Submitted URL: http://wisewomenlotto.com/
Effective URL: https://www.wisewomenlotto.com/
Submission Tags: @phish_report
Submission: On October 08 via api from FI — Scanned from FI

Summary

This website contacted 51 IPs in 4 countries across 38 domains to perform 298 HTTP transactions. The main IP is 2a00:1450:4001:829::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.wisewomenlotto.com.
TLS certificate: Issued by GTS CA 1D4 on October 6th 2023. Valid for: 3 months.
This is the only time www.wisewomenlotto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2001:4860:480... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
17 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 3 35.83.191.28 16509 (AMAZON-02)
38 2a07:7800::137 48254 (TWENTYI)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
1 9 67.222.21.127 63410 (PRIVATESY...)
26 3.78.209.160 16509 (AMAZON-02)
8 2a04:4e42::644 54113 (FASTLY)
1 142.250.186.130 15169 (GOOGLE)
1 52.212.137.24 16509 (AMAZON-02)
2 34.214.231.218 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2600:9000:211... 16509 (AMAZON-02)
9 52.222.206.89 16509 (AMAZON-02)
3 2600:9000:205... 16509 (AMAZON-02)
5 34.230.167.222 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 2600:9000:249... 16509 (AMAZON-02)
3 2600:9000:223... 16509 (AMAZON-02)
3 2600:1f18:243... 14618 (AMAZON-AES)
3 2600:9000:206... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 143.204.215.66 16509 (AMAZON-02)
2 192.229.220.49 ()
2 151.101.65.91 54113 (FASTLY)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 212.82.100.181 34010 (YAHOO-IRD)
2 2a0b:4d07:101::1 ()
1 2600:9000:236... ()
1 13.32.121.113 ()
1 2a03:2880:f17... ()
3 151.101.2.133 ()
8 99.86.4.9 ()
1 2600:1901:0:7... ()
1 107.178.211.97 ()
2 35.190.27.197 ()
3 151.101.1.21 ()
2 52.222.236.72 ()
1 2600:1901:0:d... ()
298 51
Apex Domain
Subdomains
Transfer
38 3stepmethod.com
www.3stepmethod.com
641 KB
33 google.com
apis.google.com — Cisco Umbrella Rank: 125
play.google.com — Cisco Umbrella Rank: 37
www.google.com — Cisco Umbrella Rank: 2
443 KB
28 gstatic.com
www.gstatic.com
fonts.gstatic.com
1 MB
26 cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d11s7fcxy18ubx.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
5 MB
26 ecwid.com
app.ecwid.com — Cisco Umbrella Rank: 40119
88 KB
14 googleusercontent.com
lh6.googleusercontent.com — Cisco Umbrella Rank: 515
lh5.googleusercontent.com — Cisco Umbrella Rank: 168
lh3.googleusercontent.com — Cisco Umbrella Rank: 70
lh4.googleusercontent.com — Cisco Umbrella Rank: 510
752612055-atari-embeds.googleusercontent.com
1 MB
11 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4560
embed-ssl.wistia.com — Cisco Umbrella Rank: 8638
pipedream.wistia.com
distillery.wistia.com
embed-cloudfront.wistia.com Failed
298 KB
10 lottoannihilator.com
www.lottoannihilator.com
591 KB
9 godfrequency.co
godfrequency.co
cpv.godfrequency.co
130 KB
8 stripe.com
js.stripe.com
q.stripe.com Failed
405 KB
8 cbstatic.net
prod.cbstatic.net — Cisco Umbrella Rank: 161994
131 KB
8 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 49
ajax.googleapis.com — Cisco Umbrella Rank: 405
39 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
371 KB
5 ecomm.events
ecomm.events — Cisco Umbrella Rank: 51489
6 KB
5 clickbank.net
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net Failed
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net Failed
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net Failed
cbtb.clickbank.net — Cisco Umbrella Rank: 152418
5 KB
5 wisewomenlotto.com
wisewomenlotto.com
www.wisewomenlotto.com
20 KB
4 google.no
www.google.no — Cisco Umbrella Rank: 25443
779 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
7 KB
3 paypal.com
www.paypal.com
t.paypal.com Failed
17 KB
3 bitmovin.com
analytics-ingress-global.bitmovin.com
licensing.bitmovin.com
871 B
3 paypalobjects.com
www.paypalobjects.com
507 KB
3 vidalytics.com
quick.vidalytics.com
stats.vidalytics.com
646 KB
3 sitewit.com
analytics.sitewit.com — Cisco Umbrella Rank: 62001
17 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3981
onesignal.com
73 KB
2 bbb.org
seal-boise.bbb.org
9 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
88 KB
2 aweber.com
forms.aweber.com — Cisco Umbrella Rank: 53221
4 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3030
40 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 687
7 KB
1 g1386590346.co
g1386590346.co
6 KB
1 facebook.com
www.facebook.com
185 B
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1448
631 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 373
8 KB
1 cosmicmedia.io
trk.cosmicmedia.io — Cisco Umbrella Rank: 404967
1022 B
1 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2621
148 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 153
19 KB
0 stripe.network Failed
m.stripe.network Failed
0 jaswertrk.com Failed
jaswertrk.com Failed
298 38
Domain Requested by
38 www.3stepmethod.com www.gstatic.com
www.3stepmethod.com
27 apis.google.com www.wisewomenlotto.com
apis.google.com
www.gstatic.com
752612055-atari-embeds.googleusercontent.com
26 app.ecwid.com 752612055-atari-embeds.googleusercontent.com
app.ecwid.com
17 www.gstatic.com www.wisewomenlotto.com
www.gstatic.com
11 fonts.gstatic.com fonts.googleapis.com
10 www.lottoannihilator.com www.gstatic.com
www.lottoannihilator.com
9 d3cy3u1txmkqs3.cloudfront.net app.ecwid.com
8 js.stripe.com js.stripe.com
8 prod.cbstatic.net cbtb.clickbank.net
prod.cbstatic.net
www.lottoannihilator.com
8 fast.wistia.com www.lottoannihilator.com
fast.wistia.com
www.wisewomenlotto.com
8 godfrequency.co 1 redirects www.gstatic.com
godfrequency.co
7 fonts.googleapis.com www.wisewomenlotto.com
www.lottoannihilator.com
www.3stepmethod.com
godfrequency.co
6 d1oxsl77a1kjht.cloudfront.net app.ecwid.com
5 www.googletagmanager.com www.3stepmethod.com
godfrequency.co
trk.cosmicmedia.io
www.googletagmanager.com
5 ecomm.events app.ecwid.com
ecomm.events
4 www.google.no www.lottoannihilator.com
www.3stepmethod.com
4 www.google.com www.lottoannihilator.com
www.3stepmethod.com
4 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
4 lh6.googleusercontent.com www.wisewomenlotto.com
4 www.wisewomenlotto.com 1 redirects www.gstatic.com
3 www.paypal.com www.paypalobjects.com
3 www.paypalobjects.com
3 d20ubqycd8ynev.cloudfront.net app.ecwid.com
3 analytics.sitewit.com app.ecwid.com
3 d11s7fcxy18ubx.cloudfront.net app.ecwid.com
3 d3dq8sxcny4hg.cloudfront.net app.ecwid.com
3 752612055-atari-embeds.googleusercontent.com www.gstatic.com
3 lh3.googleusercontent.com www.wisewomenlotto.com
2 d2j6dbq0eux0bg.cloudfront.net www.wisewomenlotto.com
2 analytics-ingress-global.bitmovin.com www.wisewomenlotto.com
2 seal-boise.bbb.org www.lottoannihilator.com
prod.cbstatic.net
2 connect.facebook.net www.wisewomenlotto.com
connect.facebook.net
2 forms.aweber.com www.3stepmethod.com
2 quick.vidalytics.com godfrequency.co
quick.vidalytics.com
www.wisewomenlotto.com
2 stackpath.bootstrapcdn.com godfrequency.co
2 cdn.onesignal.com www.3stepmethod.com
cdn.onesignal.com
2 s.yimg.com www.lottoannihilator.com
s.yimg.com
2 cbtb.clickbank.net www.lottoannihilator.com
godfrequency.co
2 play.google.com www.gstatic.com
2 lh4.googleusercontent.com www.wisewomenlotto.com
2 lh5.googleusercontent.com www.wisewomenlotto.com
1 licensing.bitmovin.com www.wisewomenlotto.com
1 stats.vidalytics.com www.wisewomenlotto.com
1 g1386590346.co www.3stepmethod.com
1 www.facebook.com godfrequency.co
1 distillery.wistia.com fast.wistia.com
1 pipedream.wistia.com fast.wistia.com
1 onesignal.com cdn.onesignal.com
1 sp.analytics.yahoo.com www.lottoannihilator.com
1 cpv.godfrequency.co godfrequency.co
1 cdn.jsdelivr.net godfrequency.co
1 ajax.googleapis.com godfrequency.co
1 trk.cosmicmedia.io godfrequency.co
1 embed-ssl.wistia.com www.lottoannihilator.com
1 trends.revcontent.com www.lottoannihilator.com
1 www.googleadservices.com www.lottoannihilator.com
1 63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net www.gstatic.com
1 5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net www.gstatic.com
1 a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net www.gstatic.com
1 wisewomenlotto.com 1 redirects
0 m.stripe.network Failed js.stripe.com
0 q.stripe.com Failed www.wisewomenlotto.com
0 t.paypal.com Failed www.wisewomenlotto.com
0 embed-cloudfront.wistia.com Failed fast.wistia.com
0 jaswertrk.com Failed www.lottoannihilator.com
298 65

This site contains links to these domains. Also see Links.

Domain
www.google.com
Subject Issuer Validity Valid
www.wisewomenlotto.com
GTS CA 1D4
2023-10-06 -
2024-01-04
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.3stepmethod.com
R3
2023-08-14 -
2023-11-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-10 -
2024-05-09
a year crt.sh
godfrequency.co
cPanel, Inc. Certification Authority
2023-09-03 -
2023-12-02
3 months crt.sh
*.ecwid.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-04
a year crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2
2023-07-02 -
2024-08-02
a year crt.sh
www.googleadservices.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
revcontent.com
Amazon RSA 2048 M02
2023-05-18 -
2024-06-16
a year crt.sh
*.clickbank.net
Amazon RSA 2048 M01
2023-02-07 -
2024-03-08
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-09-25 -
2023-11-15
2 months crt.sh
*.wistia.com
Amazon RSA 2048 M01
2023-01-31 -
2024-02-29
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.ecomm.events
R3
2023-09-05 -
2023-12-04
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.sitewit.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-20 -
2024-08-19
a year crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google.no
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
cosmicmedia.io
E1
2023-08-30 -
2023-11-28
3 months crt.sh
cpv.godfrequency.co
cPanel, Inc. Certification Authority
2023-09-09 -
2023-12-08
3 months crt.sh
*.cbstatic.net
Amazon RSA 2048 M02
2023-07-19 -
2024-08-16
a year crt.sh
*.vidalytics.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-30 -
2023-12-31
a year crt.sh
*.aweber.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-01-24 -
2024-01-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-17 -
2023-10-15
3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-05-30 -
2023-11-22
6 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-26 -
2024-04-25
a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03
2023-09-11 -
2024-10-09
a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M01
2023-09-13 -
2024-10-11
a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2023-09-05 -
2024-10-05
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2023-07-31 -
2023-11-30
4 months crt.sh
g1386590346.co
GTS CA 1D4
2023-08-22 -
2023-11-20
3 months crt.sh
*.bitmovin.com
Go Daddy Secure Certificate Authority - G2
2023-05-08 -
2024-06-08
a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA
2023-07-21 -
2024-08-20
a year crt.sh

This page contains 28 frames:

Primary Page: https://www.wisewomenlotto.com/
Frame ID: 1AB552821557212C4E96833C3694D4EB
Requests: 38 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=305241875
Frame ID: 122D43CA9781691076D7A8CFABCEC3A6
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=761521847
Frame ID: CD5334B40B078778A1236D7397F4F972
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=847517052
Frame ID: 92DF1E2D2BBAD56CCC6F5EAC15DCBFED
Requests: 6 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=821588847
Frame ID: 445BF3CC63743B23BF88F5F5599BF6A0
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=717408745
Frame ID: 85B6407135EC77BD2CFC8119BF2D3A46
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=422253255
Frame ID: FDEAA60E979F33A41D6D4B26AB3A48AD
Requests: 3 HTTP requests in this frame

Frame: https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
Frame ID: 2861EE57526BCAE8254EFDCE1DB32DE9
Requests: 1 HTTP requests in this frame

Frame: https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
Frame ID: BC6D0AC44704E1C413FDCD4A6CF7E2C4
Requests: 1 HTTP requests in this frame

Frame: https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
Frame ID: 1CED855B0B2B4E980DFB59435314F6A9
Requests: 1 HTTP requests in this frame

Frame: https://www.3stepmethod.com/?hop=nanaslotto
Frame ID: 5463D5A8E7B82169DE1E9EA164D16A65
Requests: 51 HTTP requests in this frame

Frame: https://www.lottoannihilator.com/video/
Frame ID: 21E189EEF2533E12BCA92767888A354F
Requests: 45 HTTP requests in this frame

Frame: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Frame ID: FECB105460E733B578C2B55B11BCEFC0
Requests: 37 HTTP requests in this frame

Frame: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Frame ID: B580C581D15DA5233EFF38E39A4E2629
Requests: 3 HTTP requests in this frame

Frame: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Frame ID: 2EBBF8A0E0C96D52073F7D149CF5C5D0
Requests: 3 HTTP requests in this frame

Frame: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Frame ID: 4314C37C468C0304552D59B357FB5630
Requests: 3 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: 68D1D80965677B3B8F7621C689953E82
Requests: 19 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: 79CA7DDF59ACE6E7A8B5A766B830019D
Requests: 21 HTTP requests in this frame

Frame: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Frame ID: E01052B843C03597AB72DC6A2577CC76
Requests: 21 HTTP requests in this frame

Frame: https://jaswertrk.com/scripts/retarlts.php
Frame ID: D743F4E6E007DABAC69216B01793FA3C
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Frame ID: DD8515A93BECAC70B4E19CFB8B732775
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Frame ID: 93B7D6430605A1A6FC83577978941313
Requests: 1 HTTP requests in this frame

Frame: https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Frame ID: C15910DC4DB3CDE42EF2BD9D71FD9246
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 65F4AC69F8A208F7DDFDC734DFF04E18
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: A9C807FDE227510951464D0649449817
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: D88DB252BABE630C579256CFF1F82C92
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 7B313E6CC36A4E92542389122838F85F
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 5268BCE767DEA8469A5CEBDF84B16C42
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

WISE WOMEN LOTTO

Page URL History Show full URLs

  1. http://wisewomenlotto.com/ HTTP 301
    http://www.wisewomenlotto.com/ HTTP 301
    https://www.wisewomenlotto.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • https://app\.ecwid\.com/script\.js

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • \.aweber\.com/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

298
Requests

93 %
HTTPS

63 %
IPv6

38
Domains

65
Subdomains

51
IPs

4
Countries

12511 kB
Transfer

45760 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wisewomenlotto.com/ HTTP 301
    http://www.wisewomenlotto.com/ HTTP 301
    https://www.wisewomenlotto.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64
  • https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/ HTTP 307
  • https://www.3stepmethod.com/?hop=nanaslotto
Request Chain 65
  • https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/ HTTP 307
  • https://www.lottoannihilator.com/video/
Request Chain 66
  • https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/ HTTP 307
  • https://godfrequency.co/vsl/index.php?hop=nanaslotto HTTP 302
  • https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto

298 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.wisewomenlotto.com/
Redirect Chain
  • http://wisewomenlotto.com/
  • http://www.wisewomenlotto.com/
  • https://www.wisewomenlotto.com/
116 KB
19 KB
Document
General
Full URL
https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
080a6bfe30a39a7ff8ef69bd9746a8052b82e630975e510f3cb54020fcb0219a
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-6r_4WetW5yj-TOGJ4n6xzA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-6r_4WetW5yj-TOGJ4n6xzA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type
text/html; charset=utf-8
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
date
Sun, 08 Oct 2023 04:58:52 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
0

Redirect headers

Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Content-Length
0
Content-Type
application/binary
Date
Sun, 08 Oct 2023 04:58:51 GMT
Expires
Mon, 01 Jan 1990 00:00:00 GMT
Location
https://www.wisewomenlotto.com/
Pragma
no-cache
Server
ESF
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
0
css
fonts.googleapis.com/
5 KB
935 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:37:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:52 GMT
css
fonts.googleapis.com/
28 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:08:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:52 GMT
css
fonts.googleapis.com/
1 KB
551 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Alfa%20Slab%20One%3Ai%2Cbi%2C700%2C400&display=swap
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66f47868fdf31319a2f6587f17803aae751c78875ff5deb0a8f38686262f869a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:58:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:52 GMT
rs=AGEqA5lg09UAqHtbcv7vHccrRzO61o_Xug
www.gstatic.com/_/atari/_/ss/k=atari.vw.Bcfw-_dlHXw.L.W.O/d=1/
1 MB
152 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/atari/_/ss/k=atari.vw.Bcfw-_dlHXw.L.W.O/d=1/rs=AGEqA5lg09UAqHtbcv7vHccrRzO61o_Xug
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cd9734614fc961176df16f6d506171c4b9a1df69e46f791fec91a3adad0e005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 01:58:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
270043
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154623
x-xss-protection
0
last-modified
Mon, 25 Sep 2023 23:06:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 04 Oct 2024 01:58:09 GMT
client.js
apis.google.com/js/
18 KB
8 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=gapiLoaded
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd4cdea426d84b873eb357eb7d6d7a3f2ba0e6b97805c01b5af56613f18750d6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:52 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7119
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"ba632c3ee5d8c0d2"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:52 GMT
Dy2_U4uZpV0fkeDiIWERaiqLqcVftBDUk84oywqST6nm-jDOx62tEptX3v6SE9cmDHVSL_u4P2FH3aguLhxNC4s=w16383
lh6.googleusercontent.com/
205 KB
205 KB
Image
General
Full URL
https://lh6.googleusercontent.com/Dy2_U4uZpV0fkeDiIWERaiqLqcVftBDUk84oywqST6nm-jDOx62tEptX3v6SE9cmDHVSL_u4P2FH3aguLhxNC4s=w16383
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
447bdcdb824004592b67dd6a45a91ccef95e979b11f7236a9ac23ddaeaac359d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
209908
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
gCKipAHtyMKdTaCBiMr2yo1Zvb1rPKFyFbDqBmEc-CxQusVkVfV4vGMCyqZGPUuzsWjFNRPj3osb2TImK2UfB9xQJmY41yklQaMhat3OyoqXV9Kbgfc05Owwev1aEUgcWw=w1280
lh5.googleusercontent.com/
103 KB
103 KB
Image
General
Full URL
https://lh5.googleusercontent.com/gCKipAHtyMKdTaCBiMr2yo1Zvb1rPKFyFbDqBmEc-CxQusVkVfV4vGMCyqZGPUuzsWjFNRPj3osb2TImK2UfB9xQJmY41yklQaMhat3OyoqXV9Kbgfc05Owwev1aEUgcWw=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
2741a98ce6c12d14511f57b4332648da345cd9826adc68bab7013ab89fbe632e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
105453
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
IKawGptxhZ0yAQDIKlRqL2XKR_giL9EDcf1OZqpkeH7HXf7jgHZOGLoZRF8L6CxPDaye3tnj1gLlCDLnWBC-3j5LsB-L6CcHYKnj04O_BV_QclLwknMHfn2pV49iraomFA=w1280
lh6.googleusercontent.com/
61 KB
61 KB
Image
General
Full URL
https://lh6.googleusercontent.com/IKawGptxhZ0yAQDIKlRqL2XKR_giL9EDcf1OZqpkeH7HXf7jgHZOGLoZRF8L6CxPDaye3tnj1gLlCDLnWBC-3j5LsB-L6CcHYKnj04O_BV_QclLwknMHfn2pV49iraomFA=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e79b9a5c41f27ccc04d48b2a997d13bcf3693ca52cb6ae60acca9673164f318e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62498
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
n8RCifhord8yf66Xa-ZvNWaQY0CRlX1IvT04voLmHlpUE0UKjeA3IMJx63kmLg_dm3RaK4166nV6L9W82JteuA2jnT5L8UoZlFFkWxtbceC7_4ratPnOwruf9wUvpj2Djw=w1280
lh3.googleusercontent.com/
88 KB
89 KB
Image
General
Full URL
https://lh3.googleusercontent.com/n8RCifhord8yf66Xa-ZvNWaQY0CRlX1IvT04voLmHlpUE0UKjeA3IMJx63kmLg_dm3RaK4166nV6L9W82JteuA2jnT5L8UoZlFFkWxtbceC7_4ratPnOwruf9wUvpj2Djw=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a29853274b6ee4adc581f3815812f00a5509c90c2473cc2e88c3828a37a033f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90538
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
DEFA-8C-z2Ki_iHodeshmHA85DQLULZWzRQDYQVHSewSMeuGGuc44VJui5uOSaTrpbxpmSGdK3RsUHj7DHAyzgvllRjdanosdeeqvo5m6qI4-F0RJnkcjENwsDcfJlx6CQ=w1280
lh5.googleusercontent.com/
50 KB
50 KB
Image
General
Full URL
https://lh5.googleusercontent.com/DEFA-8C-z2Ki_iHodeshmHA85DQLULZWzRQDYQVHSewSMeuGGuc44VJui5uOSaTrpbxpmSGdK3RsUHj7DHAyzgvllRjdanosdeeqvo5m6qI4-F0RJnkcjENwsDcfJlx6CQ=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
33d169ddf59845727706b8f35156f216570fa4db793f33ac852d2baf44199374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50808
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
SwHqFmZj9t_knXjPCiI94xaI5dIouRRUH1eN_Sg-a1Ih-mVngkpzJB2d-0yBYCbWZbQOOq09Pcyba8nO6vRmJjsNBL9deXrY7YG0bsaJ4XUxU0HtSjmRGWQ1NRiKm37BnQ=w1280
lh6.googleusercontent.com/
104 KB
105 KB
Image
General
Full URL
https://lh6.googleusercontent.com/SwHqFmZj9t_knXjPCiI94xaI5dIouRRUH1eN_Sg-a1Ih-mVngkpzJB2d-0yBYCbWZbQOOq09Pcyba8nO6vRmJjsNBL9deXrY7YG0bsaJ4XUxU0HtSjmRGWQ1NRiKm37BnQ=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
013e84310d7ab057017b3fa16549a6d4c254fd82b6555ed23a2f1747532e3f88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106943
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
tjWt1ArixTnBF0O9F8Jzd3Z8eGIN3HyYl2ieZajyHOIRtdxFmIqELo3PY2To8IqCm1F0tnHv5oYLYXBX2LvoaEOi4Lq0EIXpK7m7eB6_L3LGnY-HfXbM6i5KQES8kAvc5w=w1280
lh4.googleusercontent.com/
147 KB
147 KB
Image
General
Full URL
https://lh4.googleusercontent.com/tjWt1ArixTnBF0O9F8Jzd3Z8eGIN3HyYl2ieZajyHOIRtdxFmIqELo3PY2To8IqCm1F0tnHv5oYLYXBX2LvoaEOi4Lq0EIXpK7m7eB6_L3LGnY-HfXbM6i5KQES8kAvc5w=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6bd204027ac589144e37b2bc2ba82ec176cfe793bbc697b10ddbbee2392cde2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
150072
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
BaKNC5Xk8FihB4AWfYRRMBDv1ysNoxqQ4-KLXAcRTF9f2Xezs37jiJipQJTRd4s2IKPfPtWyCIOU5a5soHuMVW5O30yc0wwux--Hop3YKk8qHJYJdiWgoyHUvVON72-pUg=w1280
lh3.googleusercontent.com/
100 KB
100 KB
Image
General
Full URL
https://lh3.googleusercontent.com/BaKNC5Xk8FihB4AWfYRRMBDv1ysNoxqQ4-KLXAcRTF9f2Xezs37jiJipQJTRd4s2IKPfPtWyCIOU5a5soHuMVW5O30yc0wwux--Hop3YKk8qHJYJdiWgoyHUvVON72-pUg=w1280
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
47ea098a19f76499975eb245a69791db1ac913882aa2610caec2a9a8ac28a7a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Untitled.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101953
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
u5TLTpiRMumfniBwmXi2-9Cx-akiNWS3mfZsOv3YVeMDm6SS5WWhOYLvbzfTWzNGVP8LEqiY3lu6UeOcQfBwuF2jeBG9J9sZX67kWHCAK1Lg032paoLQRhq9SQMwBER-8AtLphnlqjjaWr3Vy2LMYqUQE7dW
lh6.googleusercontent.com/proxy/
31 KB
31 KB
Image
General
Full URL
https://lh6.googleusercontent.com/proxy/u5TLTpiRMumfniBwmXi2-9Cx-akiNWS3mfZsOv3YVeMDm6SS5WWhOYLvbzfTWzNGVP8LEqiY3lu6UeOcQfBwuF2jeBG9J9sZX67kWHCAK1Lg032paoLQRhq9SQMwBER-8AtLphnlqjjaWr3Vy2LMYqUQE7dW
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
021decea59207b5b1dededd25bb1c6a69647aaa2f268689d9122d5bb2370bab9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31463
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
ZHk4GMPxUJjLHPcoDGBWUEsVsI18yQA2UQVq3m8cOipF6Z2wdm_rc30Arl9OeqPIgYNg9q_bROrsG8Mpp2rxczuMR_WFHYniccNK
lh3.googleusercontent.com/proxy/
21 KB
21 KB
Image
General
Full URL
https://lh3.googleusercontent.com/proxy/ZHk4GMPxUJjLHPcoDGBWUEsVsI18yQA2UQVq3m8cOipF6Z2wdm_rc30Arl9OeqPIgYNg9q_bROrsG8Mpp2rxczuMR_WFHYniccNK
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
03cb92827a65fb48c0850d1ea243a139bf58614c4e85ca9b88def0ece910efdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.png"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21175
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
m=view
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
576 KB
195 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
410f59fe4189e1268b823b1fc04d675a8996fc50fe9e80c07103e4f8947c3b01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
199533
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 03 Oct 2024 15:17:34 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/
317 KB
109 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49cac7b91540d4ac8d48564bfaf6c987754de65ec197b9a3dd536661db6c8ca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 17:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
472095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110698
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Oct 2024 17:50:38 GMT
74HvN-ykhc3tcMPodZMVsg1DYP5hq6OpZFqr7hfsOj_t84_3VyKoWqcuYa7qUhyxQPQyWfDAddHADqaSfyLTa9M=w16383
lh4.googleusercontent.com/
355 KB
355 KB
Image
General
Full URL
https://lh4.googleusercontent.com/74HvN-ykhc3tcMPodZMVsg1DYP5hq6OpZFqr7hfsOj_t84_3VyKoWqcuYa7qUhyxQPQyWfDAddHADqaSfyLTa9M=w16383
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d09cfee5f21ed7285b77fa6ee68aac9186a8cbbac9aee5b62cbfb79b780030ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="Background 8.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
363725
x-xss-protection
0
expires
Mon, 09 Oct 2023 04:58:53 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options
nosniff
age
175921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 04:06:52 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 05:04:01 GMT
x-content-type-options
nosniff
age
86092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 05:04:01 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 03:38:46 GMT
x-content-type-options
nosniff
age
264007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 03:38:46 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Mon, 02 Oct 2023 07:52:55 GMT
x-content-type-options
nosniff
age
507958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Oct 2024 07:52:55 GMT
6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
fonts.gstatic.com/s/alfaslabone/v19/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/alfaslabone/v19/6NUQ8FmMKwSEKjnm5-4v-4Jh2dJhew.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alfa%20Slab%20One%3Ai%2Cbi%2C700%2C400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f11176ec1e89f383eda7494955e5e92783c48dd138d0e4f3ace8c1314f9dc66f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 22:24:03 GMT
x-content-type-options
nosniff
age
23690
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19072
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:47:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 22:24:03 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wisewomenlotto.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 16:54:52 GMT
x-content-type-options
nosniff
age
216241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 16:54:52 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 122D
2 KB
948 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
396239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:54:54 GMT
expires
Wed, 02 Oct 2024 14:54:54 GMT
last-modified
Tue, 03 Oct 2023 12:36:44 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame CD53
2 KB
948 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
396239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:54:54 GMT
expires
Wed, 02 Oct 2024 14:54:54 GMT
last-modified
Tue, 03 Oct 2023 12:36:44 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 92DF
2 KB
948 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
396239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Oct 2023 14:54:54 GMT
expires
Wed, 02 Oct 2024 14:54:54 GMT
last-modified
Tue, 03 Oct 2023 12:36:44 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
m=sy1c,sy1d,sy1b,FoQBg
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
37 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=sy1c,sy1d,sy1b,FoQBg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c8ec84c3d960446811b13bab159c45d4f1d4aaf4def1b6ce479071c755bdf87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12749
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 03 Oct 2024 15:17:34 GMT
m=sy2t,TRvtze
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
855 B
523 B
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=sy2t,TRvtze
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a13b5fffcd8527c822c6cc11ab211033b1c9add31ee6a70609aa5119161f8daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:17:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308479
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
497
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 03 Oct 2024 15:17:34 GMT
m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy16,TGYpv,sy12,X85Uvc,sy2u,abQiW,W26a5e,hJUyqe,sy14,sy19,sy15,sy17,sy18,fuVYe,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3s,yxTchf,sy3t,sy3u,xQtZb,yf2Bs,sy2,sy8,yyxWAc,q...
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
1 MB
411 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy16,TGYpv,sy12,X85Uvc,sy2u,abQiW,W26a5e,hJUyqe,sy14,sy19,sy15,sy17,sy18,fuVYe,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3s,yxTchf,sy3t,sy3u,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syz,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,sy11,sy1p,o1L5Wb,X4BaPc,syf,Md9ENb,sy1h,sy1i,syp,sy1f,sy1g,syn,syy,sy10,NlqxW,sy1k,sy1l,sy1m,sy1n,sy1o,sy1j,sy1s,sy1r,syb,syr,sy1q,sy1z,sy22,sy25,sy26,sy27,sy28,sy1v,sy21,sy2b,sy2i,sy1x,sy1t,sy1u,sy1w,sy24,syw,sy29,syo,sy1y,sy20,sy2a,sy2c,sy2g,sy2h,sy2j,sy2l,sy1e,T807ad,sy23,zTt0Rb,ZDEHrf,sy2d,sy2e,sy2f,jhxjge,oy3iwb,sy2k,dBhIIb,syx,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,UYjpC,vVEdxc,sy3,VYKRW,sy1a,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5b7459909b3037a7ad699398d7fdc6de8f9006e27b72761c49531a12e98c02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
420944
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Mon, 07 Oct 2024 04:58:53 GMT
m=sy3j,IZT63,vfuNJf,sy3d,sy3h,sy3k,sy3x,sy3v,sy3w,siKnQd,sy3b,sy3i,sy3m,YNjGDd,sy3l,sy3n,PrPYRd,iFQyKf,hc6Ubd,sy3y,SpsfSb,sy3e,sy3g,wR5FRb,pXdRYb,dIoSBb,zbML3c
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
29 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=sy3j,IZT63,vfuNJf,sy3d,sy3h,sy3k,sy3x,sy3v,sy3w,siKnQd,sy3b,sy3i,sy3m,YNjGDd,sy3l,sy3n,PrPYRd,iFQyKf,hc6Ubd,sy3y,SpsfSb,sy3e,sy3g,wR5FRb,pXdRYb,dIoSBb,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a531521976e278e32d55e47f5985934a4828cf41b4b7514a42819d0b0cb3cb36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 15:17:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
308478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10741
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Thu, 03 Oct 2024 15:17:35 GMT
m=m9oV,sye,eFZtfd,sy3o,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2x,uu7UOe,nAFL3,sy2q,gJzDyc,sy2y,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd
www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/
37 KB
12 KB
Script
General
Full URL
https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=m9oV,sye,eFZtfd,sy3o,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2x,uu7UOe,nAFL3,sy2q,gJzDyc,sy2y,sy2z,soHxf,syu,syt,HYv29e,sy30,uY3Nvd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cf0b9f95a9eb9273ecc90fa4e53338c1dbcb5fbf96d19357f2c527870668fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 05:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
258139
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12317
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 04:58:44 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
expires
Fri, 04 Oct 2024 05:16:34 GMT
api.js
apis.google.com/js/ Frame 122D
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:53 GMT
api.js
apis.google.com/js/ Frame CD53
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:53 GMT
api.js
apis.google.com/js/ Frame 92DF
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:53 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:53 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://www.wisewomenlotto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Sun, 08 Oct 2023 04:58:53 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/
0
0

logImpressions
www.wisewomenlotto.com/_/view/
16 B
221 B
XHR
General
Full URL
https://www.wisewomenlotto.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 122D
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame CD53
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 92DF
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/
97 KB
34 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=0/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy16,TGYpv,sy12,X85Uvc,sy2u,abQiW,W26a5e,hJUyqe,sy14,sy19,sy15,sy17,sy18,fuVYe,KUM7Z,XDKZTc,sy13,qkPXAf,qEW1W,oNFsLb,sy3s,yxTchf,sy3t,sy3u,xQtZb,yf2Bs,sy2,sy8,yyxWAc,qddgKe,sy2w,SM1lmd,sy6,sy5,syz,RRzQxe,zZvHmd,sy7,sya,syk,sy9,fNFZH,sy2v,syl,RrXLpc,cgRV2c,sy11,sy1p,o1L5Wb,X4BaPc,syf,Md9ENb,sy1h,sy1i,syp,sy1f,sy1g,syn,syy,sy10,NlqxW,sy1k,sy1l,sy1m,sy1n,sy1o,sy1j,sy1s,sy1r,syb,syr,sy1q,sy1z,sy22,sy25,sy26,sy27,sy28,sy1v,sy21,sy2b,sy2i,sy1x,sy1t,sy1u,sy1w,sy24,syw,sy29,syo,sy1y,sy20,sy2a,sy2c,sy2g,sy2h,sy2j,sy2l,sy1e,T807ad,sy23,zTt0Rb,ZDEHrf,sy2d,sy2e,sy2f,jhxjge,oy3iwb,sy2k,dBhIIb,syx,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,LkQmJ,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,KlrXId,R4KMEc,sy2m,sy2n,sy2o,UYjpC,vVEdxc,sy3,VYKRW,sy1a,CG0Qwb,RZ9OZ,N0NZx,szRU7e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ecb0cbc1ad10dcd1aed881a38538b9bd1184d73327919abc9ee35451fd21e526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:38:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34373
x-xss-protection
0
last-modified
Thu, 05 Oct 2023 21:37:02 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 08 Oct 2023 05:28:37 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/
261 B
213 B
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f2cdce4680a992c70e212305955fe6ffbd0b1c8a5affcf06067ba0608a71bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.wisewomenlotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 10:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
413308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Oct 2024 10:10:25 GMT
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 122D
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=305241875
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame CD53
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=761521847
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 92DF
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=847517052
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 445B
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=821588847
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame 85B6
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=717408745
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
intermediate-frame-minified.html
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame FDEA
2 KB
947 B
Document
General
Full URL
https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=422253255
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
922
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:53 GMT
expires
Mon, 07 Oct 2024 04:58:53 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/ Frame 2861
0
0

/
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/ Frame BC6D
0
0

/
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/ Frame 1CED
0
0

api.js
apis.google.com/js/ Frame 122D
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=305241875
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame 92DF
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=847517052
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame CD53
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=761521847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame 445B
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=821588847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame FDEA
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=422253255
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame 85B6
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=717408745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 122D
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 92DF
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame CD53
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 445B
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame FDEA
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 85B6
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
/
www.3stepmethod.com/ Frame 5463
Redirect Chain
  • https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
  • https://www.3stepmethod.com/?hop=nanaslotto
37 KB
11 KB
Document
General
Full URL
https://www.3stepmethod.com/?hop=nanaslotto
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=305241875
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache / PHP/5.6.40
Resource Hash
bc585cec03d215bda454dac0412caeee014b7f18a5731d3677afe558d8686765

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 08 Oct 2023 04:58:51 GMT
link
<https://www.3stepmethod.com/wp-json/>; rel="https://api.w.org/", <https://www.3stepmethod.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://www.3stepmethod.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding Accept-Encoding
x-cdn-cache-status
MISS
x-origin-cache-status
MISS
x-powered-by
PHP/5.6.40
x-provided-by
StackCDN
x-via
FRA1

Redirect headers

accept-ch
Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Arch
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 08 Oct 2023 04:58:54 GMT
expires
0
location
https://www.3stepmethod.com?hop=nanaslotto
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-e040a53f3430828527041c49c5e28428-51f494fb4fbd7d89-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
/
www.lottoannihilator.com/video/ Frame 21E1
Redirect Chain
  • https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
  • https://www.lottoannihilator.com/video/
15 KB
6 KB
Document
General
Full URL
https://www.lottoannihilator.com/video/
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=847517052
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c37d2d1bc47597799bbe117c6d432b5b13197e760866fdada9b7a92c8db1b05e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
812bcfbc1b9b4e1c-HEL
content-encoding
br
content-type
text/html
date
Sun, 08 Oct 2023 04:58:54 GMT
last-modified
Tue, 17 Mar 2020 21:30:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmxeh1c6kWrW0TVm%2FZBigKZxjLaTZKV%2BFIFNBRqvv1gI7A9%2BpmK6UlLia9%2BHwKrcVi8x%2F%2B1DZYpgrLeUo%2FoMpwO5BEJLv9p4hH3hPK%2FEdtT2gygs8x%2BGRvxHi7mwP17VNpnseK2pnjOfVNbRQqVIRiC0ZL28FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

accept-ch
Sec-Ch-Ua-Full-Version-List, Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Arch
access-control-expose-headers
Server-Timing
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Sun, 08 Oct 2023 04:58:54 GMT
expires
0
location
https://www.lottoannihilator.com/video/
pragma
no-cache
referrer-policy
no-referrer
server-timing
traceparent;desc="00-9ce464c1c3c8b67615011720da4b260a-4531d1d55e6ec571-01"
strict-transport-security
max-age=0 ; includeSubDomains
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1 ; mode=block
index_ctrl.php
godfrequency.co/vsl/ Frame FECB
Redirect Chain
  • https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
  • https://godfrequency.co/vsl/index.php?hop=nanaslotto
  • https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
31 KB
9 KB
Document
General
Full URL
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=761521847
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
fb8c6e1a25ff615023bc8260df0e2e803bab9f5990138c8300809e74209514ce
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
br
content-length
8302
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
content-type
text/html; charset=UTF-8
date
Sun, 08 Oct 2023 04:58:55 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
content-type
text/html; charset=UTF-8
date
Sun, 08 Oct 2023 04:58:55 GMT
location
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
server
LiteSpeed
inner-frame-minified.html
752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame B580
2 KB
941 B
Document
General
Full URL
https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=821588847
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:54 GMT
expires
Mon, 07 Oct 2024 04:58:54 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
inner-frame-minified.html
752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 2EBB
2 KB
941 B
Document
General
Full URL
https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=422253255
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:54 GMT
expires
Mon, 07 Oct 2024 04:58:54 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
inner-frame-minified.html
752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame 4314
2 KB
940 B
Document
General
Full URL
https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__&r=717408745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="apps-sites"
cross-origin-resource-policy
cross-origin
date
Sun, 08 Oct 2023 04:58:54 GMT
expires
Mon, 07 Oct 2024 04:58:54 GMT
last-modified
Fri, 06 Oct 2023 12:31:28 GMT
report-to
{"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api.js
apis.google.com/js/ Frame 4314
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame 2EBB
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
api.js
apis.google.com/js/ Frame B580
18 KB
7 KB
Script
General
Full URL
https://apis.google.com/js/api.js?checkCookie=1
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:54 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7116
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"6c2920ba97a7ce12"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:54 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 4314
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame 2EBB
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/ Frame B580
57 KB
20 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.fi.2GVPeSBFvlM.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Wed, 04 Oct 2023 05:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
344825
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20622
x-xss-protection
0
last-modified
Sat, 02 Sep 2023 15:18:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Oct 2024 05:11:49 GMT
script.js
app.ecwid.com/ Frame 68D1
66 KB
20 KB
Script
General
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2867b942058e600e2703264a651c096633e511e27b89ac7389b13cac21f02fa9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1598120237"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
script.js
app.ecwid.com/ Frame 79CA
66 KB
20 KB
Script
General
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2867b942058e600e2703264a651c096633e511e27b89ac7389b13cac21f02fa9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1598120237"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
script.js
app.ecwid.com/ Frame E010
66 KB
20 KB
Script
General
Full URL
https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Requested by
Host: 752612055-atari-embeds.googleusercontent.com
URL: https://752612055-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.fi.2GVPeSBFvlM.O%2Fd%3D1%2Frs%3DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%2Fm%3D__features__
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2867b942058e600e2703264a651c096633e511e27b89ac7389b13cac21f02fa9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1598120237"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
css
fonts.googleapis.com/ Frame 21E1
13 KB
1010 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:58:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:54 GMT
layout.css
www.lottoannihilator.com/css/ Frame 21E1
40 KB
8 KB
Stylesheet
General
Full URL
https://www.lottoannihilator.com/css/layout.css
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c72e3ce633d28f29eb8cb7f35d46a81db681ede1f59fbaaa149f1964a9e4a1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:37:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Osy7u3WHXyRtYUyJRLcwep4HofU6d1PDv0njDelcT9DtfnoE0tCLVw8jEQ7vVViTWNMXkwwm%2BjIJCd7cD0r6JKle1X1DOyHkDLfFsMlzVm2Pt1sCCyzU3usdfES%2FzwqEwZKIdqjpJK8TO%2Fdlww%2FPsJ992lwXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
812bcfbcfd374e1c-HEL
jquery.min.js
www.lottoannihilator.com/js/ Frame 21E1
84 KB
31 KB
Script
General
Full URL
https://www.lottoannihilator.com/js/jquery.min.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DuE1lg5CnXmr4XoU%2B0p3vi53HK14SjPJ9flO6ZHW8y1MWqVC%2FtIhOjU4hGBwVs58ut0NjJubSZngO6mky7q5N3Zil1VmE9sWg4cNPSoVzpXzKY5YFG01uECh%2BJhsrw5Ieqv%2BgplRMUPY8U4lmTFUCbD%2BoTUaww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
812bcfbcfd384e1c-HEL
tldrk4hdlb.jsonp
fast.wistia.com/embed/medias/ Frame 21E1
4 KB
2 KB
Script
General
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb.jsonp
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
1a3678563ce82003c4fbf936a48bfdfba30426d94d18e802d576cecc20eb4562
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=0
via
1.1 13f73562b215175ddd75c2902ae36650.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD61-P1
age
7820
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
36
content-length
1331
x-request-id
39e195a7-434c-401c-a1c7-4fe54e221557
x-served-by
cache-iad-kiad7000044-IAD, cache-hel1410022-HEL
x-runtime
0.033856
x-browser-version
117
server
envoy
x-timer
S1696741135.189829,VS0,VE97
etag
W/"1a3678563ce82003c4fbf936a48bfdfb"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vIjGCmBYM-9PIWRsCFi_HBg9eyhu8oUrc2gOtiZEmXcsVdqAndJzrw==
x-cache-hits
8, 0
E-v1.js
fast.wistia.com/assets/external/ Frame 21E1
734 KB
125 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
273a37738eb849b8a050887a542627ac8be34cade45564f9bea3056b6ee7e9e7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
18
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
127590
x-served-by
cache-iad-kiad7000168-IAD, cache-hel1410022-HEL
x-browser-version
117
last-modified
Thu, 05 Oct 2023 20:59:41 GMT
server
AmazonS3
x-timer
S1696741135.189851,VS0,VE0
etag
"7912d9792dc45706e566a3fcd4ff8812"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
2cf2ffc3859004612f9d7452cc54e7ccb57235a1
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
10, 4
swatch
fast.wistia.com/embed/medias/tldrk4hdlb/ Frame 21E1
4 KB
5 KB
Image
General
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb/swatch
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
5ffef9a3fefbd95b22b8b3d27581cb27aeed5d1d8d252139104334e9a62672a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
access-control-request-method
*
via
1.1 1fecb697c6f121d7ce54a35628ac154e.cloudfront.net (CloudFront), 1.1 e32f3698b8d39139f138de8a86d00996.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
x-cdn
cloudfront
x-amz-cf-pop
IAD61-P2, IAD61-P1
age
27898
edge-cache-tag
8f29fdb1b5752c5a8ae136981240a231
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
31
content-disposition
inline
content-length
4571
x-served-by
cache-iad-kcgs7200061-IAD, cache-hel1410022-HEL
x-browser-version
117
last-modified
Thu, 17 Jan 2019 21:10:46 UTC
server
envoy
x-timer
S1696741135.189683,VS0,VE107
etag
yWLxJF0s_mP8WrIGRshN1DDa9dI=
content-type
image/jpeg
access-control-allow-origin
*,*
access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
cache-control
public, no-cache,max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
V1iN6bjlUfH3Ywprug4D6vL1gBdltImHxP020XfjfQEKjv8YqGL48w==
x-cache-hits
29, 0
addcart.png
www.lottoannihilator.com/images/ Frame 21E1
51 KB
52 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/addcart.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71c726a8befcb1efdb4ba2862f9528d5582ceeb1bac426fb642f82b9b4e46e7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HjaZxr4TqpyjTMxnSRy%2BsHv7alazsfROjcKng3b9Efq9ggPbUeNt5LMyxuNiXGafRiGOkAJzq4v6HD7ah0t9Ab4q9cT7u04agW4sVGTpPCpXG48LXKmvROQWijUBlBW38ZjiNFwpAns3RIXzrZpHVPnMMXBrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe4fc24e1c-HEL
content-length
52493
pres_img1.jpg
www.lottoannihilator.com/images/ Frame 21E1
28 KB
28 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/pres_img1.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba8d24c717892abdadfefebcebc9f050279a6f2087e19709b6b7a049e9627c2b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZXSk%2F%2FMUSTvdFijDPkwyVkEhoZG9ihCSqfl%2Bhf6EooznxYDADCVpETzVyg4O%2FtX5eMq5gg1JOfLhdoxNwjxVldoDTkh7g61hn7mC9obEIKOvzxC3aHKis4zNJJ37kVNUlS1PYmPLXqMsV7o%2FwIg6tHApxsa8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe4fc64e1c-HEL
content-length
28526
pres_img2.jpg
www.lottoannihilator.com/images/ Frame 21E1
22 KB
23 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/pres_img2.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
343c96034205ea01bf921b896e3ef1fe434b907b53a9a9850135f9617c07b03b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cDZutKZQ7%2Fh95V78ZtFmo2t2hJNuMduz%2BnXANCQkL4zrz6qZUPYTamWdntK5e0TnkUlV0IUJNdHQx0EpgeOSM0xQLqb9eHc9nWuZG4oox8znnMMGhoXBir0syuJnZNHi7i0SDirMKfTCf%2BQrcmx8PhKqZ2aJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe4fcb4e1c-HEL
content-length
22913
pres_img3.jpg
www.lottoannihilator.com/images/ Frame 21E1
28 KB
29 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/pres_img3.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9137e657209c0ae29f0af3183bc0d30708244470eb59393123ed9e0743694932

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sj13r8o4K73SSGj7YzGYaps8x4fS5tlAhsrYlrbt5E3g7WO5%2FD%2Fd%2FBR0fyZORzkzmI5NKNpF54aBpIwwkON2%2FXFhJlt1pWeV2dc8YjvmebsfLpjdKE10kKScPsu7i5f0h7GwqQS8Ko6yQURFDYUajkd1onkfGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe4fcd4e1c-HEL
content-length
29120
pres_img4.jpg
www.lottoannihilator.com/images/ Frame 21E1
21 KB
21 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/pres_img4.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b6e874e09fd450a979bf4a9dce3590d03e1e3d645995ae94f52530b20222c6c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/video/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2B7qEN5tcRwuyax4awWnosE9teeQKJ9dmIwxstoYIuLiNecLSaQdcqtg%2F9ZxkrwvE4dgxJl9T6BIUc81u3vOPhfrfECsQFvp58%2BwsXvRXJgTJVXyNOMVmAOa0HGpWVA7sk2AOCPbhFvbqHlg2qIDhpDLwIJBqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe4fce4e1c-HEL
content-length
21288
conversion.js
www.googleadservices.com/pagead/ Frame 21E1
50 KB
19 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18630
x-xss-protection
0
server
cafe
etag
7951265875426957259
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 Oct 2023 04:58:55 GMT
seg.js.php
trends.revcontent.com/ Frame 21E1
0
148 B
Script
General
Full URL
https://trends.revcontent.com/seg.js.php?data-rc=rc-seg-pix
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.212.137.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-137-24.eu-west-1.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-rc-region
eu-west-1c
date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=931536000; includeSubDomains
x-envoy-upstream-service-time
2
server
envoy
vary
Origin
/
cbtb.clickbank.net/ Frame 21E1
937 B
1 KB
Script
General
Full URL
https://cbtb.clickbank.net/?vendor=lottery10k
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.231.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-231-218.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cache-control
max-age=900
server
Apache
content-length
937
content-type
text/javascript;charset=UTF-8
news_bg2.jpg
www.lottoannihilator.com/images/ Frame 21E1
308 KB
309 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/news_bg2.jpg
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b484b3de3ea96eaf5bfe09afe35252f386b70013d95dedb588be7afac5ba975d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyddDDptmAhVzQldji06auUsGFLn7oCGNHRtvjj6qmZTU%2BjkZFS%2B1m4CM3gS%2Blbmgk8KtndAAoEoDol8ZchjrZ70Q60QV79Ho19c6o23hmkehGP4dH3DAO%2BKvrvIVyFA9xCH6BSIVpqE1kFEwidpQbEYhZoJDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe5fea4e1c-HEL
content-length
315368
innr_bg.png
www.lottoannihilator.com/images/ Frame 21E1
85 KB
86 KB
Image
General
Full URL
https://www.lottoannihilator.com/images/innr_bg.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/css/layout.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40a4d9ee587150c67bb0405f36b37d3600bbd91ecf7cfc221921b21e3e15f5aa

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/css/layout.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cf-cache-status
MISS
last-modified
Tue, 15 May 2018 13:40:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haqfbWYxbxkVHnusTLQWUzmkHEe5hKa8CoSMpQ%2BfFuDhHJlECXAprPTs7OM%2FSny%2FQNrJcfL%2Bzh4jvW9E4OfAqlpUdqVkpCVHcI3vX5HESaF3ykh7fmQi1aM1WcFeRN2QKyxgkT8ru5RzgJRFEesFOUgHiD2MAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
812bcfbe5fec4e1c-HEL
content-length
87495
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame 21E1
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,700|Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
211262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:17:53 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848545785/ Frame 21E1
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848545785/?random=1696741135337&cv=9&fst=1696741135337&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba011d20047295b28eb39af6a22df057bd0e4d890f6996bf3c44e87bcb4a982d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1387
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ytc.js
s.yimg.com/wi/ Frame 21E1
18 KB
7 KB
Script
General
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:55:35 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
28F6PQAZSVEW5C0T
age
201
x-amz-server-side-encryption
AES256
content-length
6262
x-amz-id-2
ciyC84fnFzbznjHfyuEwk2F4tLdxAKxeF0/XA8k0j8YmD3BZVTc+93HrXmm2LBFyqhGfj89wjyqpxYcrnB1Ctw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848498044/ Frame 21E1
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848498044/?random=1696741135360&cv=9&fst=1696741135337&num=2&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a998a4a4dbcdccbef900d39751aec00532d3f4b29178312682863aa538a008
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1383
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
retarlts.php
jaswertrk.com/scripts/ Frame D743
0
0

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/848440851/ Frame 21E1
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848440851/?random=1696741135376&cv=9&fst=1696741135337&num=3&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
563510d8c38afb977ee5fdcc444120a35bd0d0c74d43bc3f20f656567287483e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1388
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
8f29fdb1b5752c5a8ae136981240a231.webp
embed-ssl.wistia.com/deliveries/ Frame 21E1
21 KB
21 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/8f29fdb1b5752c5a8ae136981240a231.webp?image_crop_resized=640x360
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:ba00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
170953154253d30323f7cb92e5b3f0c300787043952039a806800105bd4a9c6a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
access-control-request-method
*
via
1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-cdn
cloudfront
x-amz-cf-pop
FRA56-C2
edge-cache-tag
8f29fdb1b5752c5a8ae136981240a231
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
87
content-disposition
inline
surrogate-key
8f29fdb1b5752c5a8ae136981240a231 thumbnail-delivery
last-modified
Thu, 17 Jan 2019 21:10:46 UTC
server
envoy
etag
IXppVfBz0sFn7MVrw-CJ2oN6Us0=
vary
Origin
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
none
x-amz-cf-id
7klo_AAGsM2yfvkCVcebcRAIq8Z1F0CTryZF-jcnw58cTPdXGx8Xiw==
new-frontend.en.1185724034.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame 79CA
260 KB
70 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.1185724034.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64d9243855632a8f930bf2f6ee088981c606a9f3cefbdcee3576191dc353a08b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:51:53 GMT
x-amz-version-id
sry.m3KsCQUYlkCEwZX0hsdAsQMy8eC9
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 11:45:21 GMT
server
AmazonS3
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"e414a7cebdfdc6a48e6968d6153c7b49"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
407223
x-amz-cf-id
PqmfWGdh5tcE_aHqEQx4N41rGnRkKRbavrjyVs6_bZd4XMrmrSaMkA==
ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 79CA
2 MB
525 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
432960704acec85c6344927634bc04d00bd50d1104536583b5408911cfea00a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:09:50 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229745
etag
18345c0c03fbe8c0834b595a6f070b43
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
8nJVdVNhOtk6k1SqVUxNqWKo077X0Sz_fK11QttHmNS-yTp1J-Jw6w==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame 79CA
72 KB
23 KB
Script
General
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-46865-g110a47ce40f8a4&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:26 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
156929
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
26tmZlCSJZjpWJbR6F-4YnzHs9efKop91DJKxienEMUa2lYfQFP1Og==
data.js
app.ecwid.com/ Frame 79CA
32 KB
8 KB
Script
General
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1025450edcdd5d63c5dd20eb081d71c2844be2a56df3010ace7a9bea12bfccfb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7827
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame 79CA
6 KB
2 KB
Script
General
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.230.167.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-222.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
new-frontend.en.1185724034.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame E010
260 KB
70 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.1185724034.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64d9243855632a8f930bf2f6ee088981c606a9f3cefbdcee3576191dc353a08b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:51:53 GMT
x-amz-version-id
sry.m3KsCQUYlkCEwZX0hsdAsQMy8eC9
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 11:45:21 GMT
server
AmazonS3
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"e414a7cebdfdc6a48e6968d6153c7b49"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
407223
x-amz-cf-id
BBPaxNgi79q7oYZK3DJ_3kl-Vu0J0t5w9YwU42vebxte_w2qzMPXKg==
ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame E010
2 MB
525 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
432960704acec85c6344927634bc04d00bd50d1104536583b5408911cfea00a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:09:50 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229745
etag
18345c0c03fbe8c0834b595a6f070b43
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
ZSnCGrTepMmDopRq9Oygfm63Vwv_4gY6zu-GuFCE8LE5cmKAfuPbTQ==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame E010
72 KB
23 KB
Script
General
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-46865-g110a47ce40f8a4&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:26 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
156929
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
lKz6etVHeo3qPM0Usdb8VttO_B4oAlyUHYokx6g1h1mHTw-MluOqHw==
data.js
app.ecwid.com/ Frame E010
32 KB
8 KB
Script
General
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1025450edcdd5d63c5dd20eb081d71c2844be2a56df3010ace7a9bea12bfccfb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7827
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame E010
6 KB
2 KB
Script
General
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.230.167.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-222.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
new-frontend.en.1185724034.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ Frame 68D1
260 KB
70 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.1185724034.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64d9243855632a8f930bf2f6ee088981c606a9f3cefbdcee3576191dc353a08b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:51:53 GMT
x-amz-version-id
sry.m3KsCQUYlkCEwZX0hsdAsQMy8eC9
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 11:45:21 GMT
server
AmazonS3
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
etag
W/"e414a7cebdfdc6a48e6968d6153c7b49"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
age
407223
x-amz-cf-id
ElARRx3Fl6fxbC1zHCFcdUZS1HsyCzrIVokiYT-6A-VN16QJ_Iocuw==
ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 68D1
2 MB
525 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.18345c0c03fbe8c0834b595a6f070b43.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
432960704acec85c6344927634bc04d00bd50d1104536583b5408911cfea00a5
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:09:50 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229745
etag
18345c0c03fbe8c0834b595a6f070b43
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
hgPvUMV5C4H0h-68E6m4oyO7DsRrYHOVOLMXP14yTMDUwNlHZFl_Sg==
states.js
d3dq8sxcny4hg.cloudfront.net/ Frame 68D1
72 KB
23 KB
Script
General
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-46865-g110a47ce40f8a4&callback=window.ecwid_states_data.loaded
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:ea00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:26 GMT
content-encoding
gzip
via
1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA6-C1
age
156929
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22929
x-amz-cf-id
7eWaSF1WJ6TkDd8SRzsBzI6vHZwh2M-RXZTf7y9W2bWix5bd6LKsuw==
data.js
app.ecwid.com/ Frame 68D1
32 KB
8 KB
Script
General
Full URL
https://app.ecwid.com/data.js?ownerid=73784560&lang=en&token=a7884e03ff4ffdc1f722e0e0a3e2a444ab6f0deb&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1025450edcdd5d63c5dd20eb081d71c2844be2a56df3010ace7a9bea12bfccfb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date
Sun, 08 Oct 2023 04:58:55 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
7827
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ Frame 68D1
6 KB
2 KB
Script
General
Full URL
https://ecomm.events/i.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.230.167.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-222.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
js
www.googletagmanager.com/gtag/ Frame 5463
198 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-971986711
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1ca2e1b9b208334805246dbf3855ef3b36cbf192ff75615d0ccd0c7164b479c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73843
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Oct 2023 04:58:55 GMT
bootstrap.min.css
www.3stepmethod.com/wp-content/themes/sydney/css/bootstrap/ Frame 5463
16 KB
5 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
cb30bdec55a5ce7a0f11b4d105128fbf152bc018220651f906affd4882e55bd3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"40f4-5b7feb6ed1c52"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
style.min.css
www.3stepmethod.com/wp-includes/css/dist/block-library/ Frame 5463
57 KB
11 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 21:43:42 GMT
server
Apache
etag
W/"e33b-5c009c1cae2b4"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
css
fonts.googleapis.com/ Frame 5463
3 KB
590 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
acc86c4886ca5b8a51887ad2942d6756d6c15be95f82da9be827df1222903279
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:58:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:55 GMT
style.css
www.3stepmethod.com/wp-content/themes/sydney/ Frame 5463
89 KB
22 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/style.css?ver=20200129
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
743920a6df53feb02c6a74581a04aa982408375542de4e2924b3c8b493a5e242

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"1644b-5b7feb6ebd047"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
default.min.css
www.3stepmethod.com/wp-content/plugins/tablepress/css/ Frame 5463
5 KB
2 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.13
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:39:04 GMT
server
Apache
etag
W/"13e4-5c121a5e66d8e"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
elementor-icons.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/eicons/css/ Frame 5463
17 KB
4 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"4350-5c121a486ce6d"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
animations.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/animations/ Frame 5463
18 KB
3 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"4824-5c121a48693d5"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend-legacy.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/css/ Frame 5463
4 KB
792 B
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
f1f487a441b78d59cf250619c1d421ae8f3645b3640d47b94f550820b3804fc9

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"f0e-5c121a48c48d3"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/css/ Frame 5463
115 KB
22 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
4d3d44f6ec54680e837763f2fdc2d5f2ab8811717cd585942c064eec31ddf6c8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"1cdf9-5c121a48bdf5a"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
post-839.css
www.3stepmethod.com/wp-content/uploads/elementor/css/ Frame 5463
1022 B
606 B
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/uploads/elementor/css/post-839.css?ver=1619725245
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
78981e8c1ec7b658060824a9f12782f9c1b08cdf90b8fed84f1dedf0bca55102

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:40:49 GMT
server
Apache
etag
W/"3fe-5c121ac27de32"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
all.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5463
58 KB
15 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e7d0-5c121a4892803"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
v4-shims.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5463
26 KB
5 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"684e-5c121a48956e4"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
post-5.css
www.3stepmethod.com/wp-content/uploads/elementor/css/ Frame 5463
5 KB
1 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/uploads/elementor/css/post-5.css?ver=1619725397
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
7da9b72002f3f70d3b297e9bee7665b7edcb311d1b0bf13c06a9c34c9353e22d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:43:21 GMT
server
Apache
etag
W/"1464-5c121b5362998"
x-cdn-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
ytprefs.min.css
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/styles/ Frame 5463
6 KB
2 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=13.4.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:45 GMT
server
Apache
etag
W/"178c-5c121a4c4a327"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
css
fonts.googleapis.com/ Frame 5463
44 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e52e193c7684009dc684b48156d4420c39458d9a2eb2f6dd462a3023f8ec4859
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:25:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:55 GMT
fontawesome.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5463
57 KB
14 KB
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e238-5c121a489723c"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
solid.min.css
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ Frame 5463
669 B
553 B
Stylesheet
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"29d-5c121a489629c"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
text/css
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
jquery.min.js
www.3stepmethod.com/wp-includes/js/jquery/ Frame 5463
87 KB
36 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 10:42:19 GMT
server
Apache
etag
W/"15d98-5b605b6a7b812"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
jquery-migrate.min.js
www.3stepmethod.com/wp-includes/js/jquery/ Frame 5463
11 KB
5 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 10:42:15 GMT
server
Apache
etag
W/"2bd8-5b605b669f2f9"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
v4-shims.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/ Frame 5463
15 KB
5 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"3acf-5c121a489ef3d"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
ytprefs.min.js
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame 5463
10 KB
3 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=13.4.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:45 GMT
server
Apache
etag
W/"268d-5c121a4c05d5c"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
3step.png
www.3stepmethod.com/wp-content/uploads/2018/08/ Frame 5463
19 KB
19 KB
Image
General
Full URL
https://www.3stepmethod.com/wp-content/uploads/2018/08/3step.png
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
b20c80b98442db393baf2f4a7a27d11ccd8eccb5ef656796bcb20f5480b2f94e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
last-modified
Thu, 30 Aug 2018 12:35:00 GMT
server
Apache
etag
"4cab-574a64dab0500"
x-cdn-cache-status
EXPIRED
content-type
image/png
x-via
FRA1
accept-ranges
bytes
content-length
19627
x-origin-cache-status
EXPIRED
x-provided-by
StackCDN
elementor.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame 5463
3 KB
1 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/elementor.js?ver=20200504
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
76c7f09fc77a0bc67fba1b2fe14bd4a567020892ad26c1312fb76c4735ed689f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"a43-5b7feb6efb081"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
functions.min.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame 5463
4 KB
2 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/functions.min.js?ver=20201221
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
90b0bc71a3f3712d834523c9709a5304b4f19f1702c9db3e094e83dcbeabfcd3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"10bc-5b7feb6f0028a"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
scripts.js
www.3stepmethod.com/wp-content/themes/sydney/js/ Frame 5463
63 KB
21 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/themes/sydney/js/scripts.js?ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
e389b8cb9b17900d72c25f6ab99b0054b4726317c258ebbf3bc7c8fec4a1e2b3

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Sun, 03 Jan 2021 13:11:42 GMT
server
Apache
etag
W/"fd0b-5b7feb6f021ca"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
fitvids.min.js
www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame 5463
3 KB
1 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=13.4.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:45 GMT
server
Apache
etag
W/"aaf-5c121a4c02e7c"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
wp-embed.min.js
www.3stepmethod.com/wp-includes/js/ Frame 5463
1 KB
1 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-includes/js/wp-embed.min.js?ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 19:53:13 GMT
server
Apache
etag
W/"5c6-5fbd4ebe7d49f"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
OneSignalSDK.js
cdn.onesignal.com/sdks/ Frame 5463
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3095
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
812bcfc4fc980b65-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Oct 2023 04:58:56 GMT
webpack.runtime.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame 5463
5 KB
2 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
c553ad35e85b349468f694adc168f2397178a686dce476b82c10d84c74d555c5

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"12a1-5c121a48d8d0e"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend-modules.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame 5463
63 KB
25 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
ac80d1bf983b7c19673e60d1206c21391bdae27980fa406bd8644751d763724d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"fd92-5c121a48e023f"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
waypoints.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/waypoints/ Frame 5463
12 KB
4 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"2fa6-5c121a4868435"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
core.min.js
www.3stepmethod.com/wp-includes/js/jquery/ui/ Frame 5463
20 KB
8 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 21:43:42 GMT
server
Apache
etag
W/"5133-5c009c1cd8e53"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
swiper.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/swiper/ Frame 5463
136 KB
42 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"21f91-5c121a48a3d5e"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
share-link.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/share-link/ Frame 5463
3 KB
1 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"a12-5c121a48a58b6"
x-cdn-cache-status
MISS
vary
Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
dialog.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/dialog/ Frame 5463
11 KB
4 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:41 GMT
server
Apache
etag
W/"2a6f-5c121a4866cc5"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
frontend.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame 5463
66 KB
23 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
c62e9499807c10adf81eafac809bb8a5083a720d3940165028ad0e349ccb02d1

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"1086a-5c121a48faff3"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
preloaded-modules.min.js
www.3stepmethod.com/wp-content/plugins/elementor/assets/js/ Frame 5463
57 KB
20 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.2.2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
7665a040b2186ab65960d29e0d407c06ed1155c59313bea4811bb2317a990e99

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
W/"e2b2-5c121a48d8156"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 79CA
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
"1467409889"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
wWtl-JVLEJjQOVkl9s1g3O3U-5UPi5QIOmf7loReVPHl0svUEgNyyw==
1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/ Frame DD85
2 MB
576 KB
Script
General
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48492a4548ecd3f543b088f7c1badc5ba9adc4a187874e12f844fd4a4552b187

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:27 GMT
content-encoding
br
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-version-id
hSjVXfX1FiqmDbMiKzJiv1Cra8cbkXvw
x-amz-cf-pop
FRA56-P5
age
156928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
fcbdea00b4f2804bbb6df264b37f6d8c
last-modified
Fri, 06 Oct 2023 09:19:13 GMT
server
AmazonS3
etag
W/"fcbdea00b4f2804bbb6df264b37f6d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
_lzV7ytH8lG_pD6is2L3BjQzAjL7I-O5m1GFRQtEGe1LgPBveT4GNg==
wp-emoji-release.min.js
www.3stepmethod.com/wp-includes/js/ Frame 5463
14 KB
5 KB
Script
General
Full URL
https://www.3stepmethod.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.9
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 22:44:43 GMT
server
Apache
etag
W/"3795-5ba7655491223"
x-cdn-cache-status
MISS
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
x-via
FRA1
x-origin-cache-status
MISS
x-provided-by
StackCDN
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame E010
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
"1467409889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
g0Ep39I6uBb0z4tv8PblgxVHAzQCPFQwxTH9Vbk52Zmf9EEcYNcg0w==
1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/ Frame 93B7
2 MB
576 KB
Script
General
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48492a4548ecd3f543b088f7c1badc5ba9adc4a187874e12f844fd4a4552b187

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:27 GMT
content-encoding
br
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-version-id
hSjVXfX1FiqmDbMiKzJiv1Cra8cbkXvw
x-amz-cf-pop
FRA56-P5
age
156928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
fcbdea00b4f2804bbb6df264b37f6d8c
last-modified
Fri, 06 Oct 2023 09:19:13 GMT
server
AmazonS3
etag
W/"fcbdea00b4f2804bbb6df264b37f6d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XOCe-tVgxeiGi5ag6n3uXoP-G5X9vZITv7TF7U6v6B8pLHuSm7Lb9g==
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 68D1
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
"1467409889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
nbXoXg9ut4KQ3uVulYMfmQcuO9g8pNCM8qcg9_EU1v4sz_TMSfJOyg==
1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/ Frame C159
2 MB
576 KB
Script
General
Full URL
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/1B08C5F7E81D6B2BAD41F8085CA9A1F6.cache.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e200:13:2031:2340:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48492a4548ecd3f543b088f7c1badc5ba9adc4a187874e12f844fd4a4552b187

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 09:23:27 GMT
content-encoding
br
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-version-id
hSjVXfX1FiqmDbMiKzJiv1Cra8cbkXvw
x-amz-cf-pop
FRA56-P5
age
156928
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-ecwid-hash
fcbdea00b4f2804bbb6df264b37f6d8c
last-modified
Fri, 06 Oct 2023 09:19:13 GMT
server
AmazonS3
etag
W/"fcbdea00b4f2804bbb6df264b37f6d8c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
XpRtPTGyREU5WIaYXHAYlUqIOb7_NOExNq4lqg5mcJUzSjNBj7wvGw==
ecwid.plugin.js
analytics.sitewit.com/ Frame 79CA
5 KB
6 KB
Script
General
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:fb35:6525:61e2:f009 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c68f71546926ba6c6b6434d89cc192707d5d1f8d6cae11a740fc2d2d1f5dfaf4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Sun, 08 Oct 2023 04:58:56 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5018
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame 79CA
2 KB
1 KB
Script
General
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c600:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:54 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
iiQ7bA99viYgC0JM3547whpnlm5EPlzO6Pk0289oI9dPNxo69AvfIQ==
ecwid.plugin.js
analytics.sitewit.com/ Frame E010
5 KB
6 KB
Script
General
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:fb35:6525:61e2:f009 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c68f71546926ba6c6b6434d89cc192707d5d1f8d6cae11a740fc2d2d1f5dfaf4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Sun, 08 Oct 2023 04:58:56 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5018
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame E010
2 KB
1 KB
Script
General
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c600:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:54 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
MIyDgoL2XJpfFyWX0AMTUcFo-RlPGO1EvVJvbn6SZ6R9JgBYoLrIcw==
ecwid.plugin.js
analytics.sitewit.com/ Frame 68D1
5 KB
6 KB
Script
General
Full URL
https://analytics.sitewit.com/ecwid.plugin.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:243f:2d00:fb35:6525:61e2:f009 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c68f71546926ba6c6b6434d89cc192707d5d1f8d6cae11a740fc2d2d1f5dfaf4

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type
text/javascript; charset=utf-8
date
Sun, 08 Oct 2023 04:58:56 GMT
cache-control
private,no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
content-length
5018
p3p
CP="DSP CAO CUR DEVo PSAo PSDo ADMo OUR STP NAV COM INT STA UNI PHY DEM", policyref="/w3c/p3p.xml"
storefront-app.js
d20ubqycd8ynev.cloudfront.net/ Frame 68D1
2 KB
1 KB
Script
General
Full URL
https://d20ubqycd8ynev.cloudfront.net/storefront-app.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c600:19:4fd1:c1c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:54 GMT
strict-transport-security
max-age=15724800
content-encoding
gzip
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server
nginx/1.19.0
x-amz-cf-pop
FRA56-C1
age
1
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=utf-8
x-amz-cf-id
4F7X0cBjzmYtcHueY687VwhPm6oBVtjV0uoGbYjCtxLVrLK-fuEWxQ==
10031497.json
s.yimg.com/wi/config/ Frame 21E1
2 B
495 B
XHR
General
Full URL
https://s.yimg.com/wi/config/10031497.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
Y81SWBCK5HXR9NT2
age
3
content-length
22
x-amz-id-2
J400Iw4OFfGYzOQ5dYbUl0KSjoSEp87QG1Xj1C3x/ESDiuB/kfbpt9DiZtqA/7ZjiYtSK7ypO5WLY+VgtBSbJg==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
/
www.google.com/pagead/1p-user-list/848545785/ Frame 21E1
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/848545785/?random=1696741135337&cv=9&fst=1696737600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=1866405586&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848545785/ Frame 21E1
42 B
455 B
Image
General
Full URL
https://www.google.no/pagead/1p-user-list/848545785/?random=1696741135337&cv=9&fst=1696737600000&num=1&guid=ON&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=1866405586&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848498044/ Frame 21E1
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/848498044/?random=1696741135360&cv=9&fst=1696737600000&num=2&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=181769429&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848498044/ Frame 21E1
42 B
108 B
Image
General
Full URL
https://www.google.no/pagead/1p-user-list/848498044/?random=1696741135360&cv=9&fst=1696737600000&num=2&guid=ON&eid=375603260%2C466465926%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=181769429&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/848440851/ Frame 21E1
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/848440851/?random=1696741135376&cv=9&fst=1696737600000&num=3&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=3286219473&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/848440851/ Frame 21E1
42 B
108 B
Image
General
Full URL
https://www.google.no/pagead/1p-user-list/848440851/?random=1696741135376&cv=9&fst=1696737600000&num=3&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=5&u_tz=180&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=2&url=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&tiba=Lotto%20Annihilator&fmt=3&is_vtc=1&random=3286219473&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
trk.cosmicmedia.io/ Frame FECB
342 B
1022 B
Script
General
Full URL
https://trk.cosmicmedia.io/gtm.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4b6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8143c1639f0a257f2ba1e17c04137c194cf4c87e4561ecf1f5a3e5dff63bbf7a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
225
x-guploader-uploadid
ADPycduKYSrdHBUXWO--8d9zad-9suGEOQZKvrA88d7KRhEVH_ptBASUvuE91-hVGPiLksy-XwMgPKAxWUH3L6nH2GC21Ja15KKg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 29 Dec 2022 19:00:01 GMT
server
cloudflare
etag
W/"44e991877797c7b98b08e411138435a8"
vary
Accept-Encoding
x-goog-hash
crc32c=HgheOw==, md5=ROmRh3eXx7mLCOQRE4Q1qA==
x-goog-generation
1672340401519594
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufWyT%2BUeJqhdeLsfmSZbNxPCbdLUqOvQmC5jE73LBs9NHy312LzQpHjq5vgiRZH9n3TE5P7djcuyvAUsEsJBk3WnoCmGTiAYsZFWRwCOxXjKV10uSsNjU%2BFXzGblfU3KBt4RGC60oGAKZdp3Wr%2Bgfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
x-goog-stored-content-length
342
cf-ray
812bcfc2de124c87-HEL
expires
Sun, 08 Oct 2023 05:55:10 GMT
css2
fonts.googleapis.com/ Frame FECB
31 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2869d8a2bd0b52da8584c48985b845ef95e24c4b5e98b42d16d3bdccf8eac7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 04:58:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 Oct 2023 04:58:55 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ Frame FECB
157 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
565, 617, 617
age
1876909
cdn-cachedat
2021-06-08 14:20:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
e46253b54846ba22d60ba837eea6f62e
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
812bcfc2d94a568a-OSL
cdn-requestpullsuccess
True
animate.min.css
godfrequency.co/css/ Frame FECB
70 KB
5 KB
Stylesheet
General
Full URL
https://godfrequency.co/css/animate.min.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4828
expires
Sun, 15 Oct 2023 04:58:55 GMT
style-vsl.css
godfrequency.co/css/ Frame FECB
12 KB
3 KB
Stylesheet
General
Full URL
https://godfrequency.co/css/style-vsl.css
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
a5c55ed2115af67fceb3487697bf863e1941a1ebd7b21514f09c4707b53a7255
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2700
expires
Sun, 15 Oct 2023 04:58:55 GMT
stay-on-page.png
godfrequency.co/img/ Frame FECB
107 KB
107 KB
Image
General
Full URL
https://godfrequency.co/img/stay-on-page.png
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
c841fc7dbc4d2c138865ff729bfeac6d9e972dc1bf742490d283d4d2f32be918
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
109231
expires
Sun, 15 Oct 2023 04:58:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ Frame FECB
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 22:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24022
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 06 Oct 2024 22:18:34 GMT
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/ Frame FECB
21 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19686319
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230104-FRA, cache-yyz4525-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcU96DyzjwUU5hGgjdsehq%2FYfRTbOe9pSXg3qfX%2BIk0L9q4r43JQ2BasyABZkcT%2FNVZ47753zNyaj6649ZtL1TsXmc8MixpTztln12Vx%2FUkmNjhx7kqAjjehCzb%2B%2ByFJIYW3rSxzFxTTgq0%2FSSw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
812bcfc4281fb4ed-OSL
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ Frame FECB
59 KB
15 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://godfrequency.co/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
601, 718, 718
age
716014
cdn-cachedat
2021-08-03 11:18:10
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
120f10eda772ead1638f7a925dcce94a
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
812bcfc3496c568a-OSL
cdn-requestpullsuccess
True
lazysizes.min.js
godfrequency.co/js/ Frame FECB
7 KB
3 KB
Script
General
Full URL
https://godfrequency.co/js/lazysizes.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3250
expires
Sun, 15 Oct 2023 04:58:55 GMT
js.cookie.min.js
godfrequency.co/js/ Frame FECB
2 KB
842 B
Script
General
Full URL
https://godfrequency.co/js/js.cookie.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
791
expires
Sun, 15 Oct 2023 04:58:55 GMT
bounceback.min.js
godfrequency.co/js/ Frame FECB
3 KB
1 KB
Script
General
Full URL
https://godfrequency.co/js/bounceback.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80
Security Headers
Name Value
Content-Security-Policy frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
content-security-policy
frame-src 'self' https://godfrequency.co/ https://hop.clickbank.net/ www.googletagmanager.com;
last-modified
Tue, 18 Jul 2023 06:46:21 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1214
expires
Sun, 15 Oct 2023 04:58:55 GMT
/
cbtb.clickbank.net/ Frame FECB
936 B
1 KB
Script
General
Full URL
https://cbtb.clickbank.net/?vendor=godfreq
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.214.231.218 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-214-231-218.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
cache-control
max-age=900
server
Apache
content-length
936
content-type
text/javascript;charset=UTF-8
landing.js
cpv.godfrequency.co/ Frame FECB
3 KB
1 KB
Script
General
Full URL
https://cpv.godfrequency.co/landing.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.222.21.127 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
host.15minuteweightloss.com
Software
LiteSpeed /
Resource Hash
b39aea8dc2deb42a2c652fc5fb90e300ba9deebf5fc259e2313d4f16cdc9cb9b

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 06:56:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1201
expires
Sun, 15 Oct 2023 04:58:56 GMT
gtm.js
www.googletagmanager.com/ Frame FECB
169 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KL728P7
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
794504179922422ea4bdbc738a3ad5c0b19c2015ff680cc073122e6f1a592a37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62617
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Oct 2023 04:58:55 GMT
injectable.js
prod.cbstatic.net/dist/ Frame 21E1
187 KB
57 KB
Script
General
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=lottery10k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
0eho53MT69XWb4RKGV4v1rcnMYMpBOVUYIEnuzy6UL7lwbv97Kaz_g==
gtm.js
www.googletagmanager.com/ Frame FECB
189 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WBFS28
Requested by
Host: trk.cosmicmedia.io
URL: https://trk.cosmicmedia.io/gtm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d36e05e1ed2d8560ff90082a397cf9057db5062f6d3503e66f6756134e45636b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66981
x-xss-protection
0
last-modified
Sun, 08 Oct 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 Oct 2023 04:58:55 GMT
loader.min.js
quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/ Frame FECB
42 KB
42 KB
Script
General
Full URL
https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/loader.min.js
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.220.49 -, , ASN (),
Reverse DNS
Software
ECAcc (dac/9C23) /
Resource Hash
97e6a7a657d212403b80f971b16d7852b31dee37438ca60257393625cbb27b7d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
via
1.1 google
server
ECAcc (dac/9C23)
x-cdn
3
x-cdn-info
loader
x-cdn-site
c3-prod
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=60, s-maxage=600
x-lb-backend
api-prod
x-lb-cache
disabled
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame FECB
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 03:59:07 GMT
x-content-type-options
nosniff
age
262788
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 03:59:07 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ Frame FECB
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Tue, 03 Oct 2023 11:44:23 GMT
x-content-type-options
nosniff
age
407672
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2024 11:44:23 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ Frame FECB
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400;1,700&family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;1,300;1,400;1,600;1,700&family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://godfrequency.co
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:17:53 GMT
x-content-type-options
nosniff
age
211262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48432
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:40:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:17:53 GMT
1063404105.js
forms.aweber.com/form/05/ Frame 5463
12 KB
4 KB
Script
General
Full URL
https://forms.aweber.com/form/05/1063404105.js
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
webform/1.2.0 /
Resource Hash
c00d6a8757381f6b77a39d613fb7d6637f8817509656319f23a0b24009b421c7

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
content-encoding
br
via
1.1 varnish
age
87224
x-cache
HIT
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3530
x-served-by
cache-hel1410034-HEL
correlation-id
a74f1943-9785-4f6d-97cc-ec78d676b640
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 Oct 2023 04:45:12 +0000
server
webform/1.2.0
x-timer
S1696741136.130007,VS0,VE1
etag
"2dd163748e36e43a03a1834448fcfca479b2aa97"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
x-cache-hits
1
cropped-header.jpg
www.3stepmethod.com/wp-content/uploads/2018/08/ Frame 5463
215 KB
215 KB
Image
General
Full URL
https://www.3stepmethod.com/wp-content/uploads/2018/08/cropped-header.jpg
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
eb40f7668f2e59a283cbdeb307cb18f914f708393f2991585922567878dd9f7d

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/?hop=nanaslotto
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
last-modified
Thu, 30 Aug 2018 10:54:00 GMT
server
Apache
etag
"35ad0-574a4e476c200"
x-cdn-cache-status
EXPIRED
content-type
image/jpeg
x-via
FRA1
accept-ranges
bytes
content-length
219856
x-origin-cache-status
MISS
x-provided-by
StackCDN
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ Frame 5463
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway%3A400%2C600&subset=latin&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.3stepmethod.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 18:18:24 GMT
x-content-type-options
nosniff
age
211232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 04 Oct 2024 18:18:24 GMT
fa-solid-900.woff2
www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ Frame 5463
78 KB
79 KB
Font
General
Full URL
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a07:7800::137 , United Kingdom, ASN48254 (TWENTYI, GB),
Reverse DNS
Software
Apache /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

Referer
https://www.3stepmethod.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.2.2
Origin
https://www.3stepmethod.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:51 GMT
last-modified
Thu, 29 Apr 2021 19:38:42 GMT
server
Apache
etag
"139ac-5c121a488baa2"
x-cdn-cache-status
MISS
content-type
font/woff2
x-via
FRA1
accept-ranges
bytes
content-length
80300
x-origin-cache-status
MISS
x-provided-by
StackCDN
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/971986711/ Frame 5463
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/971986711/?random=1696741136042&cv=11&fst=1696741136042&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&hn=www.googleadservices.com&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-971986711
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ffff710628094e3ce1fc7d2d3e10ad76550d0b4924af73d11cd9699c0c35bb89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1372
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame FECB
198 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 08 Oct 2023 04:58:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53356
x-xss-protection
0
pragma
public
x-fb-debug
xIw8+0nQh7Uv5snT2xiXb9eWs5Gpkuwg1FCM1OfxwixpHKPbBchVrQRxjz/3ZH7mZCIKs+pbyNqubhD6OiCDvQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame FECB
238 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SGLBV00EV0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL728P7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f4a982607eb97b535363a9255deb78983aadfc597a5164b95f0ff625db0b2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85121
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 08 Oct 2023 04:58:56 GMT
displays.htm
forms.aweber.com/form/ Frame 5463
43 B
234 B
Image
General
Full URL
https://forms.aweber.com/form/displays.htm?id=jAxszCwMLIwMrA==
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
webform/1.2.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 08 Oct 2023 04:58:56 GMT
via
1.1 varnish
x-cache
MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43
x-served-by
cache-hel1410034-HEL
correlation-id
d26d58cf-8279-41ed-96f7-c602cf5aee73
referrer-policy
no-referrer-when-downgrade
server
webform/1.2.0
x-timer
S1696741136.239356,VS0,VE399
etag
"b80b11203d97fe01c5597ca3be70406ea48f5709"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
expires
Sun, 08 Oct 2023 04:58:56 -0000
/
www.google.com/pagead/1p-user-list/971986711/ Frame 5463
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/971986711/?random=1696741136042&cv=11&fst=1696737600000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3485384681&rmt_tld=0&ipr=y
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.no/pagead/1p-user-list/971986711/ Frame 5463
42 B
108 B
Image
General
Full URL
https://www.google.no/pagead/1p-user-list/971986711/?random=1696741136042&cv=11&fst=1696737600000&bg=ffffff&guid=ON&async=1&gtm=45be3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto&frm=2&tiba=3%20Step%20Method%C2%AE%20%E2%80%93%20Official%20Site%20%E2%80%93%20Earn%20Online%20%7C%20Make%20Money%20Online&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3485384681&rmt_tld=1&ipr=y
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:56 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 21E1
43 B
631 B
Image
General
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2008%20Oct%202023%2004%3A58%3A56%20GMT&n=-3d&b=Lotto%20Annihilator&.yp=10031497&f=https%3A%2F%2Fwww.lottoannihilator.com%2Fvideo%2F&enc=UTF-8&yv=1.15.1&isIframe=1
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Sun, 08 Oct 2023 04:58:56 GMT
log
play.google.com/ Frame
0
0
Preflight
General
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://www.wisewomenlotto.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
http://play.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Sun, 08 Oct 2023 04:58:56 GMT
expires
Sun, 08 Oct 2023 04:58:56 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/
0
0

logImpressions
www.wisewomenlotto.com/_/view/
16 B
117 B
XHR
General
Full URL
https://www.wisewomenlotto.com/_/view/logImpressions?authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.fi.SjAZyETRIcM.O/d=1/rs=AGEqA5ko179Sc7NWyPMDUWwFqqObFoeypg/m=view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wisewomenlotto.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 08 Oct 2023 04:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ Frame 5463
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.7.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3438
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
812bcfc86d7d0b65-OSL
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Oct 2023 04:58:56 GMT
app-strings-en.json
prod.cbstatic.net/dist/i18n/ Frame 21E1
9 B
438 B
XHR
General
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c

Request headers

Accept
application/json
Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
BqFeyA3B0yiQUjIl5w_uun8JbRnVwwQVFwYsR8FwX4lKHQsLi9fGEQ==
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame 21E1
3 KB
4 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
x-amz-version-id
rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3472
x-amz-cf-id
tjHoB8YnkrbUUuxeGZdNPazwS0QU3dtKWILzFURKa2geizX5fP5nVg==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame 21E1
4 KB
5 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
x-amz-version-id
65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
content-type
image/png
content-length
4341
x-amz-cf-id
EbnJi08BSodx-P5WBUvDJGScuj9uPuLdwWToWB53wtCLhegjOICHJg==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ Frame 21E1
4 KB
5 KB
Image
General
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: www.lottoannihilator.com
URL: https://www.lottoannihilator.com/video/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash
6d52d549b35bc3b9235e8853ac2e328bef9677bedbbde29b15eaf444d3064240

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:56 GMT
last-modified
Thu, 05 Oct 2023 16:11:09 GMT
server
keycdn-engine
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4364
expires
Sun, 08 Oct 2023 08:58:56 GMT
643915572950510
connect.facebook.net/signals/config/ Frame FECB
131 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/643915572950510?v=2.9.132&r=stable&domain=godfrequency.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6cfef203877c8ce62c7ad5131e65aa08a320b0c455057e6b2be80c02f7fe88e4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 08 Oct 2023 04:58:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
8TwXfa9O+6kLhSJHU3v+ZuAEw8L1vAtr03gVfFVlfR1yzo67HiLTsNxp4az8Wl51R/7b+2rICXTvjfnSI6uquA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
injectable.js
prod.cbstatic.net/dist/ Frame FECB
187 KB
57 KB
Script
General
Full URL
https://prod.cbstatic.net/dist/injectable.js
Requested by
Host: cbtb.clickbank.net
URL: https://cbtb.clickbank.net/?vendor=godfreq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
x-amz-version-id
RdcimFzJWwtinCAQ.f3F8OeQrj2.m2uJ
content-encoding
gzip
last-modified
Mon, 21 Dec 2020 21:57:37 GMT
server
AmazonS3
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"af651c30e1a69f6f2124e9c1d094a300"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
8JoflSaSnQxdvLT-y3F4brwbDLquAu8UIqHTxRgxA96XmDxoxM7dog==
web
onesignal.com/api/v1/sync/c6154318-e8bf-4538-98fc-5b508fb99652/ Frame 5463
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/c6154318-e8bf-4538-98fc-5b508fb99652/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d654df4dd8714f1af8365d8d9ee57057edd8abf4bacbcd2398d4e02f66341e0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
EXPIRED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
c8801706-0303-4af6-aad7-8f3f1dd50703
x-runtime
0.029122
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4d654df4dd8714f1af8365d8d9ee5705"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
812bcfcb6e1a0b65-OSL
access-control-allow-headers
SDK-Version
expires
Sun, 08 Oct 2023 05:58:57 GMT
playPauseLoadingControl.js
fast.wistia.com/assets/external/ Frame 21E1
79 KB
21 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1ce9cc86fb1717c4a1ee0d27a561bda90accabf7c383dc09e9f2cb6645175f72
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
673
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
20984
x-served-by
cache-iad-kcgs7200166-IAD, cache-hel1410031-HEL
x-browser-version
117
last-modified
Thu, 05 Oct 2023 20:59:42 GMT
server
AmazonS3
x-timer
S1696741137.274282,VS0,VE0
etag
"033a161e1d628ca14fa7b3fc2733b69d"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
2cf2ffc3859004612f9d7452cc54e7ccb57235a1
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
26, 37
mput
pipedream.wistia.com/ Frame 21E1
2 B
329 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5a00:3:471f:5240:93a1 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-type
text/plain; charset=utf-8
x-envoy-upstream-service-time
2
content-length
2
x-amz-cf-id
yCThQWwGr588DE-B93bow8nJ0KJ7HpceaTeNjYApdz8g4AbBrU-H3A==
hls_video.js
fast.wistia.com/assets/external/engines/ Frame 21E1
473 KB
115 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d0ac523281151da47bac4a4d68968fca8518a5b282da8d3bd95913672585def
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
963
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
117669
x-served-by
cache-iad-kcgs7200128-IAD, cache-hel1410031-HEL
x-browser-version
117
last-modified
Thu, 05 Oct 2023 20:59:42 GMT
server
AmazonS3
x-timer
S1696741137.274261,VS0,VE0
etag
"fd69dcb7d36a1bf3e148e7e3f868f06b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
2cf2ffc3859004612f9d7452cc54e7ccb57235a1
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
24, 41
x
distillery.wistia.com/ Frame 21E1
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.113 -, , ASN (),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.lottoannihilator.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
x-amz-cf-id
3YiDcZJij7CEOTQRkxf7cLiI7Z9uCNoEKOjA5ZyBGOBqCfJP7aqivA==
player-dash-mse.min.js
quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/ Frame FECB
2 MB
604 KB
XHR
General
Full URL
https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/player-dash-mse.min.js?hash=qiewes
Requested by
Host: quick.vidalytics.com
URL: https://quick.vidalytics.com/embeds/1GmmqL0C/Q_SVGNsrosZDKlPJ/loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.229.220.49 -, , ASN (),
Reverse DNS
Software
ECAcc (ska/F693) /
Resource Hash
4d8888ecfd42eaa873df07c0bae59e0cb51e1a14ba11a0868997fe85b1a925f0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
gzip
via
1.1 google
x-cdn
3
age
1107117
x-guploader-uploadid
ADPycdsM162pNJO20UKY_jPFrxWDbl0y9_-djrElZdm3pLLivb8kaFStI3ARO9E5mIs0ZodNKBfVLS1Li2W8wop18rfNN7NooU-r
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-custom-time
2023-06-07T21:31:16.251Z
x-goog-metageneration
1
x-goog-meta-x-goog-reserved-source-generation
1686173476165996
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
617973
last-modified
Thu, 13 Jul 2023 09:44:03 GMT
server
ECAcc (ska/F693)
etag
"5d2ddf9be94d651e0f313b9e6a22c683"
vary
Accept-Encoding
x-cdn-site
c3-prod
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-goog-generation
1689241443343631
access-control-expose-headers
Content-Type, server, x-hw, x-cdn, x-cdn-info, x-cache, x-cache-hits, x-served-by, x-goog-stored-content-length, content-length, x-lb-backend, x-lb-cache
cache-control
public, max-age=300, s-maxage=2592000
x-goog-hash
crc32c=L4vKOw==, md5=XS3fm+lNZR4PMTueaiLGgw==
x-goog-stored-content-length
617973
x-lb-backend
gcs-prod
accept-ranges
bytes
x-lb-cache
miss
expires
Tue, 07 Nov 2023 04:58:57 GMT
/
www.facebook.com/tr/ Frame FECB
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=643915572950510&ev=PageView&dl=https%3A%2F%2Fgodfrequency.co%2Fvsl%2Findex_ctrl.php&rl=&if=true&ts=1696741137198&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&ler=empty&it=1696741136757&coo=false&exp=a0&rqm=GET
Requested by
Host: godfrequency.co
URL: https://godfrequency.co/vsl/index_ctrl.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 08 Oct 2023 04:58:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 79CA
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 79CA
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame E010
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame E010
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 68D1
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.ecwid.com/ Frame 68D1
12 B
238 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
checkout.min.js
www.paypalobjects.com/api/ Frame 79CA
863 KB
169 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
53fa51f0183bb
dc
ccg11-origin-www-1.paypal.com
content-length
172676
x-served-by
cache-sjc1000103-SJC, cache-hel1410022-HEL
last-modified
Wed, 24 May 2023 16:43:28 GMT
traceparent
00-000000000000000000053fa51f0183bb-c6eaad1585907455-01
x-timer
S1696741137.404490,VS0,VE0
etag
W/"646e3eb0-d7ad2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
245787, 3
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 79CA
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2
etag
"1467409889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
VSNiJ2C_Ed37Iw6QrD0UN0fqyqcciu9dN9iBhBqqm-KcWQ_bse4W-w==
/
js.stripe.com/v3/ Frame 79CA
537 KB
133 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
9091aad8cbd4b0fc28f3591bebc4961c0301ab95503477739953bed4cca3d2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:23 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
36
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 21:24:15 GMT
server
Cloudfront
etag
W/"2a69298ff4fea8255cfde1cff97d3582"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
t_B6YeZqEN_7faR-mbOH3LB2tCJFlojM78X25JOt4pYIODLzNkRusA==
ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 79CA
2 MB
386 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
8337da63ddd4e08460b056b6a5bff36e41ee6105c5fa67a758f5dde2c17ef5ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:57 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229680
etag
b74eb5393132ac0dda19c85bc85746b3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
MIz4SvK5blEqyCdjatbZg4zMLhwRdj9MpWdhX85RjwfaLCU8r2mKUg==
rpc
app.ecwid.com/ Frame 79CA
9 KB
3 KB
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2aacd088aae6b79c9e25829ab0b3faed7edf3dd5b29f6a573ad0f7259491e14

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;1026
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Sun, 08 Oct 2023 04:58:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
Content-Length
2330
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:57 GMT
Server
nginx
checkout.min.js
www.paypalobjects.com/api/ Frame E010
863 KB
169 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
53fa51f0183bb
dc
ccg11-origin-www-1.paypal.com
content-length
172676
x-served-by
cache-sjc1000103-SJC, cache-hel1410022-HEL
last-modified
Wed, 24 May 2023 16:43:28 GMT
traceparent
00-000000000000000000053fa51f0183bb-c6eaad1585907455-01
x-timer
S1696741138.643173,VS0,VE0
etag
W/"646e3eb0-d7ad2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
245787, 4
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame E010
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2
etag
"1467409889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
2YAoj8mtGnSk7fTGfM_HeNMf2sRwI0ko0bdfl2xXjfv8M_hnun0I8w==
/
js.stripe.com/v3/ Frame E010
537 KB
134 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
9091aad8cbd4b0fc28f3591bebc4961c0301ab95503477739953bed4cca3d2b9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:25 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
43
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 21:24:14 GMT
server
Cloudfront
etag
W/"2a69298ff4fea8255cfde1cff97d3582"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
NQ48PJIBWQGNak05HuHc9k0_Yzndnih0w6YOP9Z-HYhUx2xnPFaMiA==
ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame E010
2 MB
386 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
8337da63ddd4e08460b056b6a5bff36e41ee6105c5fa67a758f5dde2c17ef5ee
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:57 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229680
etag
b74eb5393132ac0dda19c85bc85746b3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
iJx_dk0EMuBgqoGAwWMlxQaI6ePZfxCIBffqGzZ1kVkbz0nqoGBvzg==
rpc
app.ecwid.com/ Frame E010
1 KB
829 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b2ae4939c77ae919faebf9e0f42fb98984809107435a802ab48ac989b203f423

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_MOBILE;1600;1200;96;562;500
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Sun, 08 Oct 2023 04:58:58 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
Content-Length
578
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
checkout.min.js
www.paypalobjects.com/api/ Frame 68D1
863 KB
169 KB
Script
General
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:57 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
paypal-debug-id
53fa51f0183bb
dc
ccg11-origin-www-1.paypal.com
content-length
172676
x-served-by
cache-sjc1000103-SJC, cache-hel1410022-HEL
last-modified
Wed, 24 May 2023 16:43:28 GMT
traceparent
00-000000000000000000053fa51f0183bb-c6eaad1585907455-01
x-timer
S1696741138.936496,VS0,VE0
etag
W/"646e3eb0-d7ad2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
x-cache-hits
245787, 5
new
d1oxsl77a1kjht.cloudfront.net/css/ Frame 68D1
1 MB
110 KB
Stylesheet
General
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=1467409889&ownerid=73784560&withoutLegacyCss=true&id-selector=html%23ecwid_html%20body%23ecwid_body&frontendV2
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8c00:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:55 GMT
content-encoding
gzip
via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3
etag
"1467409889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
joQBfN18quo6SUkQtPDVua3KvoWGCBLMn1XJYIk2gexvJuy4HN681A==
/
js.stripe.com/v3/ Frame 68D1
537 KB
133 KB
Script
General
Full URL
https://js.stripe.com/v3/
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:23 GMT
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
37
x-cache
Hit from cloudfront
last-modified
Fri, 06 Oct 2023 21:24:15 GMT
server
Cloudfront
etag
W/"2a69298ff4fea8255cfde1cff97d3582"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
AHMFgCPtuMRrhiGz-u_7DnmNZKN-7RJn4s76TEp6HOC7WrjPNSWxyw==
ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ Frame 68D1
2 MB
386 KB
Script
General
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.b74eb5393132ac0dda19c85bc85746b3.min.js
Requested by
Host: app.ecwid.com
URL: https://app.ecwid.com/script.js?73784560&data_platform=singleproduct_v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-89.fra56.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Thu, 05 Oct 2023 13:10:57 GMT
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800
server
nginx/1.19.0
x-amz-cf-pop
FRA56-P3
age
229681
etag
b74eb5393132ac0dda19c85bc85746b3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
-JSzm5nXO8O98AeIWEj95aTziuXsA56pOhuyTMrwji4xczG6oGow2A==
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:58 GMT
Server
nginx
rpc
app.ecwid.com/ Frame 68D1
20 B
307 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9922a5981b422da601817238d06f288a3b8048689c9bb753b42ae5b21e7e163a

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Sun, 08 Oct 2023 04:58:58 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
gl
g1386590346.co/ Frame 5463
6 KB
6 KB
Script
General
Full URL
https://g1386590346.co/gl?id=-LLFJeTnZetBByslBQNq&refurl=&winurl=https%3A%2F%2Fwww.3stepmethod.com%2F%3Fhop%3Dnanaslotto
Requested by
Host: www.3stepmethod.com
URL: https://www.3stepmethod.com/?hop=nanaslotto
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7d2:: -, , ASN (),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
b06b94621d35c4cb7f5137ffe27588d28e53da261707f6b68a1fba6524d97c43

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.3stepmethod.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:58 GMT
via
1.1 google
server
Google Frontend
x-powered-by
Express
etag
W/"1723-8YS0QLJZCCC23azipZ3Ei/rJXtA"
content-type
application/javascript; charset=utf-8
x-cloud-trace-context
28c6429496fd0a83d69a8f8b8280a384
cache-control
private, no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5923
allIntegrations.js
fast.wistia.com/assets/external/ Frame 21E1
23 KB
6 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:58 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
335
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
5792
x-served-by
cache-iad-kcgs7200054-IAD, cache-hel1410031-HEL
x-browser-version
117
last-modified
Thu, 05 Oct 2023 20:59:41 GMT
server
AmazonS3
x-timer
S1696741139.722170,VS0,VE0
etag
"fdb03ba8801daaf73ed19585638f95ec"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
asset-version
2cf2ffc3859004612f9d7452cc54e7ccb57235a1
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
31, 9011
register
ecomm.events/ Frame 79CA
0
80 B
Ping
General
Full URL
https://ecomm.events/register
Requested by
Host: ecomm.events
URL: https://ecomm.events/i.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.230.167.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-222.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://752612055-atari-embeds.googleusercontent.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 Oct 2023 04:58:58 GMT
strict-transport-security
max-age=15724800
server
nginx/1.19.0
content-length
0
awesome-log
stats.vidalytics.com/ Frame FECB
43 B
412 B
XHR
General
Full URL
https://stats.vidalytics.com/awesome-log?cid=1GmmqL0C
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.211.97 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
server
istio-envoy
etag
"1GmmqL0C/36vVDUteg1qbnXcg"
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://godfrequency.co
access-control-expose-headers
Access-Control-Allow-Origin,Cache-Control,Content-Length,Content-Type,ETag,If-None-Match
cache-control
no-cache, public, max-age=2592000
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Origin, Range, X-Requested-With
content-length
43
licensing
analytics-ingress-global.bitmovin.com/ Frame FECB
117 B
378 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/licensing
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.58.1 /
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 google
server
v1.58.1
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
117
alt-svc
clear
tldrk4hdlb.m3u8
fast.wistia.com/embed/medias/ Frame 21E1
385 B
908 B
XHR
General
Full URL
https://fast.wistia.com/embed/medias/tldrk4hdlb.m3u8
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://www.lottoannihilator.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 d640ec12547ee097cb75dd5bdc8787b8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=0
x-permitted-cross-domain-policies
none
x-amz-cf-pop
IAD61-P1
age
42884
x-cache
Miss from cloudfront, HIT, MISS
x-envoy-upstream-service-time
36
content-length
385
x-request-id
259c9097-6b66-486c-9d04-22e836ed97f6
x-served-by
cache-iad-kiad7000054-IAD, cache-hel1410031-HEL
x-runtime
0.034594
x-browser-version
117
server
envoy
x-timer
S1696741139.248782,VS0,VE98
etag
W/"77dde14211368f448d6d974bfb2b9a47"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-type
application/x-mpegURL
access-control-allow-origin
*
cache-control
public, no-cache
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
zG4CgvCyJ87f3w3h0DRtLbQie67kATCiucqnWxbMV8Gpx5QfPiHbuw==
x-cache-hits
5, 0
blank.gif
fast.wistia.com/assets/images/ Frame 21E1
1 KB
2 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.lottoannihilator.com/
Origin
https://www.lottoannihilator.com
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=0
age
2434
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
1214
x-served-by
cache-iad-kjyo7100021-IAD, cache-hel1410031-HEL
x-browser-version
117
last-modified
Wed, 10 May 2023 19:48:54 GMT
server
AmazonS3
x-timer
S1696741139.252847,VS0,VE0
etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
67, 103
pptm.js
www.paypal.com/tagmanager/ Frame 79CA
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=752612055-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-CN4JoHln1iPPZENwU3G3zRctO1CtN6njYAkwGNuqcGFCaJJh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-CN4JoHln1iPPZENwU3G3zRctO1CtN6njYAkwGNuqcGFCaJJh' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f5068678d622f
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220023-FRA, cache-hel1410031-HEL, cache-hel1410031-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5068678d622f-1b86dbb9aae6f19d-01
x-timer
S1696741140.608059,VS0,VE222
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
pptm.js
www.paypal.com/tagmanager/ Frame E010
12 KB
5 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=752612055-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4NHDSnXK+lAWd68ffACs3Cq33BhYcsi4inCHEJ4NAF6eU974' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-4NHDSnXK+lAWd68ffACs3Cq33BhYcsi4inCHEJ4NAF6eU974' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f5068670c9459
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220023-FRA, cache-hel1410031-HEL, cache-hel1410031-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f5068670c9459-0eb795e068fffd9e-01
x-timer
S1696741140.608052,VS0,VE263
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
register
ecomm.events/ Frame E010
0
80 B
Ping
General
Full URL
https://ecomm.events/register
Requested by
Host: ecomm.events
URL: https://ecomm.events/i.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.230.167.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-167-222.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

Referer
https://752612055-atari-embeds.googleusercontent.com/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
strict-transport-security
max-age=15724800
server
nginx/1.19.0
content-length
0
rpc
app.ecwid.com/ Frame 68D1
68 B
356 B
XHR
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

X-GWT-Module-Base
https://d11s7fcxy18ubx.cloudfront.net/node/static/2023/2023-46865-g110a47ce40f8a4/ru.cdev.xnext.frontend.LegacyFrontend/
X-GWT-Permutation
1B08C5F7E81D6B2BAD41F8085CA9A1F6
Referer
https://752612055-atari-embeds.googleusercontent.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1154;400
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Date
Sun, 08 Oct 2023 04:59:00 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Content-Disposition
attachment
Connection
keep-alive
logo-header-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame FECB
3 KB
4 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-header-two-tone-en.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:59:00 GMT
x-amz-version-id
rgVoO.sKTwEpJN65bYI.UT4E8UVMZSpC
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"47cdefc96f75be3d978d4b444737b00e"
x-cache
Miss from cloudfront
content-type
image/png
content-length
3472
x-amz-cf-id
UiRYwyjIa43WhSv6_mp7iHrud4E2mjlYx-CtZXeD_aifvhz2FmxLbw==
logo-tab-two-tone-en.png
prod.cbstatic.net/dist/assets/ Frame FECB
4 KB
5 KB
Image
General
Full URL
https://prod.cbstatic.net/dist/assets/logo-tab-two-tone-en.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:59:00 GMT
x-amz-version-id
65GBUS1AcRJNN3GRB3Nf3yY51OsdERt0
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"c06ae1ecaaf7e0610c68af117658a7e0"
x-cache
Miss from cloudfront
content-type
image/png
content-length
4341
x-amz-cf-id
oJCQsAEwSBDO07O-T-wK87Xjdthbyo9zVAlwph3lcveRMy921-6Zbw==
blue-seal-153-100-clickbank-5004291.png
seal-boise.bbb.org/seals/ Frame FECB
4 KB
5 KB
Image
General
Full URL
https://seal-boise.bbb.org/seals/blue-seal-153-100-clickbank-5004291.png
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 -, , ASN (),
Reverse DNS
Software
keycdn-engine / ASP.NET
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
last-modified
Thu, 05 Oct 2023 16:11:09 GMT
server
keycdn-engine
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
4364
expires
Sun, 08 Oct 2023 08:58:59 GMT
app-strings-en.json
prod.cbstatic.net/dist/i18n/ Frame FECB
9 B
436 B
XHR
General
Full URL
https://prod.cbstatic.net/dist/i18n/app-strings-en.json
Requested by
Host: prod.cbstatic.net
URL: https://prod.cbstatic.net/dist/injectable.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept
application/json
Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:59:00 GMT
x-amz-version-id
ZlnvsWVay.azLO76UGrGFfzKmZRJT9PH
via
1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
last-modified
Mon, 21 Dec 2020 21:57:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"cdfca8b09e61ae7324e48f01984c9b34"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
vary
Origin
content-length
9
x-amz-cf-id
1eVd5B-5otexPxp-dPYQWQdlY_DwCfbdIpdZOfSoZwyAgFZZ6TaIbQ==
js
www.googletagmanager.com/gtag/ Frame FECB
257 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-678PDF7261&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WBFS28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://godfrequency.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90196
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 08 Oct 2023 04:58:59 GMT
3495531136.jpg
d2j6dbq0eux0bg.cloudfront.net/images/73784560/ Frame 79CA
19 KB
19 KB
Image
General
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/73784560/3495531136.jpg
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.72 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:59:01 GMT
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 01:37:36 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"c9ee3d5cd82433d60554176c9e00a24f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18944
x-amz-cf-id
rifjKv8IHNkhrAQDeScIFx2DEV_IXtyaCzLx2FvtwCkyobCFPXeaFw==
licensing
licensing.bitmovin.com/ Frame FECB
165 B
451 B
XHR
General
Full URL
https://licensing.bitmovin.com/licensing
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:df23:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 google
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
content-length
165
rpc
app.ecwid.com/ Frame
0
0
Preflight
General
Full URL
https://app.ecwid.com/rpc?ownerid=73784560&version=2023-46865-g110a47ce40f8a4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.78.209.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-78-209-160.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://752612055-atari-embeds.googleusercontent.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Sun, 08 Oct 2023 04:58:59 GMT
Server
nginx
pptm.js
www.paypal.com/tagmanager/ Frame 68D1
12 KB
6 KB
Script
General
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=752612055-atari-embeds.googleusercontent.com&source=checkoutjs&t=xo&v=4.0.338
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.21 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vgIxvbOnAbLp5F91kourKQJB5PmukgfmUSViTlesDHCtKEnO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-vgIxvbOnAbLp5F91kourKQJB5PmukgfmUSViTlesDHCtKEnO' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS, MISS, MISS
paypal-debug-id
f506867652fdd
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4333
x-xss-protection
1; mode=block
x-served-by
cache-fra-etou8220023-FRA, cache-hel1410031-HEL, cache-hel1410031-HEL
accept-ch
sec-ch-ua-full, sec-ch-ua-arch, sec-ch-ua-model, sec-ch-ua-platform-version, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-bitness, sec-ch-ua-wow64
traceparent
00-0000000000000000000f506867652fdd-910274db281f0cec-01
x-timer
S1696741140.666172,VS0,VE316
etag
W/"2f77-fIq9qnCon8TdoZhLWsbuxT4um1A"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=3600
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
permissions-policy
ch-ua-platform-version=(self "https://c.paypal.com"),ch-ua-arch=(self "https://c.paypal.com"),ch-ua-wow64=(self "https://c.paypal.com"),ch-ua-model=(self "https://c.paypal.com"),ch-ua-bitness=(self "https://c.paypal.com"),ch-ua-full-version=(self "https://c.paypal.com"),ch-ua-full-version-list=(self "https://c.paypal.com")
accept-ranges
bytes
x-cache-hits
0, 0, 0
3889560390.jpg
d2j6dbq0eux0bg.cloudfront.net/images/73784560/ Frame E010
31 KB
31 KB
Image
General
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/73784560/3889560390.jpg
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.72 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://752612055-atari-embeds.googleusercontent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 04:59:01 GMT
via
1.1 82386e4e4f56a0c01411d1aea6f3fd46.cloudfront.net (CloudFront)
last-modified
Thu, 28 Sep 2023 17:23:49 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
etag
"b62512e300ebe110b2bfadbd42b1403e"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
31748
x-amz-cf-id
kmt3zB-L57Ajz8jCUXK184RrpEFaCXgrY7WqlYWMlk1yS3wIgyPhuQ==
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame 65F4
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://752612055-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1734
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 Oct 2023 04:30:08 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Wed, 04 Oct 2023 21:34:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
lYt12f8mxi0NqbR9t132q_3ACDJtKjTr6QnVCI_0XxqfIymQxzr5kQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
truncated
/ Frame E010
294 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
truncated
/ Frame 79CA
294 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame A9C8
200 B
1 KB
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://752612055-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1734
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 Oct 2023 04:30:08 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Wed, 04 Oct 2023 21:34:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
R8czT4nWP5TQMpZOjF0F9cJQRAx5PUba2bRihX3DDweG1P2DOnz4Ow==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
analytics
analytics-ingress-global.bitmovin.com/ Frame FECB
0
42 B
XHR
General
Full URL
https://analytics-ingress-global.bitmovin.com/analytics
Requested by
Host: www.wisewomenlotto.com
URL: https://www.wisewomenlotto.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.27.197 -, , ASN (),
Reverse DNS
Software
v1.58.1 /
Resource Hash

Request headers

Referer
https://godfrequency.co/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 08 Oct 2023 04:58:59 GMT
via
1.1 google
server
v1.58.1
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
clear
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame 65F4
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sun, 08 Oct 2023 04:00:08 GMT
x-content-type-options
nosniff
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3534
x-cache
Hit from cloudfront
content-length
631
last-modified
Tue, 03 Oct 2023 20:18:04 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
iDUMYPISmT31i7odXXkVkjMwiZHAQSj6Am8Im9UkxEwnnGsja36tuw==
stream.mpd
quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/ Frame FECB
0
0

e57288287b8696dae13630f98564b5bdd365a9a3.m3u8
embed-cloudfront.wistia.com/deliveries/ Frame 21E1
0
0

m-outer-27c67c0d52761104439bb051c7856ab1.html
js.stripe.com/v3/ Frame D88D
200 B
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://752612055-atari-embeds.googleusercontent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1735
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 Oct 2023 04:30:08 GMT
etag
"27c67c0d52761104439bb051c7856ab1"
last-modified
Wed, 04 Oct 2023 21:34:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-id
Y-fx6zFbMtQbj0PDp-jDa1JnIxoLpbGdNokD4q2EF05prHKO5CtphQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame A9C8
631 B
1 KB
Script
General
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.9 -, , ASN (),
Reverse DNS
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
date
Sun, 08 Oct 2023 04:00:08 GMT
x-content-type-options
nosniff
via
1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3534
x-cache
Hit from cloudfront
content-length
631
last-modified
Tue, 03 Oct 2023 20:18:04 GMT
server
Cloudfront
etag
"70cacf09ae81711ac6dcbc5ee59750c4"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
kdrS4H8Yqk8cXqwznptMRI-MTS7jJACjbR-JFrh6EwhxWXxiVCXF_w==
m-outer-6576085ca35ee42f2f484cda6763e4aa.js
js.stripe.com/v3/fingerprinted/js/ Frame D88D
0
0

mput
pipedream.wistia.com/ Frame 21E1
0
0

ts
t.paypal.com/ Frame 79CA
0
0

log
play.google.com/ Frame
0
0

log
play.google.com/
0
0

logImpressions
www.wisewomenlotto.com/_/view/
0
0

ts
t.paypal.com/ Frame E010
0
0

csp-report
q.stripe.com/ Frame 65F4
0
0

csp-report
q.stripe.com/ Frame 65F4
0
0

inner.html
m.stripe.network/ Frame 7B31
0
0

ts
t.paypal.com/ Frame 68D1
0
0

csp-report
q.stripe.com/ Frame A9C8
0
0

csp-report
q.stripe.com/ Frame A9C8
0
0

inner.html
m.stripe.network/ Frame 5268
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
URL
https://a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net/
Domain
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
URL
https://5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net/
Domain
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
URL
https://63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net/
Domain
jaswertrk.com
URL
https://jaswertrk.com/scripts/retarlts.php
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
quick.vidalytics.com
URL
https://quick.vidalytics.com/video/1GmmqL0C/u3Biy1nFFvkd6Vd8/60747/51819/stream.mpd
Domain
embed-cloudfront.wistia.com
URL
https://embed-cloudfront.wistia.com/deliveries/e57288287b8696dae13630f98564b5bdd365a9a3.m3u8
Domain
js.stripe.com
URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js
Domain
pipedream.wistia.com
URL
https://pipedream.wistia.com/mput?topic=metrics
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=1026&bw=1154&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696741140591&g=-180&completeurl=https%3A%2F%2F752612055-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.2GVPeSBFvlM.O%252Fd%253D1%252Frs%253DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
play.google.com
URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Domain
www.wisewomenlotto.com
URL
https://www.wisewomenlotto.com/_/view/logImpressions?authuser=0
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=500&bw=562&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696741140612&g=-180&completeurl=https%3A%2F%2F752612055-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.2GVPeSBFvlM.O%252Fd%253D1%252Frs%253DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
m.stripe.network
URL
https://m.stripe.network/inner.html
Domain
t.paypal.com
URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&dh=1200&dw=1600&bh=400&bw=1154&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1696741140620&g=-180&completeurl=https%3A%2F%2F752612055-atari-embeds.googleusercontent.com%2Fembeds%2F16cb204cf3a9d4d223a0a3fd8b0eec5d%2Finner-frame-minified.html%3Fjsh%3Dm%253B%252F_%252Fscs%252Fabc-static%252F_%252Fjs%252Fk%253Dgapi.lb.fi.2GVPeSBFvlM.O%252Fd%253D1%252Frs%253DAHpOoo8b8MBeQKxXWScWQAj6tRKpVFSZ1g%252Fm%253D__features__&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
q.stripe.com
URL
https://q.stripe.com/csp-report
Domain
m.stripe.network
URL
https://m.stripe.network/inner.html

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| DOCS_timing function| _DumpException object| _docs_flag_initialData object| _docs_flag_cek function| gapiLoaded object| _at_config object| globals object| messages object| gapi object| ___jsl function| bgImgLoaded object| default_vw function| _F_installCss object| _bind object| closure_lm_486854 object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis function| _getTimingInstance function| _docsTiming function| MicroscopeImageMetadata object| MicroscopeMaximizeMode object| MicroscopeBackgroundStyle function| MicroscopeState function| MicroscopeSize object| MicroscopeResizeMode object| MicroscopeZoomWidgetMode function| Microscope object| userfeedback object| help

6 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=Qq-o2sBb3cXznXvTI4xPCRpAQqKnRIKGj-8yYerG9P1UemevBxx0dW4E8yiW9BjNl6MBwpjLMfA0380BYXlECai2REgmwy1YwX2QwCmYZYFYYfqjd7rjbSl8ZYBvPPCQEP0hhGX055KIZNYtSqM3f54ZN5U7aD34eHChfiSu-H4
cbtb.clickbank.net/ Name: AWSALBCORS
Value: sRQNXQW72hcsE+DKvydVwhu1u73u04ky9vQ/O3p0NS6SgIyuTab/5kPA+TkjZgxdlBNNrONjt6bMa8Xys4VheprCVgIkD/lcqec73iNsG+29gXJpkGXYcX7c9RPM
.doubleclick.net/ Name: IDE
Value: AHWqTUklmjZNcUV6z_IiqPW52yDDw6DUiRZUx2dCbSAf9ZsCNI3BiLsXCCY5g4Xg
analytics.sitewit.com/ Name: AWSALBCORS
Value: HcK4qne/Lr3R5Bv7HNAm0RKVrTu96MuUG/mjHznd0ysFy8V4vHq9R1k/Pnm8EdAyLAs9Iw+qgdIliVs375b9xCBaOOLuFlz8A9AqI4olksvTVyqAxCQzp7rfMWxb
.onesignal.com/ Name: __cf_bm
Value: f2xC7kBgJlGiLg3ej.w39n_fG9M58fB2uj6S_gGYZT8-1696741136-0-AVQt/h83S+HLAeWa3mHJCMXUj6ZlGqC1eDqLLoXRdRqOr4k/l5TwTEMG8sFfasM5ZX+N+MD/gYmLWvYtwS7LPVE=
.yahoo.com/ Name: A3
Value: d=AQABBBA3ImUCEARCuA3U6iG33_at4swkT0AFEgEBAQGII2UsZfTMccAB_eMAAA&S=AQAAAl4YGkhNXa4SCAv6e5FPegw

25 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.wisewomenlotto.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.wisewomenlotto.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://www.lottoannihilator.com/video/(Line 339)
Message:
Mixed Content: The page at 'https://www.wisewomenlotto.com/' was loaded over HTTPS, but requested an insecure frame 'http://ww25.jaswertrk.com/scripts/retarlts.php?subid1=20231008-1558-56e4-918f-227052e167d6'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://www.wisewomenlotto.com/
Message:
Access to XMLHttpRequest at 'https://play.google.com/log?format=json&hasfast=true&authuser=0' from origin 'https://www.wisewomenlotto.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header has a value 'http://play.google.com' that is not equal to the supplied origin.
network error URL: https://play.google.com/log?format=json&hasfast=true&authuser=0
Message:
Failed to load resource: net::ERR_FAILED
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
deprecation warning URL: https://www.paypalobjects.com/api/checkout.min.js(Line 1)
Message:
Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-6r_4WetW5yj-TOGJ4n6xzA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
752612055-atari-embeds.googleusercontent.com
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
ajax.googleapis.com
analytics-ingress-global.bitmovin.com
analytics.sitewit.com
apis.google.com
app.ecwid.com
cbtb.clickbank.net
cdn.jsdelivr.net
cdn.onesignal.com
connect.facebook.net
cpv.godfrequency.co
d11s7fcxy18ubx.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d20ubqycd8ynev.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
distillery.wistia.com
ecomm.events
embed-cloudfront.wistia.com
embed-ssl.wistia.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
forms.aweber.com
g1386590346.co
godfrequency.co
googleads.g.doubleclick.net
jaswertrk.com
js.stripe.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
licensing.bitmovin.com
m.stripe.network
onesignal.com
pipedream.wistia.com
play.google.com
prod.cbstatic.net
q.stripe.com
quick.vidalytics.com
s.yimg.com
seal-boise.bbb.org
sp.analytics.yahoo.com
stackpath.bootstrapcdn.com
stats.vidalytics.com
t.paypal.com
trends.revcontent.com
trk.cosmicmedia.io
wisewomenlotto.com
www.3stepmethod.com
www.facebook.com
www.google.com
www.google.no
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.lottoannihilator.com
www.paypal.com
www.paypalobjects.com
www.wisewomenlotto.com
5e300elmhjyb1q-0w4heod7oco.hop.clickbank.net
63135adhcgmj5lzeqrv7zocyl6.hop.clickbank.net
a03299kehqtgveq6-dhpjs3udm.hop.clickbank.net
embed-cloudfront.wistia.com
jaswertrk.com
js.stripe.com
m.stripe.network
pipedream.wistia.com
play.google.com
q.stripe.com
quick.vidalytics.com
t.paypal.com
www.wisewomenlotto.com
107.178.211.97
13.32.121.113
142.250.186.130
143.204.215.66
151.101.1.21
151.101.2.133
151.101.65.91
192.229.220.49
2001:4860:4802:38::15
212.82.100.181
2600:1901:0:7d2::
2600:1901:0:df23::
2600:1f18:243f:2d00:fb35:6525:61e2:f009
2600:9000:2057:ea00:1f:f560:8d00:21
2600:9000:206f:c600:19:4fd1:c1c0:21
2600:9000:211e:ba00:1e:c86:4140:93a1
2600:9000:223f:e200:13:2031:2340:21
2600:9000:236e:5a00:3:471f:5240:93a1
2600:9000:2491:8c00:1c:b536:2c40:21
2606:4700:20::681a:219
2606:4700:20::ac43:4b6e
2606:4700::6810:5614
2606:4700::6812:bcf
2606:4700::6812:d63b
2a00:1288:80:807::2
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2003
2a00:1450:4001:811::200a
2a00:1450:4001:81c::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::2013
2a00:1450:4001:82a::200a
2a00:1450:4001:830::200e
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42::644
2a07:7800::137
2a0b:4d07:101::1
3.78.209.160
34.214.231.218
34.230.167.222
35.190.27.197
35.83.191.28
52.212.137.24
52.222.206.89
52.222.236.72
67.222.21.127
99.86.4.9
00c89e0cd4c41144418e06885bb87e962fdb17567bf55adccb1678a1f6beca4c
013e84310d7ab057017b3fa16549a6d4c254fd82b6555ed23a2f1747532e3f88
018f897df5ec50c53fba81270a9eb456e897ae789af33f9a7d2666fd2da09878
021decea59207b5b1dededd25bb1c6a69647aaa2f268689d9122d5bb2370bab9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03cb92827a65fb48c0850d1ea243a139bf58614c4e85ca9b88def0ece910efdf
0480021557f759b94e8ed218c91fef9c79b1c0eed0103e9a82d377bd14ac977e
080a6bfe30a39a7ff8ef69bd9746a8052b82e630975e510f3cb54020fcb0219a
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1025450edcdd5d63c5dd20eb081d71c2844be2a56df3010ace7a9bea12bfccfb
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
170953154253d30323f7cb92e5b3f0c300787043952039a806800105bd4a9c6a
1a3678563ce82003c4fbf936a48bfdfba30426d94d18e802d576cecc20eb4562
1ada5259a5ac61a7d68315f7efa6b98d61d2d0478df0545869c880afeaa67dcd
1ca2e1b9b208334805246dbf3855ef3b36cbf192ff75615d0ccd0c7164b479c3
1ce9cc86fb1717c4a1ee0d27a561bda90accabf7c383dc09e9f2cb6645175f72
1da8a039927042c95ebeacd909fd930acb03ef41568f91eee60a17c4e5eb5b15
1f2cdce4680a992c70e212305955fe6ffbd0b1c8a5affcf06067ba0608a71bed
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
273a37738eb849b8a050887a542627ac8be34cade45564f9bea3056b6ee7e9e7
2741a98ce6c12d14511f57b4332648da345cd9826adc68bab7013ab89fbe632e
2867b942058e600e2703264a651c096633e511e27b89ac7389b13cac21f02fa9
2989e0b9e836cb9de3274d641ec6a58c2052f039e790ddd59b22303930bfdeeb
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d0ac523281151da47bac4a4d68968fca8518a5b282da8d3bd95913672585def
2f4d0823359307bdc2fbcc62d1004b361b02cc8ae5d6cb75f314658827ee1eeb
33d169ddf59845727706b8f35156f216570fa4db793f33ac852d2baf44199374
343c96034205ea01bf921b896e3ef1fe434b907b53a9a9850135f9617c07b03b
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
3cd9734614fc961176df16f6d506171c4b9a1df69e46f791fec91a3adad0e005
3cf0b9f95a9eb9273ecc90fa4e53338c1dbcb5fbf96d19357f2c527870668fb4
3cfe790335dc4ff07f0f501fb361687f88edca78273d2424e0797457924462ea
3f4a982607eb97b535363a9255deb78983aadfc597a5164b95f0ff625db0b2b4
40a4d9ee587150c67bb0405f36b37d3600bbd91ecf7cfc221921b21e3e15f5aa
410f59fe4189e1268b823b1fc04d675a8996fc50fe9e80c07103e4f8947c3b01
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
432960704acec85c6344927634bc04d00bd50d1104536583b5408911cfea00a5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
447bdcdb824004592b67dd6a45a91ccef95e979b11f7236a9ac23ddaeaac359d
47ea098a19f76499975eb245a69791db1ac913882aa2610caec2a9a8ac28a7a9
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48492a4548ecd3f543b088f7c1badc5ba9adc4a187874e12f844fd4a4552b187
49cac7b91540d4ac8d48564bfaf6c987754de65ec197b9a3dd536661db6c8ca0
4a2e8f6c07744ff59534fab4d21430272beab3638bc74f724496b90d923d1468
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4d3d44f6ec54680e837763f2fdc2d5f2ab8811717cd585942c064eec31ddf6c8
4d654df4dd8714f1af8365d8d9ee57057edd8abf4bacbcd2398d4e02f66341e0
4d8888ecfd42eaa873df07c0bae59e0cb51e1a14ba11a0868997fe85b1a925f0
54a998a4a4dbcdccbef900d39751aec00532d3f4b29178312682863aa538a008
54b16a534f27d39f8edb7dd908ecf182b4be466f86f28ac0f01f415f2ba9d1cf
563510d8c38afb977ee5fdcc444120a35bd0d0c74d43bc3f20f656567287483e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
5fc9cb7413f570eb84f48cdfaca37af4aa5072916d484aae5c65dd615e9a8610
5ffef9a3fefbd95b22b8b3d27581cb27aeed5d1d8d252139104334e9a62672a2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
64d9243855632a8f930bf2f6ee088981c606a9f3cefbdcee3576191dc353a08b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66f47868fdf31319a2f6587f17803aae751c78875ff5deb0a8f38686262f869a
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6bd204027ac589144e37b2bc2ba82ec176cfe793bbc697b10ddbbee2392cde2a
6cfef203877c8ce62c7ad5131e65aa08a320b0c455057e6b2be80c02f7fe88e4
6d52d549b35bc3b9235e8853ac2e328bef9677bedbbde29b15eaf444d3064240
743920a6df53feb02c6a74581a04aa982408375542de4e2924b3c8b493a5e242
7460e7bfe27ba69692cd72452646130bf8f0e91177c867d7360297029228ff6c
75c72e3ce633d28f29eb8cb7f35d46a81db681ede1f59fbaaa149f1964a9e4a1
7665a040b2186ab65960d29e0d407c06ed1155c59313bea4811bb2317a990e99
76c7f09fc77a0bc67fba1b2fe14bd4a567020892ad26c1312fb76c4735ed689f
78981e8c1ec7b658060824a9f12782f9c1b08cdf90b8fed84f1dedf0bca55102
794504179922422ea4bdbc738a3ad5c0b19c2015ff680cc073122e6f1a592a37
7b0315eabc2a7646ba2bfbe779a72ac2b8dc02d083c547479909eef884de5c80
7da9b72002f3f70d3b297e9bee7665b7edcb311d1b0bf13c06a9c34c9353e22d
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8143c1639f0a257f2ba1e17c04137c194cf4c87e4561ecf1f5a3e5dff63bbf7a
8337da63ddd4e08460b056b6a5bff36e41ee6105c5fa67a758f5dde2c17ef5ee
83563ea9ceef18e7ad490c2b09b76650f4fd50ac78f18103d2abc1771709de77
84986c117f6f9418eff2f7ce5e55940671f178542c58092c05ef539ebd4da308
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8b6e874e09fd450a979bf4a9dce3590d03e1e3d645995ae94f52530b20222c6c
8c8ec84c3d960446811b13bab159c45d4f1d4aaf4def1b6ce479071c755bdf87
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
9091aad8cbd4b0fc28f3591bebc4961c0301ab95503477739953bed4cca3d2b9
90b0bc71a3f3712d834523c9709a5304b4f19f1702c9db3e094e83dcbeabfcd3
9137e657209c0ae29f0af3183bc0d30708244470eb59393123ed9e0743694932
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
97e6a7a657d212403b80f971b16d7852b31dee37438ca60257393625cbb27b7d
9922a5981b422da601817238d06f288a3b8048689c9bb753b42ae5b21e7e163a
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9d4e281396b31c49f11066c0b5b6b4df80952f7d9cbe8debd41777e06ddab070
a13b5fffcd8527c822c6cc11ab211033b1c9add31ee6a70609aa5119161f8daf
a29853274b6ee4adc581f3815812f00a5509c90c2473cc2e88c3828a37a033f4
a3ba10e614083832f41494e71b4c53bd738a88a9ffd6f9a0c785348ec389527c
a531521976e278e32d55e47f5985934a4828cf41b4b7514a42819d0b0cb3cb36
a5c55ed2115af67fceb3487697bf863e1941a1ebd7b21514f09c4707b53a7255
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aba0ac3c89011196a2c6b54d868991e18ffaf494c8e3afc97451be087b93770c
ac80d1bf983b7c19673e60d1206c21391bdae27980fa406bd8644751d763724d
acc86c4886ca5b8a51887ad2942d6756d6c15be95f82da9be827df1222903279
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b06b94621d35c4cb7f5137ffe27588d28e53da261707f6b68a1fba6524d97c43
b20c80b98442db393baf2f4a7a27d11ccd8eccb5ef656796bcb20f5480b2f94e
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b2869d8a2bd0b52da8584c48985b845ef95e24c4b5e98b42d16d3bdccf8eac7d
b2ae4939c77ae919faebf9e0f42fb98984809107435a802ab48ac989b203f423
b39aea8dc2deb42a2c652fc5fb90e300ba9deebf5fc259e2313d4f16cdc9cb9b
b484b3de3ea96eaf5bfe09afe35252f386b70013d95dedb588be7afac5ba975d
ba011d20047295b28eb39af6a22df057bd0e4d890f6996bf3c44e87bcb4a982d
ba8d24c717892abdadfefebcebc9f050279a6f2087e19709b6b7a049e9627c2b
bc585cec03d215bda454dac0412caeee014b7f18a5731d3677afe558d8686765
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
c00d6a8757381f6b77a39d613fb7d6637f8817509656319f23a0b24009b421c7
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c37d2d1bc47597799bbe117c6d432b5b13197e760866fdada9b7a92c8db1b05e
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c553ad35e85b349468f694adc168f2397178a686dce476b82c10d84c74d555c5
c5b7459909b3037a7ad699398d7fdc6de8f9006e27b72761c49531a12e98c02f
c62e9499807c10adf81eafac809bb8a5083a720d3940165028ad0e349ccb02d1
c68f71546926ba6c6b6434d89cc192707d5d1f8d6cae11a740fc2d2d1f5dfaf4
c71c726a8befcb1efdb4ba2862f9528d5582ceeb1bac426fb642f82b9b4e46e7
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c841fc7dbc4d2c138865ff729bfeac6d9e972dc1bf742490d283d4d2f32be918
cb30bdec55a5ce7a0f11b4d105128fbf152bc018220651f906affd4882e55bd3
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
cd4cdea426d84b873eb357eb7d6d7a3f2ba0e6b97805c01b5af56613f18750d6
d09cfee5f21ed7285b77fa6ee68aac9186a8cbbac9aee5b62cbfb79b780030ef
d36e05e1ed2d8560ff90082a397cf9057db5062f6d3503e66f6756134e45636b
ddda47b049ec774960fe39b5c0fca40c15abf80158daec17c8e29146d1d1c31e
e2aacd088aae6b79c9e25829ab0b3faed7edf3dd5b29f6a573ad0f7259491e14
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
e36eaa6e7cebbd4138dfb008ee3d53ab8195f45953b0f4f27d0d8156ab059021
e389b8cb9b17900d72c25f6ab99b0054b4726317c258ebbf3bc7c8fec4a1e2b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e52e193c7684009dc684b48156d4420c39458d9a2eb2f6dd462a3023f8ec4859
e79b9a5c41f27ccc04d48b2a997d13bcf3693ca52cb6ae60acca9673164f318e
eb40f7668f2e59a283cbdeb307cb18f914f708393f2991585922567878dd9f7d
ecb0cbc1ad10dcd1aed881a38538b9bd1184d73327919abc9ee35451fd21e526
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11176ec1e89f383eda7494955e5e92783c48dd138d0e4f3ace8c1314f9dc66f
f1f487a441b78d59cf250619c1d421ae8f3645b3640d47b94f550820b3804fc9
f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682
f4f9825d24a7764f6e2d4ba91718ab744a73f5fb4c879c319515d62d8f81ec9b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71e2cee6934851a889e5c9fada78139940a7d583a1510afe087dd033f43e6a0
f752e24e380963973c86376422b0618658de851a8b2011c69e394b787a1c593f
f7d9c8184937ff854afd6da2a3de3fc970ef1c2820795e44e932499540fe5832
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d00356859998784bda26e1d14f2d981515921b96ded50d5d6f6f0e75bac15c
fb8c6e1a25ff615023bc8260df0e2e803bab9f5990138c8300809e74209514ce
fda3035030d3843c2751dc0da65fb802230ec00a4008aeed83ddddc7b97cbc93
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
ffff710628094e3ce1fc7d2d3e10ad76550d0b4924af73d11cd9699c0c35bb89