
Requests: 1 HTTP requests in this frame

Frame: https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: 0327875443A516F79A6B7C3A77204BB8
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: CD8C36D6C7332FD3D381193CE315681A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: FE3F5A8988B1D83DA77A2AA2905C7715
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Frame ID: A218F7C1762D03521633AC19CAB7D8A4
Requests: 6 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=xu8kfn7&ref=https%3A%2F%2Fwww.pailottery.com%2F&upid=7bkjpjz&upv=1.1.0
Frame ID: 551761C82B408A519624C8B4DC6F6953
Requests: 1 HTTP requests in this frame

Frame: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: E89DC14FD1843C9C1A1E4722668C7DD6
Requests: 10 HTTP requests in this frame

Frame: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Frame ID: FA2B59929D55423AB51802C05E6AC4DA
Requests: 6 HTTP requests in this frame

Frame: https://20842193p.rfihub.com/ca.html?ver=9&rb=47018&ca=20842193&_o=47018&_t=20842193&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&pe=https%3A%2F%2F2620894.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKfQmryn4oIDFXRdkQUdzNYErQ%3Bsrc%3D2620894%3Btype%3Dilott0%3Bcat%3Dallpa0%3Bord%3D2359506517682%3Bauiddc%3D594687067.1701023803%3Bgtm%3D45He3b81v78554229%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fwww.pailottery.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=2962436605197556
Frame ID: DAA5C54399F71964253ABCF31A4E84B5
Requests: 18 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=47018&ca=20842193&ri=eb5b8c4858da02268577ebfae7986d89&stats=%7B%2213488%22%3A%22546%2C2%22%2C%2217243%22%3A%2210%2C1%22%2C%2242261%22%3A%2272%2C1%22%2C%2250495%22%3A%22222%2C1%22%2C%2252220%22%3A%2299%2C1%22%2C%2253935%22%3A%22151%2C1%22%2C%2254497%22%3A%22196%2C1%22%2C%2254855%22%3A%2259%2C2%22%2C%2254863%22%3A%22399%2C1%22%2C%2255073%22%3A%2276%2C2%22%2C%2256659%22%3A%22152%2C1%22%2C%2256885%22%3A%22109%2C2%22%2C%2257347%22%3A%22191%2C2%22%2C%2257363%22%3A%22294%2C1%22%2C%2258143%22%3A%2279%2C1%22%2C%2258553%22%3A%22354%2C2%22%2C%2258561%22%3A%22351%2C1%22%7D&ra=8546895090459274
Frame ID: 5BEBBB8E6D312C65B3F384399C2F1A53
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PA iLottery | Online Games | Pennsylvania Lottery - PA iLottery

Page URL History Show full URLs

http://www.pailottery.com/ HTTP 301
https://www.pailottery.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

122
Requests

88 %
HTTPS

31 %
IPv6

38
Domains

59
Subdomains

53
IPs

6
Countries

2435 kB
Transfer

8228 kB
Size

45
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.palottery.state.pa.us/
Title: PA iLottery

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/vip-players-club/public/second-chance-drawings.aspx
Title: Second Chance™

Search URL Search Domain Scan URL

URL: https://help.pailottery.com/hc/en-us
Title: Help

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Draw-Games.aspx
Title: Draw Games

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Scratch-Offs/Active-Games.aspx
Title: Scratch-Offs

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Fast-Play/Active-Games.aspx
Title: Fast Play

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Keno.aspx?Keno=1
Title: Keno

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Xpress.aspx?Xpress=1
Title: About Xpress Sports

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Xpress/Derby-Cash.aspx
Title: Derby Cash

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Xpress/Car-Racing.aspx?CarRacing=1
Title: Xpress Car Racing

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/VIP-Players-Club/Login.aspx
Title: VIP Players Club

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Winners/Winners.aspx
Title: Winners

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/Benefits/Benefits-Info.aspx
Title: Benefits

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/misc/pa-lottery-official-mobile-app.aspx
Title: Mobile App

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery.aspx
Title: About Us & News

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Retailers.aspx
Title: Where To Buy

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Contact-Us.aspx
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Player-Security.aspx
Title: Player Security

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/For-Retailers.aspx
Title: For Retailers

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/pa-lottery-official-app/id910842501

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.sgi.palottery

Search URL Search Domain Scan URL

URL: https://facebook.com/palottery/

Search URL Search Domain Scan URL

URL: https://twitter.com/PALottery/

Search URL Search Domain Scan URL

URL: https://instagram.com/palottery/

Search URL Search Domain Scan URL

URL: https://vimeo.com/pennsylvanialottery

Search URL Search Domain Scan URL

URL: https://youtube.com/user/PennsylvaniaLottery

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/143479046@N08/

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Subscribe-to-RSS.aspx

Search URL Search Domain Scan URL

URL: https://www.pa.gov/privacy-policy/
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Footer/Sitemap.aspx
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Footer/Americans-with-Disabilities-Act.aspx
Title: Americans with Disabilities Act

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Please-Play-Responsibly.aspx
Title: Please Play Responsibly

Search URL Search Domain Scan URL

URL: https://www.pa.gov/
Title: PA.gov

Search URL Search Domain Scan URL

URL: https://www.palottery.state.pa.us/About-PA-Lottery/Footer/Amber-Alert.aspx
Title: Amber Alert

Search URL Search Domain Scan URL

URL: https://www.governor.pa.gov/
Title: Josh Shapiro, Governor

Search URL Search Domain Scan URL

URL: https://www.pacouncil.com/

Search URL Search Domain Scan URL

URL: https://www.ncpgambling.org/programs-resources/responsible-gambling/icap/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pailottery.com/ HTTP 301
https://www.pailottery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.pailottery.com/uploaded_files/73975/ccgp@2x.png HTTP 302
https://www.pailottery.com/media/filer_public/4e/ea/4eeaac47-ced1-435d-883a-3b0a05b200af/ccgp2x.png

Request Chain 23

https://www.pailottery.com/uploaded_files/67231/iCAP%20Logo%202022-2024%20Transparent.png HTTP 302
https://www.pailottery.com/media/filer_public/e7/28/e72839af-0b0f-4b13-af07-745fd4231491/icap_logo_2022-2024_transparent.png

Request Chain 24

https://www.pailottery.com/uploaded_files/73981/WLA_WEB_Logo_L3_vertic_alt.png HTTP 302
https://www.pailottery.com/media/filer_public/36/32/3632bea4-3d07-4fb4-b88d-213bd6dbb4cf/wla_web_logo_l3_vertic_alt.png

Request Chain 38

https://2620894.fls.doubleclick.net/activityi;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F HTTP 302
https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Request Chain 39

https://2620894.fls.doubleclick.net/activityi;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F HTTP 302
https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Request Chain 40

https://11380201.fls.doubleclick.net/activityi;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F HTTP 302
https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Request Chain 42

https://secure.adnxs.com/seg?add=29051735&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29051735%26t%3D1

Request Chain 45

https://secure.adnxs.com/px?id=1000157&seg=13452283&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1000157%26seg%3D13452283%26t%3D2

Request Chain 46

https://ad.doubleclick.net/ddm/activity/src=8340133;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.pailottery.com/ HTTP 302
https://adservice.google.de/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.pailottery.com/

Request Chain 78

https://adservice.google.de/ddm/fls/i/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F HTTP 302
https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Request Chain 79

https://adservice.google.de/ddm/fls/i/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F HTTP 302
https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Request Chain 88

https://ad.doubleclick.net/ddm/activity/src=8340133;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Request Chain 89

https://secure.adnxs.com/px?id=1101584&seg=17607826&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26u3%3D%26u4%3D%26pixel_id%3D1101584%26uid%3D%24%7BUID%7D&t=2 HTTP 302
https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1101584&uid=2279516303130703776

Request Chain 90

https://trkn.us/pixel/c?ppt=20320&g=sitewide&gid=47632& HTTP 302
https://trkn.us/pixel/c?ppt=20320&g=sitewide&gid=47632&&ip=185.213.155.147&cuidchk=1

Request Chain 100

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer=https%3A%2F%2Fadservice.google.com%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b5817232cdc%253A1701023803.6822584%26_%3D1701023804.1556985&cb=1701023804.1557262 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b5817232cdc%253A1701023803.6822584%26_%3D1701023804.1556985 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.1556985

Request Chain 101

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyODUzMTY2NzIxMg==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIUm6TgwKcWK8z7u527Kr3Y&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b5817232cdc%253A1701023803.6822584%26_%3D1701023804.3540301&cb=1701023804.3540623 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b5817232cdc%253A1701023803.6822584%26_%3D1701023804.3540301 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.3540301

Request Chain 103

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084928531667212&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084928531667212&redir=

Request Chain 106

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5140084928531667212&bid=omt9pi0

Request Chain 109

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward=&C=1

Request Chain 116

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWOQPAACkDmamwBH HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWOQPAACkDmamwBH&_test=ZWOQPAACkDmamwBH

122 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.pailottery.com/
Redirect Chain

http://www.pailottery.com/
https://www.pailottery.com/

50 KB
11 KB

702ms
683ms

Document
text/html

2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d0562f3304482ea95b6f4335b4f7571b9ecaa17141f87b75da3d114100b2b48

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 82c43d085a9f2c4b-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 18:36:42 GMT
server: cloudflare
vary: Cookie, Origin, Accept-Language
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-gtm-data: {"LG_customerGroupTier": null}
x-url: /
x-whom: pa3p69xwpws008

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 82c43d06bbb018d9-FRA
Connection: keep-alive
Content-Length: 0
Date: Sun, 26 Nov 2023 18:36:41 GMT
Location: https://www.pailottery.com/
Server: cloudflare

GET
H2 200 main.min.css
www.pailottery.com/static/stylesheets/compiled/palottery/ 383 KB
56 KB 30ms
29ms Stylesheet
text/css 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/static/stylesheets/compiled/palottery/main.min.css?rev=10.1

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f7589169290dbbf22e9f9aaab171eed810f77d6b90f19b62917089c3ac0d14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 08:36:55 GMT
server: cloudflare
age: 36223
etag: W/"654b48a7-5fde3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 82c43d0ca8ef2c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 deviceatlas-custom.min.js Show response
www.pailottery.com/static/javascripts/libs/ 11 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/static/javascripts/libs/deviceatlas-custom.min.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f867808a0de41dda3ec447166857296ee0ddbe803d3450cec7845713c12dc66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 08:36:55 GMT
server: cloudflare
age: 36223
etag: W/"654b48a7-2b0a"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82c43d0ca8f42c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 past4g3sn1pp3t.js Show response
cdn.optimizely.com/public/11202468046/s/ 295 KB
92 KB 152ms
124ms Script
text/javascript 2a02:26f0:3100:38a::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/public/11202468046/s/past4g3sn1pp3t.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100:38a::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b70d0832161cae1c280487bc47571fe4d9a6d5dec0b808c7b699d05b2137fb61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ji8Bh_sZIKI9lLbGObiSNunknDM5zXip
content-encoding: gzip
date: Sun, 26 Nov 2023 18:36:42 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: CFQW44MS579J3E4F
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 116
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=10, origin; dur=105, cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:3100:38a::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1701023802361_34631172_323213963_11453_1867_5_8_219";dur=1
content-length: 93726
x-amz-id-2: UWY9aVNBvZ1BOBzpIl3rDJv5vC24iiShIgN7VI5Nq7x0SdE5XKc3eUy7KFEjIYZbLtsW6/aFMp3+nlzZ3NEOcg==
last-modified: Wed, 06 Jul 2022 23:24:19 GMT
server: AmazonS3
etag: "9cca11b2fd4c0a999036230e99cb7e26"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 paysafeSDK.min.js Show response
www.pailottery.com/static/javascripts/libs/paysafe/ 133 KB
36 KB 32ms
31ms Script
application/javascript 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/static/javascripts/libs/paysafe/paysafeSDK.min.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4296f22ff003ee3b46cfc5caa0172b77efa76a83d548b36e0caae367097e39d6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 08:36:55 GMT
server: cloudflare
age: 36223
etag: W/"654b48a7-214b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82c43d0ca8f12c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 383 KB
110 KB 217ms
102ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f22bbc7bdfd048e04e546f7d2886f677f52303988d2f51299c5ed8014e33e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111715
x-xss-protection: 0
last-modified: Sun, 26 Nov 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 26 Nov 2023 18:36:42 GMT

GET
H2 200 ach_footerv5.png
www.pailottery.com/media/filer_public/1f/e2/1fe205e0-544d-4b8c-b8b8-03dc42fa57c5/ 7 KB
7 KB 405ms
405ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/1f/e2/1fe205e0-544d-4b8c-b8b8-03dc42fa57c5/ach_footerv5.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e1c75cee38d123020992b82ce0e93d1c0866d7571824a4306a958db6075d32

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2023 15:17:37 GMT
server: cloudflare
etag: "65426c11-1a1f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0d49de2c4b-FRA
content-length: 6687
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 visa_footerv7.png
www.pailottery.com/media/filer_public/7c/22/7c22d68b-8534-43c8-859d-88aea9cbbdd9/ 10 KB
10 KB 377ms
376ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/7c/22/7c22d68b-8534-43c8-859d-88aea9cbbdd9/visa_footerv7.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8c6cc69605ca0b0e2a96a5a4391523a08ede2358b42d088a6a3fb5b3a53d648

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 15:37:12 GMT
server: cloudflare
etag: "606345a8-2864"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0d49e02c4b-FRA
content-length: 10340
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 mastercard_footerv5.png
www.pailottery.com/media/filer_public/e7/71/e771ef99-237c-4d53-91e3-da70852291cc/ 17 KB
17 KB 507ms
502ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/e7/71/e771ef99-237c-4d53-91e3-da70852291cc/mastercard_footerv5.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00aa3ac2f5694bbe6d71c2a60471509bc437e964ff4eb1998ac2525665ce3dca

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Mar 2020 19:58:17 GMT
server: cloudflare
etag: "5e7a6659-4299"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfae92c4b-FRA
content-length: 17049
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 discover_footerv5.png
www.pailottery.com/media/filer_public/1d/8a/1d8a6553-efd5-4c27-9470-a6a2482daef2/ 13 KB
13 KB 391ms
386ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/1d/8a/1d8a6553-efd5-4c27-9470-a6a2482daef2/discover_footerv5.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71e3a1f2270ef0d1bf78cccc0ff80a2f72d7094636bb1fc3dac5977f3a2540c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Mar 2020 18:45:46 GMT
server: cloudflare
etag: "5e5ea5da-3434"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfaef2c4b-FRA
content-length: 13364
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 paypal_footerv7.png
www.pailottery.com/media/filer_public/05/71/0571f43e-7775-4a84-9b06-04965e2fce60/ 5 KB
5 KB 440ms
436ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/05/71/0571f43e-7775-4a84-9b06-04965e2fce60/paypal_footerv7.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113ace972aac2b16f2bb95520f202691619104c6d287465f86eca6179cc15bb8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 15:36:22 GMT
server: cloudflare
etag: "60634576-12e4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfaf32c4b-FRA
content-length: 4836
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 playplus_footerv5.png
www.pailottery.com/media/filer_public/62/77/6277d861-6766-45d7-b5c5-01a353740805/ 6 KB
6 KB 408ms
403ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/62/77/6277d861-6766-45d7-b5c5-01a353740805/playplus_footerv5.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4ebd5c68d80c69ee34bee875f1af8af6b3cd5f5007e2ff4c2ce7ab239438fd6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Mar 2020 20:11:42 GMT
server: cloudflare
etag: "5e7a697e-17e7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfaf62c4b-FRA
content-length: 6119
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 webcash_footerv9.png
www.pailottery.com/media/filer_public/70/4d/704dda04-255f-440d-98d0-cceeee97d977/ 18 KB
18 KB 543ms
538ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/70/4d/704dda04-255f-440d-98d0-cceeee97d977/webcash_footerv9.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85b6cfc16aa247d26fb1a1dc97ca78746e23581e224fc8eeea703a62fa3283bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Wed, 01 Nov 2023 15:14:40 GMT
server: cloudflare
etag: "65426b60-48de"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfafa2c4b-FRA
content-length: 18654
expires: Wed, 23 Nov 2033 18:36:43 GMT

GET
H2 200 apple_app_store.svg
www.pailottery.com/media/filer_public/04/0a/040a3d78-d8e1-4c4b-8d35-fbe02a017173/ 18 KB
7 KB 492ms
487ms Image
image/svg+xml 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/04/0a/040a3d78-d8e1-4c4b-8d35-fbe02a017173/apple_app_store.svg

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af5d9ca869bef51d8f46d9ea8a22165f94baafe35b4f5e6a44971c9dd3d5b77

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 17:13:10 GMT
server: cloudflare
etag: W/"6373c8a6-4789"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfafd2c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 available_on_android.svg
www.pailottery.com/media/filer_public/49/db/49db9060-44e8-4f5f-bb11-9877fb00ddf3/ 6 KB
2 KB 403ms
399ms Image
image/svg+xml 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/49/db/49db9060-44e8-4f5f-bb11-9877fb00ddf3/available_on_android.svg

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27439502154f5258a675d423e4cdd61fec549691d70ebbdb09ecaa42fea5b44d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 15 Nov 2022 17:13:10 GMT
server: cloudflare
etag: W/"6373c8a6-165e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfafe2c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 facebook-green.png
www.pailottery.com/media/filer_public/15/11/15117f1b-90cd-43c6-8297-6deec157bb24/ 11 KB
11 KB 406ms
402ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/15/11/15117f1b-90cd-43c6-8297-6deec157bb24/facebook-green.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeb6d4c24d56842e1b75a089c691d125334fa987cc36880cff42e882f72ad882

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
etag: "60632c75-2d1d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb002c4b-FRA
content-length: 11549
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 twitter-green-centered.png
www.pailottery.com/media/filer_public/ce/80/ce80f591-db36-4343-a0ca-3e331d8ec808/ 10 KB
10 KB 441ms
437ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/ce/80/ce80f591-db36-4343-a0ca-3e331d8ec808/twitter-green-centered.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2da343ae8f03c6c1728858854bd36c4dbb4c4c788f27924d538bffaf0edd45b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 13:53:01 GMT
server: cloudflare
etag: "60632d3d-2695"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb012c4b-FRA
content-length: 9877
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 instagram-green.png
www.pailottery.com/media/filer_public/69/ae/69ae0e9a-176d-4948-aedf-3930ee542087/ 26 KB
26 KB 512ms
508ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/69/ae/69ae0e9a-176d-4948-aedf-3930ee542087/instagram-green.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e6b087b5937b6c0c739b122ea47a624eea8faf14c7acba333f568d082b700ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
etag: "60632c75-6691"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb032c4b-FRA
content-length: 26257
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 vimeo-green.png
www.pailottery.com/media/filer_public/a9/e2/a9e2af40-4fe2-4456-8f9b-b51986d4ddb0/ 15 KB
15 KB 538ms
535ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/a9/e2/a9e2af40-4fe2-4456-8f9b-b51986d4ddb0/vimeo-green.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

100a5046342ec1e47eccf08db80356a4da4440aae1167560d53643224831cada

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
etag: "60632c75-3c76"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb042c4b-FRA
content-length: 15478
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 youtube-green-centered.png
www.pailottery.com/media/filer_public/19/7b/197b8c5b-157c-4db3-b2d2-48e98d684c3f/ 15 KB
15 KB 34ms
31ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/19/7b/197b8c5b-157c-4db3-b2d2-48e98d684c3f/youtube-green-centered.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67d7fe0cefa16bf15415af452a2f7973955a60c20e0ee2429f625c1d0e702f78

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
age: 390880
etag: "60632c75-3b33"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb062c4b-FRA
content-length: 15155
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 flickr-green.png
www.pailottery.com/media/filer_public/48/83/488326bc-65d3-4613-9a20-2e7c58b0d400/ 11 KB
11 KB 36ms
33ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/48/83/488326bc-65d3-4613-9a20-2e7c58b0d400/flickr-green.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33a0375abb248dd1448a271e3b9ec0b39998c6a5ed149eb4e3d7155fe66c73f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: HIT
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
age: 1293256
etag: "60632c75-2d95"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb092c4b-FRA
content-length: 11669
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 rss-green.png
www.pailottery.com/media/filer_public/57/33/5733acb5-92c0-4562-a449-1f9887571faf/ 19 KB
19 KB 489ms
486ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/57/33/5733acb5-92c0-4562-a449-1f9887571faf/rss-green.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

775c21828e6984b608bc4361460c049687866f1144762dbd1f1f8c98c918431b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Mar 2021 13:49:41 GMT
server: cloudflare
etag: "60632c75-4d3e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb0b2c4b-FRA
content-length: 19774
expires: Wed, 23 Nov 2033 18:36:43 GMT

GET
H2 200 wheelchair.svg
www.pailottery.com/media/filer_public/30/48/304824fc-bf2c-4df8-b3f1-83cb27709e04/ 1 KB
795 B 35ms
32ms Image
image/svg+xml 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/30/48/304824fc-bf2c-4df8-b3f1-83cb27709e04/wheelchair.svg

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7740b545a0f43188d12bfa7ef00082640b20b13568e052af9dcd9d60324790

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Sep 2022 06:44:58 GMT
server: cloudflare
age: 20121
etag: W/"632026ea-48c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfb0c2c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2

200

ccgp2x.png
www.pailottery.com/media/filer_public/4e/ea/4eeaac47-ced1-435d-883a-3b0a05b200af/
Redirect Chain

https://www.pailottery.com/uploaded_files/73975/ccgp@2x.png
https://www.pailottery.com/media/filer_public/4e/ea/4eeaac47-ced1-435d-883a-3b0a05b200af/ccgp2x.png

7 KB
7 KB

115ms
115ms

Image
image/png

2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/4e/ea/4eeaac47-ced1-435d-883a-3b0a05b200af/ccgp2x.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45a67b5d04829554f96ba5a796227f4e6629878720bd4e769c2b80812572b1f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 16:35:11 GMT
server: cloudflare
etag: "63c036bf-1b5b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d113f592c4b-FRA
content-length: 7003
expires: Wed, 23 Nov 2033 18:36:43 GMT

Redirect headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
server: cloudflare
vary: Origin, Accept-Language, Cookie, Accept-Encoding
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
content-language: en
location: /media/filer_public/4e/ea/4eeaac47-ced1-435d-883a-3b0a05b200af/ccgp2x.png
x-url: /uploaded_files/73975/ccgp@2x.png
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400
x-whom: pa3p69xwpws009
x-gtm-data: {"LG_customerGroupTier": null}
cf-ray: 82c43d0dfb0d2c4b-FRA
expires: Sun, 26 Nov 2023 22:36:43 GMT

GET
H2

200

icap_logo_2022-2024_transparent.png
www.pailottery.com/media/filer_public/e7/28/e72839af-0b0f-4b13-af07-745fd4231491/
Redirect Chain

https://www.pailottery.com/uploaded_files/67231/iCAP%20Logo%202022-2024%20Transparent.png
https://www.pailottery.com/media/filer_public/e7/28/e72839af-0b0f-4b13-af07-745fd4231491/icap_logo_2022-2024_transparent.png

534 KB
535 KB

284ms
283ms

Image
image/png

2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/e7/28/e72839af-0b0f-4b13-af07-745fd4231491/icap_logo_2022-2024_transparent.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76a34ff85f44a29e1c9c3b38e3ae68417bd0b7a55499af719b8ab3b4421874f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 06:50:48 GMT
server: cloudflare
etag: "63202848-859de"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d115fa32c4b-FRA
content-length: 547294
expires: Wed, 23 Nov 2033 18:36:43 GMT

Redirect headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
server: cloudflare
vary: Origin, Accept-Language, Cookie, Accept-Encoding
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
content-language: en
location: /media/filer_public/e7/28/e72839af-0b0f-4b13-af07-745fd4231491/icap_logo_2022-2024_transparent.png
x-url: /uploaded_files/67231/iCAP%20Logo%202022-2024%20Transparent.png
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400
x-whom: pa3p69xwpws007
x-gtm-data: {"LG_customerGroupTier": null}
cf-ray: 82c43d0dfb0f2c4b-FRA
expires: Sun, 26 Nov 2023 22:36:43 GMT

GET
H2

200

wla_web_logo_l3_vertic_alt.png
www.pailottery.com/media/filer_public/36/32/3632bea4-3d07-4fb4-b88d-213bd6dbb4cf/
Redirect Chain

https://www.pailottery.com/uploaded_files/73981/WLA_WEB_Logo_L3_vertic_alt.png
https://www.pailottery.com/media/filer_public/36/32/3632bea4-3d07-4fb4-b88d-213bd6dbb4cf/wla_web_logo_l3_vertic_alt.png

140 KB
140 KB

549ms
548ms

Image
image/png

2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/36/32/3632bea4-3d07-4fb4-b88d-213bd6dbb4cf/wla_web_logo_l3_vertic_alt.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55586c3f7c12f7af195ca1c556876c584a86f291456e92eb31783304d0ba95d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Jan 2023 16:36:52 GMT
server: cloudflare
etag: "63c03724-22e7b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d1259092c4b-FRA
content-length: 142971
expires: Wed, 23 Nov 2033 18:36:43 GMT

Redirect headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: MISS
server: cloudflare
vary: Origin, Accept-Language, Cookie, Accept-Encoding
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
content-language: en
location: /media/filer_public/36/32/3632bea4-3d07-4fb4-b88d-213bd6dbb4cf/wla_web_logo_l3_vertic_alt.png
x-url: /uploaded_files/73981/WLA_WEB_Logo_L3_vertic_alt.png
content-type: text/html; charset=utf-8
cache-control: public, max-age=14400
x-whom: pa3p69xwpws001
x-gtm-data: {"LG_customerGroupTier": null}
cf-ray: 82c43d0dfb102c4b-FRA
expires: Sun, 26 Nov 2023 22:36:43 GMT

GET
H2 200 email-decode.min.js Show response
www.pailottery.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
820 B 13ms
11ms Script
application/javascript 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
server: cloudflare
etag: W/"65568fe4-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 82c43d0dfae72c4b-FRA
expires: Tue, 28 Nov 2023 18:36:42 GMT

GET
H2 200 main.min.js Show response
www.pailottery.com/static/javascripts/compiled/palottery/ 2 MB
423 KB 41ms
39ms Script
application/javascript 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59612e60c2dc127abeffc7deca39dc3892c93939f415a15c539ec43ad57b6c33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 08:36:54 GMT
server: cloudflare
age: 36222
etag: W/"654b48a6-1b0737"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfb112c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
DATA 200
OK truncated
/ 611 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eba019985b60c3fa774e0d28d152afda9dfe6eb3d39f6dc332c2928754513bef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 vip-mobile-icon.png
www.pailottery.com/static/images/palottery/ 8 KB
8 KB 427ms
425ms Image
image/png 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/static/images/palottery/vip-mobile-icon.png

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/stylesheets/compiled/palottery/main.min.css?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baabed181ee493fb739487a684922d5d26adf1a3fdbab2d24268e09427b72865

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/static/stylesheets/compiled/palottery/main.min.css?rev=10.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 08:36:53 GMT
server: cloudflare
etag: "654b48a5-1fc1"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82c43d0dfb122c4b-FRA
content-length: 8129
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 palotteryblack.svg
www.pailottery.com/media/filer_public/8e/53/8e53b515-66f2-4cf0-9cab-51e5c4ed4691/ 11 KB
4 KB 409ms
408ms Image
image/svg+xml 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/media/filer_public/8e/53/8e53b515-66f2-4cf0-9cab-51e5c4ed4691/palotteryblack.svg

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59004c25edf5405bf048bb9b055a3aa46aa7cf79dba297cb60738c8e574b08fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 13 Sep 2022 06:37:19 GMT
server: cloudflare
etag: W/"6320251f-2bf4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfb152c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 spinner.svg
www.pailottery.com/static/images/palottery/ 3 KB
921 B 428ms
426ms Image
image/svg+xml 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pailottery.com/static/images/palottery/spinner.svg

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/stylesheets/compiled/palottery/main.min.css?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bb1c051454ab0caf14bc9130e103153b687a510dfe68b17b740e2ee9ef50c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/static/stylesheets/compiled/palottery/main.min.css?rev=10.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 08 Nov 2023 08:36:53 GMT
server: cloudflare
etag: W/"654b48a5-d40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cf-ray: 82c43d0dfb162c4b-FRA
expires: Wed, 23 Nov 2033 18:36:42 GMT

GET
H2 200 brwr_palottery.js
www.pailottery.com/static_builds/brand-wrapper/ 2 MB
0 1054ms
1054ms Script
application/javascript 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pailottery.com/static_builds/brand-wrapper/brwr_palottery.js?rev=27f5ea77702ca90671d9872e66c8f8fd
Requested by: Host: www.pailottery.com
URL: https://www.pailottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 17 May 2023 06:24:48 GMT
server: cloudflare
etag: W/"64647330-3cb820"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 82c43d0e0b1b2c4b-FRA
expires: Wed, 23 Nov 2033 18:36:43 GMT

GET
H2 200 a11202468046.html Show response
a11202468046.cdn.optimizely.com/client_storage/ Frame 9FD3 2 KB
1 KB 56ms
10ms Document
text/html 2.17.191.240
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a11202468046.cdn.optimizely.com/client_storage/a11202468046.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/11202468046/s/past4g3sn1pp3t.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.17.191.240 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-17-191-240.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

c86f637f55db457ca98d8f1b89263a53f6678efad5ba59cd8c54b9f030ed80fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.pailottery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 807
content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 18:36:42 GMT
etag: "d2904ca2b64c059f24e3bf8defa53ba8"
last-modified: Thu, 07 Jul 2022 01:57:25 GMT
server: AmazonS3
server-timing: cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2.17.191.240";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1701023802623_34901878_792761478_34_2021_5_10_255";dur=1
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,2
x-amz-id-2: 9b+F6NF3nzCQX/AgiJGStb64a+hMtFeOoj3U8P6mo+SxNaklDZR4SlQpleyAT23+Z87xjSAoWhs=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: 73G3RWGHWWVJ9VEN
x-amz-server-side-encryption: AES256
x-amz-version-id: tMJRqXdHXK6b3o8q.g1zQ.3ZgCnCpfJi

GET
H2 200 / Show response
www.pailottery.com/api/constance/ 498 B
615 B 395ms
395ms XHR
application/json 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/api/constance/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77e5d47eb93cf390a88ba5ecfe5682acdcde9e6c55c4146431d49f4feae913bf

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Origin, Accept-Language, Cookie
content-language: en
x-url: /api/constance/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: pa3p69xwpws000
x-gtm-data: {"LG_deviceInfo": "browser|os_windows_10_10.0|brw_chrome_119.0|PC", "LG_customerGroupTier": null}
cf-ray: 82c43d0efc3d2c4b-FRA

GET
H2 200 / Show response
www.pailottery.com/api/events/geolocation/ 22 B
117 B 469ms
469ms XHR
application/json 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/api/events/geolocation/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee42f419ce2b8c5bd25cb53a749ee0d3ab247b43caddfd9e1899f0b06e0905d7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Origin, Accept-Language, Cookie
content-language: en
x-url: /api/events/geolocation/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: pa3p69xwpws004
x-gtm-data: {"LG_deviceInfo": "browser|os_windows_10_10.0|brw_chrome_119.0|PC", "LG_customerGroupTier": null}
cf-ray: 82c43d0f0c562c4b-FRA
content-length: 22

GET
H2 200 / Show response
www.pailottery.com/api/events/session-extension/ 22 B
105 B 471ms
471ms XHR
application/json 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/api/events/session-extension/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee42f419ce2b8c5bd25cb53a749ee0d3ab247b43caddfd9e1899f0b06e0905d7

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Origin, Accept-Language, Cookie
content-language: en
x-url: /api/events/session-extension/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: pa3p69xwpws000
x-gtm-data: {"LG_deviceInfo": "browser|os_windows_10_10.0|brw_chrome_119.0|PC", "LG_customerGroupTier": null}
cf-ray: 82c43d0f0c582c4b-FRA
content-length: 22

GET
H2 200 / Show response
www.pailottery.com/api/translations/en/ 227 KB
43 KB 501ms
501ms XHR
application/json 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/api/translations/en/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57a651362e01d5859ac1789adc8edee6f3cd688256ceeb46225aadfb78c94952

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Origin, Accept-Language, Cookie
content-language: en
x-url: /api/translations/en/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: pa3p69xwpws006
x-gtm-data: {"LG_deviceInfo": "browser|os_windows_10_10.0|brw_chrome_119.0|PC", "LG_customerGroupTier": null}
cf-ray: 82c43d0f0c5b2c4b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
93 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-440XK36R0P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

481e07c8552f539787dc9b90aba0805aa2ef6e49427601f90eb32486456bc7ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 26 Nov 2023 18:36:42 GMT

GET
H2

200

activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;u... Show response
2620894.fls.doubleclick.net/ Frame D5D0
Redirect Chain

https://2620894.fls.doubleclick.net/activityi;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=...
https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11...

591 B
512 B

78ms
77ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

797f5240b32e229e95b8158ee41ef0b1b1c0cb5488344797bb592f8999f80533

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pailottery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 335
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv... Show response
2620894.fls.doubleclick.net/ Frame 566E
Redirect Chain

https://2620894.fls.doubleclick.net/activityi;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;ua...
https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1...

583 B
503 B

78ms
77ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

d78d4408632bc094849aceb4964a6b70b9057c9d7c4da14c291039142e36b3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pailottery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 329
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uaf... Show response
11380201.fls.doubleclick.net/ Frame 0327
Redirect Chain

https://11380201.fls.doubleclick.net/activityi;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;...
https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1...

960 B
797 B

85ms
84ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

a52676b1fafd87bb04d90ebf9ad2bb6df44eac4dd438ecee25bdce6a4accfa70

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pailottery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 456
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Sun, 26 Nov 2023 18:36:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.js Show response
tracker.mnixdata.com/ 16 KB
5 KB 53ms
23ms Script
application/javascript 104.18.15.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.mnixdata.com/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.18.15.89 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaec8c74a66d0b53a2dc695f8f80cae4f812c5232e99935ed22e0e74b7f12ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1699445796
age: 1026
x-guploader-uploadid: ABPtcPpP5ms6VzHmryOzQ6JBZvanqCJ_7ymCnMedq0Z2BaWYD8hH-145efX_mrxneyr9gbLK409kLw4pjOYT9FVa7NKrgFIjW_n2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Wed, 08 Nov 2023 12:16:39 GMT
server: cloudflare
etag: W/"32fd2440749aca6257493c74c6124e46"
vary: Accept-Encoding
x-goog-generation: 1699445799045145
content-type: application/javascript
x-goog-hash: crc32c=h4gF4A==, md5=Mv0kQHSaymJXSTx0xhJORg==
cache-control: public, max-age=14400
x-goog-stored-content-length: 16827
cf-ray: 82c43d0f684bbb32-FRA
expires: Sun, 26 Nov 2023 22:36:42 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=29051735&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29051735%26t%3D1

0
809 B

58ms
58ms

Script
application/javascript

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29051735%26t%3D1

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
an-x-request-uuid: bd766f91-44bb-4a19-b8f9-9a2a70a37acd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
an-x-request-uuid: 3453f474-61d4-4504-af73-40478513d606
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D29051735%26t%3D1
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK otherlevels.js Show response
cdn.otherlevels.com/js-sdk/ 126 KB
37 KB 109ms
26ms Script
application/javascript 52.222.139.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=ae7d2d3d1eee7600845cc399f9e1a637
Requested by: Host: www.pailottery.com
URL: https://www.pailottery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-58.ams50.r.cloudfront.net
Software: /
Resource Hash: a1b9a342f8a8d61de90d239d19aa430cd0a15951af327789b6ffb0778f1357ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 18:20:15 GMT
Content-Encoding: gzip
Via: 1.1 c8398cf797b03d1d2d2deda33fe571f0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS50-C1
Age: 987
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=172800
Connection: keep-alive
Content-Length: 37794
X-Amz-Cf-Id: m2sZ3mOLl6EyK_B5Sbe1JbSmGNperQ6dmtrdSrPZ5LLtz9qx1u_MJQ==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 76ms
27ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=7a4bdb50-ea70-4c70-a00f-8ef3c85d3a21

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:42 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 19
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eTwZbj9NZQ%2FtHK%2FVQZxoAbJXjiANBYiDQiSfbkHfKhWPgwoWV%2B2x8NluejuIy2QhrQaBNXvUcKAEN692C5Q8iBQdp%2BA1XREarz3UbqFBzd060hOdM%2B3SXxGK%2FtzSDtpTw5TZIzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 82c43d0f9f481ca9-FRA

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1000157&seg=13452283&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1000157%26seg%3D13452283%26t%3D2

43 B
841 B

42ms
42ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1000157%26seg%3D13452283%26t%3D2

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
an-x-request-uuid: c00d3eea-b00b-4c3b-a90b-f6ffd4588b8d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
an-x-request-uuid: 24bf567a-db33-4949-a509-36a23e24efa1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1000157%26seg%3D13452283%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
adservice.google.de/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.pailotte...
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8340133;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www...
https://adservice.google.de/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www....

42 B
119 B

220ms
90ms

Image
image/gif

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.de/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.pailottery.com/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://adservice.google.de/ddm/fls/p/src=8340133;dc_pre=CJXkmbyn4oIDFbtGkQUdlBAEow;type=invmedia;cat=qodbsf9j;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;~oref=https://www.pailottery.com/
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 177ms
55ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 26 Nov 2023 17:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2824
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 26 Nov 2023 19:49:38 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801979269/ 3 KB
2 KB 179ms
66ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801979269/?random=1701023802763&cv=11&fst=1701023802763&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&hn=www.googleadservices.com&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&auid=594687067.1701023803&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fac70933c57f2118bfb64fbec7b9ca294dfcf4a9e7fff32ef1c912aafb8f6b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801559499/ 3 KB
1 KB 180ms
68ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801559499/?random=1701023802765&cv=11&fst=1701023802765&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&hn=www.googleadservices.com&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&auid=594687067.1701023803&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18eb3d23d0576fee9e5de2e372b428b116eb4588aa6c8138c4f3e80628edd2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Nov 2023 18:36:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 9KjiUlehlX1MfFDksPHOAL7Mm2GyjJnPX1r60Fzgksh58tqGcMCnCsMfvoyx9ZcLqrowBBCKtwX7ihtTKvQjIw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 49ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 26 Nov 2023 18:36:42 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BDF32838BCFB417B96BC66A778E0A6E5 Ref B: FRAEDGE1220 Ref C: 2023-11-26T18:36:42Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 279839272469184 Show response
connect.facebook.net/signals/config/ 365 KB
114 KB 483ms
482ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/279839272469184?v=2.9.138&r=stable&domain=www.pailottery.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a4aab48d21a43b221b448874fef04a826a23d27bc4c7ddbafaa6a40ec478b59

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 26 Nov 2023 18:36:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ed4t8r2F6tEFCihvG6RGhPtp22yGqgk7sjgv42tIcl75n0iFBlcFh3aRqfJSf/CslnDWcXew/xggQIzAyoWE/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7a4bdb50-ea70-4c70-a00f-8ef3c85d3a21 Show response
ekr.zdassets.com/compose/ 2 KB
2 KB 226ms
190ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/7a4bdb50-ea70-4c70-a00f-8ef3c85d3a21

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7a4bdb50-ea70-4c70-a00f-8ef3c85d3a21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e666cd41140b7588d359d0e061e0122984acbee93fec73aaf40bfd2671bf43cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 826001a3d9130951-SEA, 826001a3d9130951-SEA
x-runtime: 0.005059
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e666cd41140b7588d359d0e061e01229"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtnzzYshK%2FHAc18X%2BZWR862blQ5152SRO4E0kWyWZKDRO2ccKVQ9DEVBXkBVTNxpwR3WkgoRp3kimSzI1g2MJ8PB6SPxWEBu0957jtc4dMHPzHcxVjXoq9OCk9f218Qipe8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 82c43d0ffc259a05-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 101ms
38ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-440XK36R0P&gtm=45je3b81v898905107z878554229&_p=1701023802384&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=653000506.1701023803&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701023802&sct=1&seg=0&dl=https%3A%2F%2Fwww.pailottery.com%2F&dt=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1517
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-440XK36R0P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pailottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 47ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 02:56:46 GMT
Content-Encoding: gzip
Via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Nov 2023 02:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 56397
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 8dwkVMlgbdY_xrz6VRU80eu6WS9bS6JEY7zLhficSIiSu_M0hMLxWw==

GET
H2 204 30000613.js Show response
bat.bing.com/p/action/ 0
117 B 80ms
80ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/30000613.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 26 Nov 2023 18:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F57B4273D4A24CD1924B63180A5A13D8 Ref B: FRAEDGE1220 Ref C: 2023-11-26T18:36:42Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=30000613&Ver=2&mid=d8806964-5c3a-4c6c-a6fb-6de8a196c2fd&sid=bec1e7008c8a11ee896d9f5079676bf3&vid=bec20b508c8a11eebf9b7daee6379b77&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&kw=PA%20iLottery,%20PA%20Lottery,%20Pennsylvania%20Lottery,%20online%20lottery%20games,%20online%20games&p=https%3A%2F%2Fwww.pailottery.com%2F&r=&lt=1205&evt=pageLoad&sv=1&rn=727905

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 26 Nov 2023 18:36:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14C8AD360DA24371A7F78354BCC8C651 Ref B: FRAEDGE1220 Ref C: 2023-11-26T18:36:42Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content session
js-api.otherlevels.com/0.8/ Frame 0
0 706ms
170ms Preflight 52.13.2.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.2.21 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-2-21.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.pailottery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Sun, 26 Nov 2023 18:36:43 GMT
Server: Tengine
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK session Show response
js-api.otherlevels.com/0.8/ 3 B
816 B 176ms
176ms XHR
text/plain 52.13.2.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=ae7d2d3d1eee7600845cc399f9e1a637

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.13.2.21 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-13-2-21.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 26 Nov 2023 18:36:43 GMT
X-Content-Type-Options: nosniff, nosniff
Connection: keep-alive
Content-Length: 3
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Request-Id: sdkapi-a4041a37-568c-4292-8fdf-932a6561786b
Pragma: no-cache;
Server: Tengine
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-Id
Cache-Control: no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires: Mon, 01 Jan 0001 00:00:00 GMT;

GET
H2 200 embed.js Show response
resources.digital-cloud-west.medallia.com/wdcwest/148607/onsite/ 1 KB
992 B 61ms
9ms Script
application/javascript 146.75.117.230
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.digital-cloud-west.medallia.com/wdcwest/148607/onsite/embed.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTG4979

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.117.230 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

df9918af943ce34c822464266780870da5bf765f238c0aa3be96214bd2e5e2b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 6bqePBPX6QGO3gkk0GnXVOH4rRsXVeGl
content-encoding: gzip
via: 1.1 varnish
date: Sun, 26 Nov 2023 18:36:42 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 36WXFKRGYW8QW4B3
age: 334142
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 533
x-amz-id-2: WMRVCW2zIUeJx4fCFu4DuZyj82ne13fWrlJIiPMnPkBF6SU9VBKbfzQxw1sdBIjVt4ZwHtrwupk=
x-served-by: cache-fra-eddf8230029-FRA
last-modified: Mon, 13 Nov 2023 16:20:17 GMT
server: AmazonS3
x-timer: S1701023803.984313,VS0,VE2
etag: "366f5f7fcd8ee9f70ee0c4f2b2c55bde"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 /
www.google.com/pagead/1p-user-list/801979269/ 42 B
109 B 183ms
69ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801979269/?random=1701023802763&cv=11&fst=1701021600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&fmt=3&is_vtc=1&cid=CAQSGwDICaaNE-2ivah5pH6QpcZEt9fJK9alg_OyiA&random=3766921069&rmt_tld=0&ipr=y

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801979269/ 42 B
109 B 182ms
67ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801979269/?random=1701023802763&cv=11&fst=1701021600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&fmt=3&is_vtc=1&cid=CAQSGwDICaaNE-2ivah5pH6QpcZEt9fJK9alg_OyiA&random=3766921069&rmt_tld=1&ipr=y

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/801559499/ 42 B
456 B 177ms
68ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801559499/?random=1701023802765&cv=11&fst=1701021600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8PzKAOtbsJwtA3AFpgo-CBI9hOWoeQ&random=1787385783&rmt_tld=0&ipr=y

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801559499/ 42 B
456 B 176ms
66ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801559499/?random=1701023802765&cv=11&fst=1701021600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v78554229&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.pailottery.com%2F&frm=0&tiba=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&fmt=3&is_vtc=1&cid=CAQSGwDICaaN8PzKAOtbsJwtA3AFpgo-CBI9hOWoeQ&random=1787385783&rmt_tld=1&ipr=y

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 62ms
61ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1472133379&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pailottery.com%2F&ul=en-us&de=UTF-8&dt=PA%20iLottery%20%7C%20Online%20Games%20%7C%20Pennsylvania%20Lottery%20-%20PA%20iLottery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=324201037&gjid=39397517&cid=653000506.1701023803&tid=UA-3428891-4&_gid=1781773211.1701023803&_r=1&_slc=1&gtm=45He3b81n81PTG4979v78554229&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=181641855

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pailottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 validate Show response
pixelconnector.mnixdata.com/ 215 B
377 B 350ms
313ms XHR
application/json 104.18.14.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.mnixdata.com/validate?id=92f5c1cf-6d70-4e37-807e-4504ee34d6be

Requested by

Host: tracker.mnixdata.com
URL: https://tracker.mnixdata.com/pixel.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.14.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe5788985c94b03dfcc6c504165556d7d020da46432a47a20db17dc11578e9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.pailottery.com
cf-ray: 82c43d10c9a49b51-FRA

GET
H2 200 dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=... Show response
adservice.google.com/ddm/fls/i/ Frame CD8C 590 B
407 B 216ms
93ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Requested by

Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/activityi;dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aaaf2ea6b166d1781d269bc3f820177ecb07f7a41f4888bd3c8fd4142b418282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2620894.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;... Show response
adservice.google.com/ddm/fls/i/ Frame FE3F 582 B
705 B 214ms
93ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Requested by

Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/activityi;dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ec44b6f8afdcb3aaee92fcbe4bc09056decd724fa864e806c355342d36d33a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2620894.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 329
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 157ms
52ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3428891-4&cid=653000506.1701023803&jid=324201037&gjid=39397517&_gid=1781773211.1701023803&_u=YADAAEAAAAAAACAAI~&z=316737800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pailottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame 0327 5 KB
3 KB 7ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: 11380201.fls.doubleclick.net
URL: https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11380201.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 02:56:46 GMT
Content-Encoding: gzip
Via: 1.1 8109fadbc132b410ecc2c3df250d6144.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Nov 2023 02:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 56398
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: m_VusIL4GsZXfPeHhZPerlg1FOlv1ag6bF-5kfuz_Xk2Bdy2Bcu5Ag==

GET
H2 200 dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=*;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;ua...
adservice.google.com/ddm/fls/z/ Frame 0327 42 B
119 B 201ms
95ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=*;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Requested by

Host: 11380201.fls.doubleclick.net
URL: https://11380201.fls.doubleclick.net/activityi;dc_pre=CLqhm7yn4oIDFUhMkQUdoXUOEg;src=11380201;type=penns0;cat=penns0;ord=1656527061221;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11380201.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame A218 923 KB
265 KB 42ms
42ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=7a4bdb50-ea70-4c70-a00f-8ef3c85d3a21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
x-amz-version-id: 4cbhc1.6rLf_h9ym68WJ6KIAscXI23.M
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG7YA8N871VD5J1
age: 1421878
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ZySt8kL6ROzjbORLYN+I+W/w/yJpdfSQoR8pczX7IS0KJ4757YvEDq2mRj/feQlz/RRnW6+iyR4=
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"d21ab80a38e205ddac2cf2e5ff41ab5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCFez2NO4DksasomZV3zd5DpcJKr1qozZxdtzDOB9CJAjh5l9icK6A%2BlBbZfOs7csMeFXGW0Qmh3DzZaoMf2CftXtB1iz%2FGJce3z5wvmqVVuwXB3SIwObLs%2BPWDfUJ4ePt7bWtE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c43d1139d21ca9-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame A218 25 KB
6 KB 22ms
22ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
x-amz-version-id: I_EA8shgdUVnTYVtPsngXZhS4fZlnaal
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: XMH8WHSS3SHAKJMK
age: 1093458
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 30QD48lw+Xk4Za/KTs3qUzuf+pyeSSso8S0TOdNcnw7ByTmU4mh5Pd0VGfA/Y4mrlADYzA+RWgM=
last-modified: Mon, 06 Nov 2023 00:49:02 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9cNZ46ISnoyW9ziYMKvGuiXjdpXrmsDHQ2jid%2BHwPQMDAghsIxwtWoU4T9vjHQ0%2BNuazXtY1YHYHYLJ%2FfzWiEjjiZ1AWGpndUFL3aqTUUkbX3rr4vLWZ6gRGnlQhCTo8KLaDZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c43d122b271ca9-FRA
expires: Tue, 05 Nov 2024 00:49:01 GMT

GET
H2 200 config Show response
pail.zendesk.com/embeddable/ Frame A218 1 KB
1 KB 250ms
196ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pail.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f12ed86ea3306aefe0cc77853c9eadb33dc31ddc6dbb826259a42b274791338

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-854d5f455-x8b65
x-cached: MISS
x-request-id: 82c43d1289dc9223-FRA
x-runtime: 0.001875
last-modified: Sun, 26 Nov 2023 18:36:43 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc9H3FerU61es1TVBzI7fyiE4FOlKpDzoLdwIxBxKaDaKkWQeD0Cqs6t1lyRPitR5YZPPfjS3OWzLH0UdUBgNHVSriKLT5fkxNVRNlKqzh2B6W4GNoNhrhnqlxXDx5uULt0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 82c43d1289dc9223-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 95ms
94ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3428891-4&cid=653000506.1701023803&jid=324201037&_u=YADAAEAAAAAAACAAI~&z=1380836997

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 93ms
92ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3428891-4&cid=653000506.1701023803&jid=324201037&_u=YADAAEAAAAAAACAAI~&z=1380836997

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 5517 0
61 B 98ms
30ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=xu8kfn7&ref=https%3A%2F%2Fwww.pailottery.com%2F&upid=7bkjpjz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://11380201.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Sun, 26 Nov 2023 18:36:43 GMT
server: Kestrel

GET
H3

200

dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;... Show response
2620894.fls.doubleclick.net/ddm/fls/r/ Frame E89D
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps...
https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1...

2 KB
785 B

78ms
78ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

cd3495bf372a51401333c16ceea467d3603a69a6967a7fea2ae108842a0b5009

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 762
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Sun, 26 Nov 2023 18:36:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=... Show response
2620894.fls.doubleclick.net/ddm/fls/r/ Frame FA2B
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1...
https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11...

910 B
462 B

74ms
74ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e3c99d20ddb351e91a2d4338326c24577b5d968f3b63ffda7c99afd854e1e0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 439
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Sun, 26 Nov 2023 18:36:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 26 Nov 2023 18:36:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 web-widget-chat-sdk-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame A218 202 KB
51 KB 23ms
23ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
x-amz-version-id: o7xvdt2jCIx0Amjxg6egfD1YDavsv5SR
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGAHHY8W9D8PRQ9
age: 1536944
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Ad9v/8JLxvkhVxv6lGIgKq+X+Yu/pujiWIV9tvuMWaAhnzcHDXExlB1L5zBSuH5dZA74xm8wuLxUr39uMsMNYg==
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVBbjIaMKzBeA6zvgTFhHBw63Wrd35TSGvyqjnMGnpLm5816eb%2F9sG%2FHofUP8I5oYEFZBbsSJAFfeNHivWyUDDgxVQM1MJsl1Lkv2zVa0SyQzH9b9fRv6kMmM%2BlVBebGODoaDBM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c43d126b7a1ca9-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

POST
H2 200 68cd89fbb7bc17a75962b76338e64ccdc956034b2105d38bc9e5365075f52663 Show response
capidashboard.pailottery.com/events/ 0
405 B 457ms
105ms XHR
text/plain 54.208.112.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://capidashboard.pailottery.com/events/68cd89fbb7bc17a75962b76338e64ccdc956034b2105d38bc9e5365075f52663

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/279839272469184?v=2.9.138&r=stable&domain=www.pailottery.com

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.208.112.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-208-112-155.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.pailottery.com
date: Sun, 26 Nov 2023 18:36:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 23ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=279839272469184&ev=PageView&dl=https%3A%2F%2Fwww.pailottery.com%2F&rl=&if=false&ts=1701023803348&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701023803347.590164053&eid=ob3_plugin-set_434df0f96a6dab538de436de00423f919e873dee5b8eaeda85a8e5ca2f2b45a0&ler=empty&it=1701023802811&coo=false&rqm=GET

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pailottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 26 Nov 2023 18:36:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 update Show response
pixelconnector.mnixdata.com/ 22 B
79 B 148ms
148ms XHR
application/json 104.18.14.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pixelconnector.mnixdata.com/update?s=pixel.js

Requested by

Host: tracker.mnixdata.com
URL: https://tracker.mnixdata.com/pixel.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.18.14.89 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.pailottery.com
cf-ray: 82c43d12fc4d9b51-FRA
content-length: 22

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
554 B 332ms
107ms XHR
text/plain 23.23.65.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/11202468046/s/past4g3sn1pp3t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.23.65.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-65-67.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 26 Nov 2023 18:36:43 GMT
Server: nginx/1.21.0
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://www.pailottery.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
X-Request-Id: cf8b4e16-d067-4786-883c-1ee4b4423342

GET
H2 200 59ac762f-f959-4280-af5d-789d2ea8523f.png
tag.simpli.fi/sifitag/ Frame FA2B 95 B
554 B 70ms
18ms Image
image/png 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.simpli.fi/sifitag/59ac762f-f959-4280-af5d-789d2ea8523f.png
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
server: openresty
content-type: image/png; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 95
x-request-id: F5tAIxCIAaRujJuV133B
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame FA2B 70 B
149 B 31ms
30ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=jmkc672&ct=0:b4jq7j3&fmt=3
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 px
secure.adnxs.com/ Frame FA2B 43 B
792 B 41ms
40ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1036979&seg=14790439&t=2

Requested by

Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
an-x-request-uuid: 24b27f9a-b990-49b8-a4be-038e4276cdf8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
adservice.google.com/ddm/fls/z/ Frame FA2B
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8340133;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://ad.doubleclick.net/ddm/activity/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1?
https://adservice.google.com/ddm/fls/z/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

42 B
108 B

93ms
93ms

Image
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1

Requested by

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=8340133;dc_pre=CMeWxLyn4oIDFWlXkQUd3yYMiA;type=invmedia;cat=palot0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
pixel.mediaiqdigital.com/ Frame FA2B
Redirect Chain

https://secure.adnxs.com/px?id=1101584&seg=17607826&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26u3%3D%26u4%3D%26pixel_id%3D1101584%26uid%3D%24%7BUID%7D&t=2
https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1101584&uid=2279516303130703776

2 B
83 B

49ms
7ms

Image
application/json

18.194.84.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1101584&uid=2279516303130703776
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzBmryn4oIDFb5YkQUdQO4FPg;src=2620894;type=ilott0;cat=ilott003;ord=1;num=7080492556059;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Server: 18.194.84.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-84-132.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
content-length: 2
content-type: application/json; charset=utf-8

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
an-x-request-uuid: a342c102-515c-4d7f-8582-09b14722caf4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://pixel.mediaiqdigital.com/pixel?&u3=&u4=&pixel_id=1101584&uid=2279516303130703776
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

c
trkn.us/pixel/ Frame E89D
Redirect Chain

https://trkn.us/pixel/c?ppt=20320&g=sitewide&gid=47632&
https://trkn.us/pixel/c?ppt=20320&g=sitewide&gid=47632&&ip=185.213.155.147&cuidchk=1

42 B
780 B

1074ms
1074ms

Image
image/gif

54.156.17.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/c?ppt=20320&g=sitewide&gid=47632&&ip=185.213.155.147&cuidchk=1

Requested by

Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F

Protocol

HTTP/1.1

Server

54.156.17.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-17-57.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Nov 2023 18:36:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sun, 26 Nov 2023 18:36:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/c?ppt=20320&g=sitewide&gid=47632&&ip=185.213.155.147&cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame E89D 9 KB
4 KB 37ms
8ms Script
application/javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Fri, 27 Jan 2023 02:11:02 GMT
Date: Sun, 26 Nov 2023 18:36:43 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 58515
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21930-LGA, cache-fra-eddf8230099-FRA
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1701023804.585098,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 237790, 12172

GET
H2 200 sync Show response
live.rezync.com/ Frame E89D 2 KB
3 KB 208ms
156ms Script
text/javascript 18.239.83.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=1272ee6aeb55e218ca23ff26bb404868&k=pa-lottery-pixel-1323&zmpID=pa-lottery&cache_buster={cache_buster}
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-23.ams58.r.cloudfront.net
Software: lighttpd/1.4.69 /
Resource Hash: 2dc21c8db3c0a81f8c724dcafa1c9b2faff0bb45ff45cc62317c7a0c9a2082b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
via: 1.1 9adf50a068a92adaab58cf6a21118640.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 2226
x-amz-cf-id: KFdOSTuTu5hh8dO7vDlNTra1UchVxC-uMy7ra1GN7jV_R8pL-EczjA==

POST
H2 200 / Show response
www.pailottery.com/common/endpoint/ 143 B
292 B 1201ms
1199ms XHR
application/json 2606:4700::6812:13fa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pailottery.com/common/endpoint/

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13fa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

660e15921f988c044f170cb0465cfa2e4fa5e1265ab0ba0dfe4a95ca2b178c5b

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pailottery.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-CSRFToken: 0qUx74g1apziSS1zDIF3QCiJPicZJWh1iIEHczaQUYLJf0YsSL6agWhaqkrwfccz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS
vary: Origin, Accept-Language, Cookie
content-language: en
x-url: /common/endpoint/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: pa3p69xwpws007
x-gtm-data: {"LG_deviceInfo": "browser|os_windows_10_10.0|brw_chrome_119.0|PC", "LG_customerGroupTier": null}
cf-ray: 82c43d14ac2e2c4b-FRA

GET
H2 200 pixie
ib.adnxs.com/ Frame E89D 42 B
228 B 7ms
6ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=17c77aa0-f3e9-4a9c-98a4-cbfa8cb5542c&it=1701023803632&v=0.0.20&u=https%3A%2F%2F2620894.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKfQmryn4oIDFXRdkQUdzNYErQ%3Bsrc%3D2620894%3Btype%3Dilott0%3Bcat%3Dallpa0%3Bord%3D2359506517682%3Bauiddc%3D594687067.1701023803%3Bgtm%3D45He3b81v78554229%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fwww.pailottery.com%252F&r=https%3A%2F%2Fadservice.google.com%2F&st=1701023803632&et=1701023803632&if=1
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: nginx/1.23.4 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:43 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx/1.23.4
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 42
content-type: image/gif

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ Frame E89D 19 KB
6 KB 75ms
14ms Script
application/x-javascript 2600:9000:20b4:3a00:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.pailottery.com
URL: https://www.pailottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:3a00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:14:15 GMT
content-encoding: gzip
via: 1.1 d1b1cc661d55a3f8a88f240826e4f38c.cloudfront.net (CloudFront)
last-modified: Sun, 26 Nov 2023 18:14:05 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: AMS58-P4
age: 1348
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: O6ZC7ok8CkiG13s97lXt5L7zzlVR6IxqtNv3_M0zPRfbBnAhxJK7HQ==
expires: Sun, 26 Nov 2023 19:14:15 GMT

GET
H2 200 seg Show response
secure.adnxs.com/ Frame E89D 0
811 B 8ms
7ms Script
application/javascript 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=31747530&t=1&cb=1701023803.685719

Requested by

Host: live.rezync.com
URL: https://live.rezync.com/sync?c=16b6410431b6374e780104abb0443ca8&p=1272ee6aeb55e218ca23ff26bb404868&k=pa-lottery-pixel-1323&zmpID=pa-lottery&cache_buster={cache_buster}

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:43 GMT
an-x-request-uuid: 9277da2e-bd04-4653-b15c-6e97ff295156
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK p13n.min.js Show response
cdn.boomtrain.com/p13n/pa-lottery/ Frame E89D 92 KB
30 KB 106ms
25ms Script
application/javascript 18.239.69.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.boomtrain.com/p13n/pa-lottery/p13n.min.js
Requested by: Host: www.pailottery.com
URL: https://www.pailottery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0d2e29217fe8b319a895420984c633897b9b493a2474339f45a9045a41f195e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: wY_YSAgskyqnbK2k29zcCZkjGtUz1hLY
Content-Encoding: gzip
Via: 1.1 eb78cbb81a4ab555c78ae1168deff6e2.cloudfront.net (CloudFront)
Date: Sun, 26 Nov 2023 18:36:43 GMT
X-Amz-Cf-Pop: AMS58-P4
Age: 301
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Fri, 17 Nov 2023 11:45:56 GMT
Server: AmazonS3
ETag: W/"83422583e18248f4d5987238a135d6d4"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=3600
X-Amz-Cf-Id: FERd9uCRhNKD-txy3R2W_GtjZCCHsPURDdSP05JZOCi8CHOA47Z40g==

GET
H/1.1 200
OK ca.html Show response
20842193p.rfihub.com/ Frame DAA5 5 KB
6 KB 222ms
20ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20842193p.rfihub.com/ca.html?ver=9&rb=47018&ca=20842193&_o=47018&_t=20842193&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&pe=https%3A%2F%2F2620894.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKfQmryn4oIDFXRdkQUdzNYErQ%3Bsrc%3D2620894%3Btype%3Dilott0%3Bcat%3Dallpa0%3Bord%3D2359506517682%3Bauiddc%3D594687067.1701023803%3Bgtm%3D45He3b81v78554229%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B%7Eoref%3Dhttps%253A%252F%252Fwww.pailottery.com%252F&pf=https%3A%2F%2Fadservice.google.com%2F&ra=2962436605197556
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 6fc82df23a66a5d24651906926bf8360ea3a1c8d7d89e3f547ac15ca1ca9e876

Request headers

Referer: https://2620894.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4918
Content-Type: text/html;charset=utf-8
Date: Sun, 26 Nov 2023 18:36:44 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK resolve Show response
people.api.boomtrain.com/identify/ Frame E89D 144 B
459 B 463ms
126ms XHR
application/json 54.145.128.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e30sImV4dGVybmFsX2lkcyI6eyJ6eW5jIjoiZWUwZGEzYWMtZGQ4Mi00MWZkLTk2YTktMWI1ODE3MjMyY2RjOjE3MDEwMjM4MDMuNjgyMjU4NCJ9fQ%3D%3D&site_id=pa-lottery
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/pa-lottery/p13n.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.128.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-128-220.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8f7d22bf3c3d5560700e932e32650cdd807d6d78b8c17e0fd77a7a56957e17b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2620894.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 18:36:44 GMT
Server: nginx
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length: 144

GET
H2

451

501709.gif
idsync.rlcdn.com/ Frame DAA5
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer=https%3A%2F%2Fadservice.google.com%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b58172...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96...
https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.1556985

0
43 B

26ms
26ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.1556985
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 9adf50a068a92adaab58cf6a21118640.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.1556985
content-length: 447
x-amz-cf-id: 1o_PlRsAiNHczECO0nWdjNykwnbs-2rpejgrFYZt8yAiBD8fogG99A==

GET
H3

451

501709.gif
idsync.rlcdn.com/ Frame DAA5
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MDA4NDkyODUzMTY2NzIxMg==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEIUm6TgwKcWK8z7u527Kr3Y&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96a9-1b58172...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5140084928531667212&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3Dee0da3ac-dd82-41fd-96...
https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.3540301

0
9 B

20ms
20ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.3540301
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 9adf50a068a92adaab58cf6a21118640.cloudfront.net (CloudFront)
server: lighttpd/1.4.69
x-amz-cf-pop: AMS58-P5
vary: Cookie
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.3540301
content-length: 447
x-amz-cf-id: XALjowY5ugeLJthkE8WqkaUiXKJOJ1PQ-3y3rhTFxrw8WO2lb8xX3g==

GET
H2 200 setuid
ib.adnxs.com/ Frame DAA5 43 B
835 B 8ms
7ms Image
image/gif 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5140084928531667212

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
an-x-request-uuid: 2592692e-3932-45a0-b448-09a0d5e46d0f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.147; 185.213.155.147; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame DAA5
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5140084928531667212&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084928531667212&redir=

42 B
717 B

31ms
31ms

Image
image/gif

34.248.152.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084928531667212&redir=

Requested by

Protocol

Server

34.248.152.66 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-152-66.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-011e9d9b8.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: p3Qi67iRReg=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-04bfcd41e.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Cu6bN9EXQr0=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5140084928531667212&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame DAA5 0
226 B 57ms
14ms Image
text/html 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5140084928531667212&r=
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 26 Nov 2023 18:36:44 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame DAA5 43 B
274 B 70ms
20ms Image
image/gif 35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5140084928531667212&r=
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame DAA5
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5140084928531667212&bid=omt9pi0

0
344 B

48ms
12ms

Image
text/plain

3.120.214.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5140084928531667212&bid=omt9pi0
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: HTTP/1.1
Server: 3.120.214.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-214-218.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 26 Nov 2023 18:36:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5140084928531667212&bid=omt9pi0
Date: Sun, 26 Nov 2023 18:36:44 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame DAA5 53 B
618 B 77ms
47ms Image
image/gif 184.30.24.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5140084928531667212

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 26 Nov 2023 18:36:44 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Sun, 26 Nov 2023 18:36:44 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame DAA5 43 B
110 B 348ms
137ms Image
image/gif 44.216.205.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5140084928531667212
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.216.205.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-216-205-237.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame DAA5
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward=&C=1

43 B
341 B

32ms
31ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward=&C=1
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XScPHjZRdJqqT4YctfIAI0qLflJutgAol%2BBVWIH6FQkzbaPyOJ8U8lqpmm52Pm07%2BcLoKufE%2Bzk8yqeAfP9FyyID5pQppKAmE94vUSlnysIE3Z%2Fdx6KQTihwsavnaSQYPtE1Kvwv%2B5z0mw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82c43d17e92e2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cGWFz%2B0xw4eb3ydaietelZkxknB3tWYyEJoZnWZrO9Vin6pcbtzcrtfCx3p37tt10w%2F5zh75obQdS%2FJ7RlzhLKsiXcq%2FUzhWaKw4TeQC%2F79JLYr8xVn%2Fo5TWS%2B6oTsAE1jgbREXCgpaJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5140084928531667212&forward=&C=1
cache-control: no-cache
cf-ray: 82c43d17b8ec2c72-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 451 360947.gif
idsync.rlcdn.com/ Frame DAA5 0
99 B 74ms
26ms Image
text/plain 35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084928531667212
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame DAA5 43 B
184 B 211ms
165ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5140084928531667212

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a69-192-160-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Sun, 26 Nov 2023 18:36:44 GMT
pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame DAA5 43 B
176 B 339ms
106ms Image
image/gif 2600:1f18:612b:4280:65cc:ec18:ffd9:693
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5140084928531667212&r=5pbtpgkB8LYT
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4280:65cc:ec18:ffd9:693 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 26 Nov 2023 18:36:44 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame DAA5 43 B
378 B 123ms
29ms Image
image/gif 52.213.93.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5140084928531667212
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.93.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame DAA5 0
338 B 115ms
27ms Image
text/plain 63.33.100.143
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5140084928531667212
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Sun, 26 Nov 2023 18:36:44 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1701023804
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame DAA5 43 B
147 B 72ms
8ms Image
image/gif 18.192.0.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084928531667212&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.0.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-0-107.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame DAA5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZWOQPAACkDmamwBH
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWOQPAACkDmamwBH&_test=ZWOQPAACkDmamwBH

42 B
1 KB

15ms
15ms

Image
image/gif

193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWOQPAACkDmamwBH&_test=ZWOQPAACkDmamwBH
Requested by: Host: 2620894.fls.doubleclick.net
URL: https://2620894.fls.doubleclick.net/ddm/fls/r/dc_pre=CKfQmryn4oIDFXRdkQUdzNYErQ;src=2620894;type=ilott0;cat=allpa0;ord=2359506517682;auiddc=594687067.1701023803;gtm=45He3b81v78554229;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.pailottery.com%2F
Protocol: HTTP/1.1
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://20842193p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 26 Nov 2023 18:36:44 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-fra-eddf8230100-FRA
pragma: no-cache
date: Sun, 26 Nov 2023 18:36:44 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1701023804.349045,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZWOQPAACkDmamwBH&_test=ZWOQPAACkDmamwBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 track Show response
events.api.boomtrain.com/event/ Frame E89D 2 B
210 B 331ms
115ms XHR
text/plain 54.225.184.7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.api.boomtrain.com/event/track
Requested by: Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/p13n/pa-lottery/p13n.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.184.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-184-7.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://2620894.fls.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Sun, 26 Nov 2023 18:36:44 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Content-Type, Authorization, x-app-id
content-length: 2
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/plain

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
554 B 105ms
105ms XHR
text/plain 23.23.65.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/public/11202468046/s/past4g3sn1pp3t.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.23.65.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-65-67.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pailottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 26 Nov 2023 18:36:44 GMT
Server: nginx/1.21.0
access-control-allow-methods: POST,OPTIONS
Content-Type: text/plain
access-control-allow-origin: https://www.pailottery.com
access-control-expose-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials: true
Connection: keep-alive
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
X-Request-Id: 9d761d0e-2a42-47e4-9bf6-fb9d7cf0b890

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame 5BEB 26 B
1018 B 16ms
15ms Document
text/html 193.0.160.130
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=47018&ca=20842193&ri=eb5b8c4858da02268577ebfae7986d89&stats=%7B%2213488%22%3A%22546%2C2%22%2C%2217243%22%3A%2210%2C1%22%2C%2242261%22%3A%2272%2C1%22%2C%2250495%22%3A%22222%2C1%22%2C%2252220%22%3A%2299%2C1%22%2C%2253935%22%3A%22151%2C1%22%2C%2254497%22%3A%22196%2C1%22%2C%2254855%22%3A%2259%2C2%22%2C%2254863%22%3A%22399%2C1%22%2C%2255073%22%3A%2276%2C2%22%2C%2256659%22%3A%22152%2C1%22%2C%2256885%22%3A%22109%2C2%22%2C%2257347%22%3A%22191%2C2%22%2C%2257363%22%3A%22294%2C1%22%2C%2258143%22%3A%2279%2C1%22%2C%2258553%22%3A%22354%2C2%22%2C%2258561%22%3A%22351%2C1%22%7D&ra=8546895090459274
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.130 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://2620894.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Sun, 26 Nov 2023 18:36:44 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 web-widget-chat-incoming-message-notification-0345ad6.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame A218 236 B
649 B 39ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
x-amz-version-id: rT8m_K3LhMtAQDCRs.j5_bAXeWIPQepL
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TNT99ZPW14DKR3S0
age: 1338913
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: PAYiUNENTTH0majCpr8vd63fchQ57pePYwSKQtjrr4rGQG0eCIXiyQNC5eYdhXA0Tze9Fl7TM6DqkmCVhM1TVA==
last-modified: Mon, 06 Nov 2023 00:49:00 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GaNNVc9j2BDohlJBp6%2BYBh3kaVmmpQMc6Wny7fqD%2BYnilUOlin6MmzKXJIa1PRElN8JzBafEDEKEAULCdmq2kFUAQxU5iCj5%2BAZZy%2BVxQ7ehNmQKYjKkIBz0CzKZM1pHpfqmz0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c43d1c78d81ca9-FRA
expires: Tue, 05 Nov 2024 00:48:59 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame A218 19 KB
20 KB 24ms
24ms Media
audio/mpeg 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Requested by

Host: www.pailottery.com
URL: https://www.pailottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 26 Nov 2023 18:36:44 GMT
x-amz-version-id: 7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HT3YBWDSMX7GGWKJ
age: 1186106
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified: Tue, 26 Sep 2023 06:59:46 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sow1mCuMuFkvpURU7uAqey4ZTBY6%2FJ2LYTNQuzAj63AXIwuSdEOh9QAqWG7IiX7eLmvj%2F6Od7h%2B8MNlqStgvGgaYef0mL9UEDdFwoXKpB9QZSeHOCiOLeVY8S%2FI6C1m%2BjT878J8%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 82c43d1cb9361ca9-FRA
expires: Wed, 25 Sep 2024 06:59:45 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.capidashboard.pailottery.com/events/68cd89fbb7bc17a75962b76338e64ccdc956034b2105d38bc9e5365075f52663	1970-01-20 18:39:59	Name: cee Value: rZ4eq2AqjHfh%2BQYWOzIsvGPSgQwVI0VP7nA47Tm0SNo%3D.%7B%22cee_id%22%3A%22cee.1701023803753.52692%22%7D
.pailottery.com/	1969-12-31 23:59:59	Name: __cfruid Value: 4ecf1b95c32bc646608c1fb7f891fa1908018508-1701023801
www.pailottery.com/	1969-12-31 23:59:59	Name: LG_WEB_VW Value: palottery
www.pailottery.com/	1969-12-31 23:59:59	Name: LG_LVPG_TRK Value: "2023-11-26 18:36:42\|/"
www.pailottery.com/	1970-01-21 01:15:59	Name: LG_CU_INF Value: USD\|PAiLottery\|PAiLottery\|EN\|DE\|\|0.0\|palottery\|\|\|\|
www.pailottery.com/	1970-01-20 17:13:35	Name: LG_FPG_TRK Value: "2023-11-26 18:36:42\|www.pailottery.com\|/\|"
www.pailottery.com/	1970-01-21 01:14:33	Name: csrftoken Value: 0qUx74g1apziSS1zDIF3QCiJPicZJWh1iIEHczaQUYLJf0YsSL6agWhaqkrwfccz
www.pailottery.com/	1969-12-31 23:59:59	Name: sessionid Value: 4l6psysrr4mf092sxt481k6mtqw3ld7i
.pailottery.com/	1970-01-20 16:30:25	Name: __cf_bm Value: 0v8DDBxw8sPajVWnfeegmZ7pzs9Onb545Mv2k.iiAcw-1701023802-0-AbcFsQVR6HVH97XQC3KA3D2X/YZCdTY/xZurMKxO3KKdaiX1XFGb4u+bt43Rhqvb+IiKGn/gMDqfxuJsy63ZSyQ=
www.pailottery.com/	1970-01-20 16:31:50	Name: DAPROPS Value: "bS:0\|scsVersion:2.2\|sdeviceAspectRatio:1600/1200\|sdevicePixelRatio:1\|bjs.deviceMotion:1\|sjs.webGlRenderer:Intel Iris OpenGL Engine\|srendererRef:01859640861\|sscreenWidthHeight:1600/1200\|sch.bitness:\|sch.browserList:\|sch.model:\|sch.platform:\|saudioRef:4143271754\|bE:0"
.pailottery.com/	1970-01-20 20:49:35	Name: optimizelyEndUserId Value: oeu1701023802531r0.6291725944123776
.pailottery.com/	1970-01-20 18:39:59	Name: _gcl_au Value: 1.1.594687067.1701023803
.adnxs.com/	1970-01-20 18:39:59	Name: uuid2 Value: 2279516303130703776
.pailottery.com/	1970-01-21 02:06:23	Name: _ga_440XK36R0P Value: GS1.1.1701023802.1.0.1701023802.0.0.0
.pailottery.com/	1970-01-20 16:31:50	Name: _uetsid Value: bec1e7008c8a11ee896d9f5079676bf3
.pailottery.com/	1970-01-21 01:51:59	Name: _uetvid Value: bec20b508c8a11eebf9b7daee6379b77
.bing.com/	1970-01-21 01:51:59	Name: MUID Value: 2F44EF6327BB6D65129BFCB626696C34
.pailottery.com/	1970-01-21 02:06:23	Name: _ga Value: GA1.2.653000506.1701023803
.pailottery.com/	1970-01-20 16:31:50	Name: _gid Value: GA1.2.1781773211.1701023803
.pailottery.com/	1970-01-20 16:30:23	Name: _gat_UA-3428891-4 Value: 1
www.pailottery.com/	1969-12-31 23:59:59	Name: ga_events Value: %5B%7B%22clientId%22%3A%22653000506.1701023803%22%2C%22trackingId%22%3A%22UA-3428891-4%22%2C%22name%22%3A%22gtm9%22%7D%5D
.doubleclick.net/	1970-01-21 01:51:59	Name: IDE Value: AHWqTUnWhUFXj3aLB4o-ZxfMxRZirR63hguXuiH6Er4uNCxyOzUcXKBfwJAw1icb4uc
widget-mediator.zopim.com/	1970-01-20 16:40:28	Name: AWSALBCORS Value: PCZqfA3+l2Xg3EUbdenKCF3cKQfiaoOlElurBqwv9LN68kK8jXpCluITPkVa5kW7VdMkUcCpiMdjsaZvyK3s7yHioXT54x24Uiz6NmLxjwy/IXDOxYxeoI/X57a6
.pailottery.com/	1970-01-20 18:39:59	Name: _fbp Value: fb.1.1701023803347.590164053
.simpli.fi/	1970-01-21 01:17:26	Name: suid Value: 07C28B25F22B4D90928DD5E96B9103B6
www.pailottery.com/	1970-01-21 01:15:59	Name: LG_CU_CHA Value: \|/\|\|11/26/2023 13:36 p.m. \|\|\|
.rezync.com/	1970-01-20 20:49:35	Name: zync-uuid Value: ee0da3ac-dd82-41fd-96a9-1b5817232cdc:1701023803.6822584
.trkn.us/	1970-01-21 01:15:59	Name: barometric[cuid] Value: cuid_1e3aef89-38d1-4cc0-bd63-1f907abbc8b0
.rfihub.com/	1970-01-21 01:51:59	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjA1NjQzMzcyNBLiM9T1r_IrNg93TC0wKE0BAMcivUklAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0sjA1NjQzMzcyNBLiM9T1r_IrNg93TC0wKE0BAMcivUklAAAA
.adnxs.com/	1970-01-20 18:39:59	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2In6crt4(!tL<Ae#-HsZ=$BW00MXRG4v)fCy!Q^E:=7mFT*otE<!9rF3pIn5D8-@P)[Q]P)j.gwVmpQ
.casalemedia.com/	1970-01-21 01:15:59	Name: CMID Value: ZWOQPFQpliAsUGlcZAzZSwAA
.casalemedia.com/	1970-01-20 18:39:59	Name: CMPS Value: 2165
.casalemedia.com/	1970-01-20 18:39:59	Name: CMPRO Value: 2165
.media.net/	1970-01-21 01:15:59	Name: visitor-id Value: 3440254048395550000V10
.media.net/	1970-01-21 01:14:33	Name: data-rk Value: 5140084928531667212~~3
.eyeota.net/	1970-01-20 16:30:24	Name: SERVERID Value: 23025~DM
.demdex.net/	1970-01-20 20:49:35	Name: demdex Value: 03562618423677599933426941976282061244
.dpm.demdex.net/	1970-01-20 20:49:35	Name: dpm Value: 03562618423677599933426941976282061244
live.rezync.com/	1970-01-20 20:49:35	Name: sd-session-id Value: .eJwNykkOwjAMAMC_-Nwg29ncfKYKiZEiaEBNuVD17_Q40hywfHRbc9e-Q9q3r05QXu3SgHTAaL9Vn5DAk0MUN7N4SyFEJoZzgqFjtHdfWr2OKtZsczG1ChtHj2rmkGdDdy8U2XKpJVFEQraC9haE2YuD8w_LmiYS.ZWOQPA.I3iCczKAwtq5dgtJaUE6Plb3_0o
.krxd.net/	1970-01-20 20:49:35	Name: _kuid_ Value: P8H7e7BM
.everesttech.net/	1970-01-21 01:15:59	Name: everest_g_v2 Value: g_surferid~ZWOQPAACkDmamwBH
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129QzNNQtJL_dODve2qDIvNTUy9y4yjlzFKBAV7h8Y4OjonO2Sm5hb7uTRxGKemmqQkmicmKybkmJhpGtimJaia2mWaKlrmGRqYWhuZGyUnJJsZWhuYGhgZGxhYKxnZmFkZGphAgC_unSvawAAAA
.rfihub.com/	1970-01-21 01:51:59	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129QzNNQtJL_dODve2qDIvNTUy9y4yjgziNTQ3MDQwMrYwMDEys5jFiMQ3MLXYhMbfhcY_hcZ_hcb_hcafxITKX4TGX4XG34TG34WungWVfwuZb2hkvohVICrcPzDA0dE52yU3MbfcyWMVK5ISY1PLTayoRlxC5psZG75C469iQ-UfQuNfQuPfQuM_QpdnR-U3caDyd3Gjuu8QN6r8JGHz1FSDlETjxGTdlBQLI10Tw7QUXUuzREtdwyRTC0NzI2Oj5JRkK7gmYz0zCyMjUwuTWcJIJpkYmy9C5Vs8EkaLXGFUmwHe5TtLWgIAAA
.pailottery.com/	1970-01-21 01:15:59	Name: __zlcmid Value: 1J1mIkMXGEYhIZS

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.pailottery.com/static/javascripts/compiled/palottery/main.min.js?rev=10.1(Line 2) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5140084928531667212 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.1556985 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/501709.gif?partner_uid=ee0da3ac-dd82-41fd-96a9-1b5817232cdc%3A1701023803.6822584&_=1701023804.3540301 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11380201.fls.doubleclick.net
20842193p.rfihub.com
2620894.fls.doubleclick.net
a.rfihub.com
a11202468046.cdn.optimizely.com
aa.agkn.com
acdn.adnxs.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
c1.rfihub.net
capidashboard.pailottery.com
cdn.boomtrain.com
cdn.optimizely.com
cdn.otherlevels.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
ekr.zdassets.com
events.api.boomtrain.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
insight.adsrvr.org
js-api.otherlevels.com
js.adsrvr.org
live.rezync.com
logx.optimizely.com
p.rfihub.com
pail.zendesk.com
partners.tremorhub.com
people.api.boomtrain.com
pixel.mediaiqdigital.com
pixelconnector.mnixdata.com
ps.eyeota.net
region1.google-analytics.com
resources.digital-cloud-west.medallia.com
secure.adnxs.com
static.zdassets.com
stats.g.doubleclick.net
sync-tm.everesttech.net
tag.simpli.fi
tracker.mnixdata.com
trkn.us
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pailottery.com
x.bidswitch.net
x.dlx.addthis.com
104.16.53.111
104.18.14.89
104.18.15.89
104.18.70.113
104.18.72.113
108.138.15.119
142.250.184.194
142.250.74.198
146.75.117.230
151.101.1.108
151.101.66.49
172.64.151.101
18.192.0.107
18.194.84.132
18.239.69.21
18.239.83.23
184.30.24.22
193.0.160.130
198.47.127.205
2.17.191.240
2001:4860:4802:34::36
23.23.65.67
2600:1f18:612b:4280:65cc:ec18:ffd9:693
2600:9000:20b4:3a00:1:76cf:fe80:93a1
2606:4700::6812:12fa
2606:4700::6812:13fa
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2004
2a00:1450:4001:812::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9b
2a02:26f0:3100:38a::13b8
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.120.214.218
34.248.152.66
35.204.89.238
35.244.159.8
35.244.174.68
37.252.171.85
44.216.205.237
52.13.2.21
52.213.93.159
52.222.139.58
52.223.40.198
54.145.128.220
54.156.17.57
54.208.112.155
54.225.184.7
63.33.100.143
69.192.160.219
00aa3ac2f5694bbe6d71c2a60471509bc437e964ff4eb1998ac2525665ce3dca
0d2e29217fe8b319a895420984c633897b9b493a2474339f45a9045a41f195e0
0f12ed86ea3306aefe0cc77853c9eadb33dc31ddc6dbb826259a42b274791338
100a5046342ec1e47eccf08db80356a4da4440aae1167560d53643224831cada
113ace972aac2b16f2bb95520f202691619104c6d287465f86eca6179cc15bb8
18eb3d23d0576fee9e5de2e372b428b116eb4588aa6c8138c4f3e80628edd2e0
1c7740b545a0f43188d12bfa7ef00082640b20b13568e052af9dcd9d60324790
1d0562f3304482ea95b6f4335b4f7571b9ecaa17141f87b75da3d114100b2b48
1e6b087b5937b6c0c739b122ea47a624eea8faf14c7acba333f568d082b700ad
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27439502154f5258a675d423e4cdd61fec549691d70ebbdb09ecaa42fea5b44d
2af5d9ca869bef51d8f46d9ea8a22165f94baafe35b4f5e6a44971c9dd3d5b77
2da343ae8f03c6c1728858854bd36c4dbb4c4c788f27924d538bffaf0edd45b3
2dc21c8db3c0a81f8c724dcafa1c9b2faff0bb45ff45cc62317c7a0c9a2082b5
33a0375abb248dd1448a271e3b9ec0b39998c6a5ed149eb4e3d7155fe66c73f3
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f22bbc7bdfd048e04e546f7d2886f677f52303988d2f51299c5ed8014e33e50
42347032c46a27b70cd8f88d3838bc9fa61af37b6b07450d196dd96a964f15c3
4296f22ff003ee3b46cfc5caa0172b77efa76a83d548b36e0caae367097e39d6
45a67b5d04829554f96ba5a796227f4e6629878720bd4e769c2b80812572b1f5
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
481e07c8552f539787dc9b90aba0805aa2ef6e49427601f90eb32486456bc7ff
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f867808a0de41dda3ec447166857296ee0ddbe803d3450cec7845713c12dc66
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55586c3f7c12f7af195ca1c556876c584a86f291456e92eb31783304d0ba95d2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a651362e01d5859ac1789adc8edee6f3cd688256ceeb46225aadfb78c94952
59004c25edf5405bf048bb9b055a3aa46aa7cf79dba297cb60738c8e574b08fc
59612e60c2dc127abeffc7deca39dc3892c93939f415a15c539ec43ad57b6c33
5a4aab48d21a43b221b448874fef04a826a23d27bc4c7ddbafaa6a40ec478b59
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
64f7589169290dbbf22e9f9aaab171eed810f77d6b90f19b62917089c3ac0d14
660e15921f988c044f170cb0465cfa2e4fa5e1265ab0ba0dfe4a95ca2b178c5b
67d7fe0cefa16bf15415af452a2f7973955a60c20e0ee2429f625c1d0e702f78
6ec44b6f8afdcb3aaee92fcbe4bc09056decd724fa864e806c355342d36d33a8
6fc82df23a66a5d24651906926bf8360ea3a1c8d7d89e3f547ac15ca1ca9e876
76a34ff85f44a29e1c9c3b38e3ae68417bd0b7a55499af719b8ab3b4421874f2
775c21828e6984b608bc4361460c049687866f1144762dbd1f1f8c98c918431b
77e5d47eb93cf390a88ba5ecfe5682acdcde9e6c55c4146431d49f4feae913bf
797f5240b32e229e95b8158ee41ef0b1b1c0cb5488344797bb592f8999f80533
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b6cfc16aa247d26fb1a1dc97ca78746e23581e224fc8eeea703a62fa3283bb
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f7d22bf3c3d5560700e932e32650cdd807d6d78b8c17e0fd77a7a56957e17b1
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1b9a342f8a8d61de90d239d19aa430cd0a15951af327789b6ffb0778f1357ce
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a52676b1fafd87bb04d90ebf9ad2bb6df44eac4dd438ecee25bdce6a4accfa70
a71e3a1f2270ef0d1bf78cccc0ff80a2f72d7094636bb1fc3dac5977f3a2540c
aaaf2ea6b166d1781d269bc3f820177ecb07f7a41f4888bd3c8fd4142b418282
aeb6d4c24d56842e1b75a089c691d125334fa987cc36880cff42e882f72ad882
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b70d0832161cae1c280487bc47571fe4d9a6d5dec0b808c7b699d05b2137fb61
baabed181ee493fb739487a684922d5d26adf1a3fdbab2d24268e09427b72865
c4e1c75cee38d123020992b82ce0e93d1c0866d7571824a4306a958db6075d32
c5147cf5352bb6f99d31467dfec38f9573476d093433cda65441668df8617bbc
c86f637f55db457ca98d8f1b89263a53f6678efad5ba59cd8c54b9f030ed80fb
c8c6cc69605ca0b0e2a96a5a4391523a08ede2358b42d088a6a3fb5b3a53d648
cd3495bf372a51401333c16ceea467d3603a69a6967a7fea2ae108842a0b5009
d78d4408632bc094849aceb4964a6b70b9057c9d7c4da14c291039142e36b3c2
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9918af943ce34c822464266780870da5bf765f238c0aa3be96214bd2e5e2b4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c99d20ddb351e91a2d4338326c24577b5d968f3b63ffda7c99afd854e1e0a2
e666cd41140b7588d359d0e061e0122984acbee93fec73aaf40bfd2671bf43cc
eaec8c74a66d0b53a2dc695f8f80cae4f812c5232e99935ed22e0e74b7f12ce9
eba019985b60c3fa774e0d28d152afda9dfe6eb3d39f6dc332c2928754513bef
ee42f419ce2b8c5bd25cb53a749ee0d3ab247b43caddfd9e1899f0b06e0905d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f4ebd5c68d80c69ee34bee875f1af8af6b3cd5f5007e2ff4c2ce7ab239438fd6
f6bb1c051454ab0caf14bc9130e103153b687a510dfe68b17b740e2ee9ef50c0
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
fac70933c57f2118bfb64fbec7b9ca294dfcf4a9e7fff32ef1c912aafb8f6b8e
fe5788985c94b03dfcc6c504165556d7d020da46432a47a20db17dc11578e9ee

www.pailottery.com Open in urlscan Pro 2606:4700::6812:13fa Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

122 Requests

88 %HTTPS

31 %IPv6

38 Domains

59 Subdomains

53 IPs

6 Countries

2435 kBTransfer

8228 kBSize

45 Cookies

37 Outgoing links

Page URL History

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

www.pailottery.com Open in urlscan Pro
2606:4700::6812:13fa Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

88 %
HTTPS

31 %
IPv6

38
Domains

59
Subdomains

53
IPs

6
Countries

2435 kB
Transfer

8228 kB
Size

45
Cookies

122 HTTP transactions
1 data transactions