closed--2024-spring--kinsmen.lotteries.dev Open in urlscan Pro
3.97.106.146  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4512244%26time%3D1718567072073%26url%3Dhttps%253A%252F%252Fclosed--2024-spring--kinsmen.lotteries.dev%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLfilIZSZYtdgAAAZAilHVav21j_BvXVrrTuElPjRRAGiN9cfLe8tYyeXDroulu9BmzpvCX62Eg

Request Chain 105

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&RedC=c.clarity.ms&MXFR=128340C446D962A0274E546442D96C22 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&MUID=2BD819DE8AF563170B640D7E8BDF62B8

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response closed--2024-spring--kinsmen.lotteries.dev/	82 KB 82 KB	1391ms 1003ms	Document text/html	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / PHP/8.0.30 Resource Hash b895222fa43ecf4331b62146fda5afc969a4f60d9ac5983bf3e92b8ea087072b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin *.lotteries.dev cache-control public, max-age=60, stale-while-revalidate=60 content-type text/html; charset=UTF-8 date Sun, 16 Jun 2024 19:44:27 GMT link <https://closed--2024-spring--kinsmen.lotteries.dev/wp-json/>; rel="https://api.w.org/" <https://closed--2024-spring--kinsmen.lotteries.dev/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://closed--2024-spring--kinsmen.lotteries.dev/>; rel=shortlink server nginx/1.21.3 strict-transport-security max-age=31536000 x-powered-by PHP/8.0.30
GET H2	200	style.min.css closed--2024-spring--kinsmen.lotteries.dev/wp/wp-includes/css/dist/block-library/	111 KB 111 KB	105ms 105ms	Stylesheet text/css	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:27 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:08 GMT server nginx/1.21.3 etag "1bae5-61aa15b897593" content-type text/css access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 113381
GET H2	200	frontend.css closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/	604 KB 605 KB	157ms 157ms	Stylesheet text/css	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 0443c649995b617c2da07de5875cc0715563406f90b47eff3f8f9abfce5a528e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:27 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:42 GMT server nginx/1.21.3 etag "96f55-61aa15d99b050" content-type text/css access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 618325
GET H3	200	Untitled-1.jpg kin-sask.lbcdn.io/uploads/2023/03/	10 KB 10 KB	555ms 209ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/03/Untitled-1.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec7eee6e9cf282dd80568bb8413e244a94bcbcb63546069a10cb0ad78fce40aa Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 7MHM6336WYS10FYA age 7888481 cf-polished origSize=13300 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 9799 x-amz-id-2 JUSRh1PUUoylqlF4mlR+qTGhyDdAkgqSyy4GQQAdW521HQ8xgwc3YOPAUS0Xdj9uEUlo6EI8/O4= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag "91a9c6b42f75daa09ff62484db44b571" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jNXZWc7Yb%2B6TZQ4LJ8UbzMXWomF2RJi0YML7GE7oX21k1dSzafAr%2Fy8H1KhJtY4si9DvPfIwpFzyZz5e7j5nOLlJ8Alzxd70LR7%2BAJj2lAI4WPr4msQ3QnZUxxDM57WACmSudEgP4hlqo7FF2nh%2B"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b6ec933ab60-YYZ
GET H3	200	Menu_590x430_GP.jpg kin-sask.lbcdn.io/uploads/2024/01/	236 KB 237 KB	447ms 110ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_GP.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b8520c98ba040004c5fde9ee49bca1ac24587d925ad49a5270d612269065d85 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:27 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 7MHZ1BHN2FQTV0DN age 7888480 cf-polished origSize=257307 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 241387 x-amz-id-2 Br+vOaCKkb/98jr/knzTU5vPESuOpRtnkavV8KmTFflGP3M8PYCt4d6MoqAgiiYQoIdsn4nqBKA= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "d89e16affc8185df5168759a413aa16e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uVY1FuwbIEMTRNShxo5UcpMHUVhN5PsZQPwCAZJ4oEoKEvIg0qHhhEY6S7TNMpz1HfleoDwwcO0qzFRs8bC0ogF9H5hOq%2BhIi6X10RfBuL9%2BfpDKR%2Fe9MVO1Th9WYHnx8gIWkkEihuStP5IyJcJz"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b6ec935ab60-YYZ
GET H3	200	Menu_590x430_EB.jpg kin-sask.lbcdn.io/uploads/2024/01/	214 KB 214 KB	395ms 395ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_EB.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0af313734cec37dbb158ca2448cad5cfeb36888c39c7e906a555636abe1293fb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id KM0VB1TCWMM7FGH6 age 4164177 cf-polished origSize=230833 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 218877 x-amz-id-2 ZujveCHnptUMkhk3P3xQ4vWO/Iav3TcfyVffnkU1KAPnb4MfYIhwHCrYj143XC6ki1k6HgQdavI= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "15407574e9808405d5b90996480f3257" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=inFpOt%2B1Jgf5WxGAHgpaodIwZe9uZfqhIISCpsmMns9aShnS%2B4DX36vCugSFCPze%2Brg8HAnYDsbxmybJXDXtpNptAX%2FaTc2hpAnJO5xqSYmOSmAinHr3ow4XFEvI8v2wta0hINmhJX0VZv5bx3j2"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b702ab0ab60-YYZ
GET H3	200	Menu_590x430_Bonus.jpg kin-sask.lbcdn.io/uploads/2024/01/	246 KB 247 KB	190ms 190ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Bonus.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f65c5d0f395c2d68015220a7ca64ecd148ce759c4a178dd92b2a3a2efa2911f1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id S5Z19GNJ2E161FRX age 5129146 cf-polished origSize=268167 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 252271 x-amz-id-2 eyuw0Swwyuzt41QRneUXhuW/uyZgOMH5FkVZVA+OWlDUYpqmz/YhZm+tx13dQmqhDUw6YZG8JCw= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "332a2b2c10587dfca0b12456829ef2d2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JYHN6lWQFoKamxxQmKEOBXH%2FQV0MNaIqIUYQy6N9Z5TRVJGAJ8E0ywIyCt7yCb780czIX04%2FRsCeHbnHS1TqTXLIoEXJqJJSm79N%2BXYjMvH82yfvoZtUGP66OAq2ji%2FduSXA5%2B0M%2BwCdjrMPL0Gq"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b720c18ab60-YYZ
GET H3	200	Menu_590x430_VIP.jpg kin-sask.lbcdn.io/uploads/2024/01/	182 KB 182 KB	198ms 197ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_VIP.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8c962f79dc4ce4bc429ed42f64e36621247e13b80d35705a33a39dbed97a569d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id BK1F5RYTRNPZYDY6 age 7873761 cf-polished origSize=200487 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 186018 x-amz-id-2 +P2ju3+qaaAm1ipCPt/dyyjG+qcpyORkkILGVKyv4Q+wRyPwUGkspDAqRQN0MF+WVXQwOCQsFP4= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "80e7c2af47677c2c426801de1c26a498" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7RwLsVcqsVjKl7TC1M8vkQVAHFe9Av3u990yjtJX0j1QrLmo9ByGQoLIFfyCIBolpXJUtVuCb4Djr78KwBUYLe%2Beys2ZNvdX5an4HHbG8aSYhOBkmIfKgNxi%2FV4yPWma78Dj7gdxVaXomcpq8bM"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b720c1bab60-YYZ
GET H3	200	Menu_590x430_Vacation.jpg kin-sask.lbcdn.io/uploads/2024/01/	304 KB 305 KB	133ms 132ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Vacation.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4783eaccd7a80a58ad310f9cebad6c8c8d3d0f05a19c66c87de2150ddf2b14d0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id BK15R9DA8F4A2V97 age 7873761 cf-polished origSize=331960 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 311598 x-amz-id-2 PdHQ9LEVK5QyPW+rSil57we16EkK2aoLPKVDE5i4F8rwocrF/YR9MZQpqKO9DBB7FVCCBlioCK0= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "787083315d281443b492bc995759650c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmzVPHy%2BIJpwBuLsaMNgSWDKR6XsbtqxAd4TzMW5IGze%2BEktGZRj0wcKtZuYuefKoTxuJ7uPuGtugUAQXd95jeVt4cjIlGH0ttGf4nUshNa%2FR7FPDCCJfHJpN0whlzidnJvfOpqc22AwX4R5ZbkQ"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c76ab60-YYZ
GET H3	200	Menu_590x430_LivingLocal.jpg kin-sask.lbcdn.io/uploads/2024/01/	150 KB 151 KB	132ms 131ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_LivingLocal.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash beb54f2a7594eaa6c2c05c32502368ba036c3f1de2a94a2e62c634e908321b7a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id NYKZP5P8C02J8MMY age 4161941 cf-polished origSize=163684 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 153467 x-amz-id-2 wiqb97nvS6J0J/HPnMpcLErEQe1W4hu9ujKNAXNE/ZV9V+692V/gzeMQPOQ2IfCINnrstdwjm1I= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "042bc57c2c71e5cecfb9d76dc5c1f978" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dIr%2FcHGj3b6TH8khgUr0ExUm0oIClkHIaVxjKG3QE2pcYHWRuL%2FVl2HMQBSczINlXwEeSBZP5s3S3pn5gZPBAhCfpB%2FaDFE9vkr4k5TYnG3xbxWHqmPVr7%2ByvqKMlpMT8oRf9ZZasglaA9o1%2BbR5"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c73ab60-YYZ
GET H2	200	css fonts.googleapis.com/	4 KB 874 B	610ms 193ms	Stylesheet text/css	2607:f8b0:400d:c0c::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 16 Jun 2024 19:44:28 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 16 Jun 2024 19:14:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 16 Jun 2024 19:44:28 GMT
GET H3	200	Menu_5050AddOn_590x430.jpg kin-sask.lbcdn.io/uploads/2023/02/	141 KB 142 KB	134ms 133ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/02/Menu_5050AddOn_590x430.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3947e0f7f76bb6322c20f756c603ff2ef98e4db2a3b0097ae5febcaeb923f6a4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CAXFEYF4SD7RP7F6 age 7641454 cf-polished origSize=151686 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 144205 x-amz-id-2 tfpfjYi3xlMxV/6NSgCx5qnW4iC0wIZD0Wjdqm8If9FWaoH+fLlatYa15WEiEKwj8Jo3ZI/1hSo= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag "0ca27cbc6ef396e6106b849eaa2574dd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyp%2FKHRZ%2BJk%2BKiPJhcE%2BKPlq9EFF1o1rWLww7H7RUiGNvw1wtI%2B7WtpvcIMkxCeXqjDqtwxIQP%2BdxrrN%2FW3rGHnQU6jw3cr7v4qIjoQrU1pofD7P2N%2BHaAomdXZBDA%2F1w79lII4V2i2G0UcagJ2F"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c78ab60-YYZ
GET H3	200	Menu_CashCalendar_590x430.jpg kin-sask.lbcdn.io/uploads/2023/02/	143 KB 144 KB	121ms 121ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/02/Menu_CashCalendar_590x430.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb840e8c0ff6abbd1a8f8caf2cfa8a3c8cdac054b1e2767368da977f475ff0e6 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6TQPK6HW1GAD64VD age 3070701 cf-polished origSize=155085 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 146696 x-amz-id-2 WIsPqVYvPAJXRLhXuZDTDQ1UopufvFhLQWJDCOmux56KUxk54JwD6hqXFWdesD+mhno8R7pvimA= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag "d2a858da06585713d6d9d8b49fb96dc9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2FR8pwUFyee78CzXxf5flQaObDi0IlW2SaBX35AoE5JdAd3odS2F3EVGfHjXL2pi3QbNO6P7AFKqnEV9ExfbUvCTDWAMJkoB%2FUELG1ScWz9otz9LBULhXLtfdVkL3O%2FtUBu4mxKPpxG6%2FDkJ8fJh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c71ab60-YYZ
GET H3	200	Menu_590x430_Proceed.jpg kin-sask.lbcdn.io/uploads/2024/01/	253 KB 254 KB	450ms 450ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Proceed.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c968aaf215c0bdbd44f227ffd2156498680421921bca50b6b3faa645eec030e4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id R06CP5S8WCPPS7V7 age 2886084 cf-polished origSize=276321 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 259066 x-amz-id-2 6N7fb9IAerygmXL4iu8avagFPEpc6BMOtFsXVSdhUAPLlyLeGaM2pizsNgvbMHsPIAWgsfQVyr22Og7gK7JP+OqP9/Bmzjp6 cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "a3f437dc655ec5e97ec9458f7254d77d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CgRNwTUgXAoFUl5bpBgotTCxWIZ%2FCAyo9IcZzOY6RE9cGJ5lN4t8hxmMX9VVr5to8MWb338FV4fPNSQmfmcqIEMDeXJwnQYT30VvK1HnbUcuEYSYGifZDUWS5F4daK3E0OhmK4sg2awKcdp2VQLc"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c7aab60-YYZ
GET H3	200	Menu_Proceeds_590x430.jpg kin-sask.lbcdn.io/uploads/2023/02/	244 KB 245 KB	210ms 210ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/02/Menu_Proceeds_590x430.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 884984c56b473f2fc3430a92fca4779015290b3cfd9edccb5117890e5d2ba71f Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id X4APWKX2F5EBZZ52 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 250075 x-amz-id-2 IbfQHqXJRjgkOFRX9COIp2gPFE4uivzQpY8pwXCT2huZsjqaC3ruV3Fce2H66Xk1cmHl9naIfRk= last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag "a18de5d84d1ce366a69d48afd7758f21" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2Ax71sdmECDEKJZx8N4PsQt2H4QPAEaQDcwtAAFBdU3dG3jZ632VMVegHNHeCUE9Q7gPAS%2FThRuACDA61ngmrFsz%2BMLRoDovssFeiydHsex7ravOcGKNLGcV6EPwkd7SjiUcmpr7jcQ5o4vvgwE"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c6fab60-YYZ
GET H3	200	Kinsmenclub-logo_silver_150x150.png kin-sask.lbcdn.io/uploads/2023/02/	22 KB 23 KB	121ms 120ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/02/Kinsmenclub-logo_silver_150x150.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86e6eebbdf495a89aef0a64c368757d101de2d6d892b0984fd9d01f6b2864331 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id XN1K8YD7X6HDHREX age 2579432 cf-polished origFmt=png, origSize=32525 x-amz-server-side-encryption AES256 content-disposition inline; filename="Kinsmenclub-logo_silver_150x150.webp" alt-svc h3=":443"; ma=86400 content-length 22836 x-amz-id-2 QASwhX4cVaIScPE3T+aWGuUL39+Ab6yni1yew01ze9ZfBgWE6C4OwXb3nrMzD5FlhyIRi0UxToc= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag "5ca197e5de317882afd7e51c3a072997" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LJZtlDeFqo8LFLfO%2BYRVl4OE7YHVd4XrxWFk0MC0%2BiJFmu5M86L9ZtLCi7iBUPVxXDTW8RNoyEMVajW3xHrnaszBx8p%2F%2B%2F93kikn0q7Ct59XSOjYTUk1CD%2Brc4Qx9%2FZEyxd0nn7KS2Q0Z1jl9KKn"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b728c6dab60-YYZ
GET H3	200	018-Kinsmen-HL-2024.jpg kin-sask.lbcdn.io/uploads/2024/03/	528 KB 529 KB	112ms 111ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/03/018-Kinsmen-HL-2024.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cae70990bbbc74ed94ef0e3e98a26f13e926edb0b4080b9990c3bef4fab11200 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PC0453BJDEPHW7QY age 4678452 cf-polished origSize=618625 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 540751 x-amz-id-2 +5AfTYJbAYmbGb8eTp6fVVrOl7eMpL1PlZ9+1pwQ2Zda4h4s9GtIoXL4/H2SXKCU2MnEFn+lJdsQMcc94YYAOvaqHFboP9CI cf-bgj imgq:100,h2pri last-modified Wed, 27 Mar 2024 16:33:01 GMT server cloudflare etag "55521aa8da9d92ae7613d74a9a91aa50" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WkUWzDFvASPQSxe1M98C5lNB%2FR3epX%2FCCI8wBvBvHR1QaIU2Ix0hVGH6Y6zkEB9KJrcyt4mVw3ocl1WMJuZLgHEEMyEULztZPKjgxgal8p7vyh7aSHv3%2FLt53RqBe4PLAT%2FwrByoNQxLX3iI5inn"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b75feefab60-YYZ
GET H3	200	Mavrik_Logo_Pantone_234.svg kin-sask.lbcdn.io/uploads/2023/02/	2 KB 1 KB	347ms 346ms	Image image/svg+xml	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/02/Mavrik_Logo_Pantone_234.svg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1950ba755c2fea6c6462d9861eac5d20d569ccd907d246267e0978361f4c8c4 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id P26JX0PDC0306MC2 age 220859 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 lK3JtmU53QaI3C8AjDxn4Tzr/LROXcuDWn8otMbvGtI3pcLk6ngikuCisVRwlZejTDwoSWgxJlM= last-modified Fri, 08 Mar 2024 04:57:16 GMT server cloudflare etag W/"bb5750856313b4c51b7f8567f1b2af30" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Zm1HnuBnOKc9o1I5ABND%2B8SUWyPEB%2F%2FPTobGbEvmBti9JXppKQZJOQlp7xCy3dnQJ6ukvFDCJ6ekYI1HbkgMX6A%2BUngTMMPeNAp4lld7Di75aYu6sfO46p89g9gyyitoB3RGw46s1hZyOLj%2F1ly"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml access-control-allow-origin * cf-ray 894d4b760efbab60-YYZ
GET H3	200	aodbt-logo_white-e1711485019391.png kin-sask.lbcdn.io/uploads/2024/03/	4 KB 4 KB	279ms 279ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/03/aodbt-logo_white-e1711485019391.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a9d1409a6aca327dd838db9cdbab7d6a5c49424d87423f73ae92f4f357470f22 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 3YQFAF7XZY06JCEX age 2670729 cf-polished origFmt=png, origSize=6000 x-amz-server-side-encryption AES256 content-disposition inline; filename="aodbt-logo_white-e1711485019391.webp" alt-svc h3=":443"; ma=86400 content-length 3834 x-amz-id-2 r24+m95r3owEYc5ovD0wLdp6EprBHhjI0bv0eNSrtUJ/RW0A7gXYK/bTM+czpldD2sz4GYPvy4qYh0wFKYMTesXHQj+oMoUR cf-bgj imgq:100,h2pri last-modified Tue, 26 Mar 2024 20:30:20 GMT server cloudflare etag "a95c9e5a375229849a838eb769c0224a" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9aVHThTi3WjKot0wl%2Fh8vwt5WFIufNJyxbzypaU64BOCBSiGl9iSBg6phw3rP25urF0VDc9Z899xudmqZawVfrS9ysdJ58iNC%2FWDOFuuGezWHfifVKPyarf1%2FhZ4FkpJJvvOwvqyq2BGOb2scWPo"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b767f62ab60-YYZ
GET H3	200	EB_1100x1100.jpg kin-sask.lbcdn.io/uploads/2023/12/	767 KB 767 KB	280ms 280ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/EB_1100x1100.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6677f982122c3572c48ee15b3509c791f40ff5dba40f833a9ddb1815a94eb9e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GVX4892BJ7F76HPH age 7873751 cf-polished origSize=844387 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 784949 x-amz-id-2 vm1RuKqi8FFkUVIXF5++LJiuJYlYZDqSooTE+m/CcUZvWweSCbNwzWaysr8+0wtYBVDOuwaULMY= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "c3a8da6731d5dcc2436db8bbfae72ac5" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VKjosVAhSwcquuEk2MgH6iIFIMURr%2Fm3FZNEehIsv7fLzoOw28GUfdaOSfLy68hIcdw%2FCqZA5EVJLeYgxX%2BeR2cOIvHBUos1d5csZ7zIimTCX3eX1%2BWL6i6QbaZylcfii8vZJIi7ZNBi8lewKT%2F3"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b767f63ab60-YYZ
GET H3	200	Bonus_1100x1100_1.jpg kin-sask.lbcdn.io/uploads/2024/01/	828 KB 829 KB	604ms 603ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_1.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 942b8c62b588d243ee028c33aeaf1bf99ae61665ecefa87de162c1fd717d081e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 62BV59KN85GNN37B age 3070701 cf-polished origSize=919091 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 847785 x-amz-id-2 sUf03Dqw0adojjSQNlzGxY6YR2+cdYePkgBibFAZCPc5DGIqv3CYjTHgL5nYxV2aUXt3jq0lHZk= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "19dd0dc8813c589bb07c8bd2eea23943" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6k85DSteT%2FUPMXvMAunt94AeA7p3Ss%2Fb6d0QrbVoMJ3G%2FvXfyYX0D3dl76FY0ne3rKa5fXVIodJ8ZxPX19wgrcwkAIH%2F%2Bb2QzBlreWum0B6md0KkqlFyCrMJY2MXlpH7hNxi8PQBvlNWgppB%2BRp"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b767f64ab60-YYZ
GET H3	200	pexels-allphoto-bangkok-5279020-1920x1280.jpg kin-sask.lbcdn.io/uploads/2024/02/	577 KB 578 KB	912ms 911ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/02/pexels-allphoto-bangkok-5279020-1920x1280.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 98f1d5d8ac732e6f478ed3eb43c58e5fbad231dd49b393787dbc1bd9aeaaeda3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id XQZYS32J58FVNWD4 age 7873747 cf-polished origSize=625210 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 590799 x-amz-id-2 cDoPxVJ6MTaZZWjGjT3ICbw1Ugj3Cw/bupdjV4HpG/8B0fG8+PEErZk5ZD97uXlCaRXhfsoUEQU= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "762fe497a0fbd40678236066eb171a89" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FFYR2ksSErCB6vHQrVoTWsH9jWwgCrcoT7vK5UDZ%2BOMpsg3U7FjGZ6xZG8p%2F1TGBhSAm9zlKdx6ShntLqyiclDX2lTEso%2BHX251J7YaRip%2FTntgtzyZDx6vKDRX5ojU7iUWIp7LLiAX2zCqaBReO"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b769f6eab60-YYZ
GET H3	200	Bonus_1100x1100_3.jpg kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	1117ms 1117ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_3.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe8676e3b57dedc21c850ed016c4ded24218b6c058bd0e83a7398cfe95df48e8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9MBH63VXWA1XXP age 4164176 cf-polished origSize=1326478 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1228681 x-amz-id-2 HjqMMByLcnntlvv6iDFfGeCWtWKCzIA15fl9BGXt4hRC+o1XmMOVH3lt0F0ysGAIUoeDZ5jUEYk= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "992805daa16060da04767873f21d73fc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7XRBqMDQgHhq14nrxqDjWNL%2FaPj3nAdhhV5XHQCTcDQGjpMglCGF%2BEiBbTg5dMg2b%2FIBSaVtDQoQyOMeJ%2BpfOonNEFweiTtas8RSbajJ6urZbOkARI1vpW0vGsAx0mnLYFs5s9dAYKj7XqS6YxXh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b769f70ab60-YYZ
GET H3	200	Bonus_1100x1100_5.jpg kin-sask.lbcdn.io/uploads/2024/01/	845 KB 845 KB	1554ms 1553ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_5.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 334c12d789f0977761b887fe46fa1ce708f5c1f743d857f0dbd49c93a9909d60 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CVB309S2TEV9ME01 age 4441383 cf-polished origSize=935869 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 864787 x-amz-id-2 kDK8/KISe6m1Xs4beactOPU1JWMoPMbNcBxslzcoepsgkPeVydJ5qdFdNs5TXf+rPybYcP4PJgQ= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "da901034e88451e46244b0ed811e3d1e" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yIKqmHcLjCTEwT1dJUazJO5e4xZpH%2BajbPq86aUeyPOP1GIXT3KDSIW9n4PCgGCCXuYvw7KZJ8fWwa5ctvp6Yw2tVhKEAoSbftICS9rOOdlPKMrS62lkRS9cccRhOP7J2nMRheER7FUpwtJmAZQU"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b76af7eab60-YYZ
GET H3	200	Bonus_1100x1100_2.jpg kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	1606ms 1604ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_2.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 079d916eecafa01f34c24e24bedd5f04e87cd0606835cf96570f6e4de371c5ea Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9ZXTQ7XDG4XCRQ age 4164176 cf-polished origSize=1410218 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1309765 x-amz-id-2 RZdJJDdS366g7RLHJFdCAqMZCUkz/DfyFnNP7qFXCl0eslbHzx/SXIUt7CcY1FqNlThVYhky+8I= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "8f84da08b9ec5b077328a1c2e4efe3e7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JVu3csT1psJ6NJQypfCdTHUCOq1XGp%2Fo0loYdoJBC21K3x%2BM6ibyNmN46i%2FdLFlx4qjkY3vwH3CRiaDIml4Lwqp0bCWMhLxOV0zEmYNMHPYdDdvinPDwtkR%2Bt%2FxgHG44PxjanUkuGWVSyo4hM4sb"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7838b7ab60-YYZ
GET H3	200	Bonus_1100x1100_4.jpg kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	2055ms 2055ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_4.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 495cfd8dd949004bfb9bc7c30681437797e179edd732c6721c9b8eab42c373ad Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9MSP1JA0EBE671 age 4164176 cf-polished origSize=1463127 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1351986 x-amz-id-2 6p+S5fq3Zfpv+qlb2ldXBzW3baL/SPevO9LTHA+D9q9hkWxcgemgjJMcO2tzsULJR9So7+OD8XA= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "d3f791332b0aa48f574c27dc65079aeb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0hUQjTAmvOt3gl9MKSaHmAmnJ0717RGI1ULZVS3WAaEV%2F8Jj5yPx5ytrGJTH9TAXVujA26GKvQGg%2FobpXjFxYlKPN6bNz4kcXkvEej42L7IEQVM%2F26B23oY%2B2h8gRYttK3BgwDKA0iixn%2Fn6TRA"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7838bbab60-YYZ
GET H3	200	Bonus_1100x1100_6.jpg kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	2502ms 2502ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_6.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash db5fd3a72b827b71665940751ac7359cecba82ce412af174b29674c01478b536 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 6TBVEN7B6C8TB81P age 5471326 cf-polished origSize=1563360 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1451005 x-amz-id-2 1I+CLrCHGrGodZHs4zvb753TxVnnDpdFPBXmb05rcHn8snhX2aQEb5CB8/AGSFWmv/QD5D7byrg= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "b7a836f0cac143eace9189f62e8ccd1a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbhEgfSngmgx8FiiQsYU8rswh%2BoUkh5G4DbqiLjepfKQytWeQ8uCFJahlOENAHzcflbQeCHe0z%2FZWkjj4wJjH5l27%2FJnR7r2tLN36B32eeIMrfmGnW3s5Rsk4tBV5r%2Ba04wCB3JQpVdwvqTRHIlZ"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7838bcab60-YYZ
GET H3	200	Bonus_1100x1100_7.jpg kin-sask.lbcdn.io/uploads/2024/01/	698 KB 699 KB	2703ms 2702ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_7.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash daba10de1d120438e30267b1a471fae110450104232d4abea93232ed1c6d4a51 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GDYE5PWXQF6JBNCF age 4159999 cf-polished origSize=770734 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 714844 x-amz-id-2 AMI0HZbdzNfV9+5NOH7HIR6B+7wrm9tVBOdfG2hnoSjf59bI4xdRLc1CQMKw/La1SsPwH7G87sm5dYVD/76yIwPRr3UjtZW+ cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "398c9d028d64e0b96e78526752e73de1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PNHcj%2BNQ018niDpFEZqp97VBkv62N7H1hezo%2FdpPNQzcoa2KCB8HJr45ve9%2FRuGpL9DRUeln%2Bu3gGYl%2F1PWjF9a1a4ysmZhc1kuyKRFvbly2mqzMcxbPmuHJXBZU%2BUJMm%2FRCO1us9A1VYRYyw8ty"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7a4aa3ab60-YYZ
GET H3	200	VIP_1100x1100_1.png kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	2625ms 2624ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_1.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc7147ee34940deddfbe4547b18f5f03603be7606fc152b303788de874dd5683 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1VJEH63C175XD40Y age 861867 cf-polished origFmt=png, origSize=1676081 x-amz-server-side-encryption AES256 content-disposition inline; filename="VIP_1100x1100_1.webp" alt-svc h3=":443"; ma=86400 content-length 1228030 x-amz-id-2 u6vAIFPVCGDTAfYOTBIFN83/ikHfz51uJVf3Ds6hcDpv5UCwJiGD8EvjN+AhWxLtg3wG2t1k9UA= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "86583262f1456403deef4e970cb796c9" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cRLvCITmSeskxjjKlSxnnMvYZ5uymhiLr8gBDtqT70Tv%2F2k4P57bQKPM0C%2B68ewMsT%2FgIzyxjnuK5gp332qaN0WTDSe5nTVbWcGlI3T%2FL%2Bdbatd0QyepDRIMuXETZZPADSeJmWv3AmDiOhClrSnl"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7c4c4bab60-YYZ
GET H3	200	VIP_1100x1100_2.png kin-sask.lbcdn.io/uploads/2024/01/	2 MB 2 MB	2820ms 2820ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_2.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 005d43f83fc7ae4d9c97c692ae2f5d0a764d36b6695c93fd1755a45d2c9b4170 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id SQNQQTYQECNFW6D8 age 869500 cf-polished origFmt=png, origSize=2365892 x-amz-server-side-encryption AES256 content-disposition inline; filename="VIP_1100x1100_2.webp" alt-svc h3=":443"; ma=86400 content-length 1951046 x-amz-id-2 Zzi0mYlOwY6JODieF04YeBf1R8MXirzoxLmm1++Pv7oWOdHgTTxoNTmWpTZGITnK8ExxhMT6Ryk= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "7f5a407659669a168752bde05ed30482" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNt%2ByyYZd99iFz6iKO51kbuDi4bUSLR8STRehIcC5Z0inHJq7oCV4SNNGygdt%2Bv%2FmpIQCewL3zbJTXirKRycsrlWgwqU77gbr3LZh1I4EQcoFNH1IM1uPQJGCYfImIU9e4OwnnG49j6X6HXRJS3m"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7d8d5aab60-YYZ
GET H3	200	VIP_1100x1100_3.png kin-sask.lbcdn.io/uploads/2024/01/	2 MB 2 MB	3317ms 3314ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_3.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d78761b67265b76888cc8f31309b1b56d13748d0a48076dd9b4ba418abcf697e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 5J890RH003QXBSK3 age 211318 cf-polished origFmt=png, origSize=2412036 x-amz-server-side-encryption AES256 content-disposition inline; filename="VIP_1100x1100_3.webp" alt-svc h3=":443"; ma=86400 content-length 1780378 x-amz-id-2 DDrAgmGbNeLc4YUIYAtx5MYm69o1Cxr+UT1GSAi7x74pcO3oV9jA7u1WMEPNd34vxYz+qx+15imO7FmJUV3DL3NcKovDsOhb cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "9146bd121f890b25603c8362f4da25d0" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMfuFxLvRwbv%2FUqK2bF%2FxhaTl6MrTDRd%2FMkSlAuKW9EUv0PPOXa4d74CJPaD%2FlOGvlXREMKjyf1fx%2BrfuYPCI%2FLnzCvYNdlWZ4BLWhBfMhXw4VEpOLgCGnaoPSuecfdN%2FJoR0Y%2BOAo5kpt6ldmry"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e69ab60-YYZ
GET H3	200	VIP_1100x1100_4.png kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	3922ms 3919ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_4.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ce7675c8ed7fc58ff63c22533ed8cc5b8c719ceeb3e5ef07e297c9f95f1993d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 8Q47JEZEFBRQNGVJ age 1039121 cf-polished origFmt=png, origSize=1690509 x-amz-server-side-encryption AES256 content-disposition inline; filename="VIP_1100x1100_4.webp" alt-svc h3=":443"; ma=86400 content-length 1241000 x-amz-id-2 peBZm6IBHaniP+++1/bxKuJLMFXQOgeUDWoaCTv9wUEOi61cp2ijA7MtstaKtdGK2Pv4RN1FpNU= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "c55fa023146418ed87bc166f07b4db3c" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=go%2FOi3jTMD9q2NX8pYXWbEGJC2IThHGdWuG3hcQ9DFKhyx5%2BYCLvFdk42EvUaul3yIDcteK1PL%2BS7dsoe4AafjIxnmJks8ZVDTTsyFproUrLP9OsB8OxD5qRQmYaW19k1DLIMl5uAH8SIzlCquJQ"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e6bab60-YYZ
GET H3	200	el-retiro-park-5048966_1920-e1707773856702.jpg kin-sask.lbcdn.io/uploads/2024/02/	235 KB 236 KB	4383ms 4381ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/02/el-retiro-park-5048966_1920-e1707773856702.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3046569356f90123a019ed0fff2c1f3e7df447fb105a84cad1bf4c0709e33f23 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 2HCEWZE54WYPY5SX age 7873746 cf-polished origSize=251801 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 240468 x-amz-id-2 0MeMAK6lTECZX+Ry4pwKNfb9Ch73WZja8/KOpCAVYEvR+2SIz43Wa42FvH1yJOANoVyg8+uSVIY= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "403f4c20fef75089214a726e31e12477" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QmQ91Ae%2BKLDUxnHzsSUTyNuQioHrMGTNJ8tMUGrSMa%2F%2FDuPehRE02YG%2F5RRwjhGfyNx%2F%2B1vn3jyMuyAzG8MiuyiEDOuvs6ePag3uqJ0at68pm61ErzaQAeH6QMm%2Bq57ybJifuHvtZPXt2cekD0OR"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e6cab60-YYZ
GET H3	200	AddOn_100Days_1100x1100.jpg kin-sask.lbcdn.io/uploads/2023/12/	464 KB 465 KB	4495ms 4493ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/AddOn_100Days_1100x1100.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 741255da0b37252b6f3636daf63bbfbebb3d5f4514f3b5ec300ff0ebb5cd0723 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 2HC2FNVB6J27DEZQ age 7873746 cf-polished origSize=514232 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 475266 x-amz-id-2 ueX6dFlSePLEbywimq1G+EEaWxnEi+9bUiMNJzhaZUcUfo/9eLD8JL1oMFR+7T62poezDCz+VGo= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "0a20e9ec89ad9bb5260d84265b81c52a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5w7epC8kE3GEcvgMxafV2E9UoNXCCbDvYHUgBe%2BQGmOHU4TU1qXrsgE5zmgvWDwnw7bQ2PieKbNl0smnJVqwkMsBKvYk0Xp%2BtGxBheffxRYoz%2FbGU8RyCMeCfet4eyhNHdkyqHqgoZnsrvHfWA%2F0"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e6eab60-YYZ
GET H3	200	5050_LRG.png kin-sask.lbcdn.io/uploads/2021/02/	73 KB 74 KB	4612ms 4610ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2021/02/5050_LRG.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3788b0a961dacabdc7486e838aab2a42d6d1edca3a5ee774310345b643dc1454 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CRVMAW01NA62PDHN age 257196 cf-polished origFmt=png, origSize=138640 x-amz-server-side-encryption AES256 content-disposition inline; filename="5050_LRG.webp" alt-svc h3=":443"; ma=86400 content-length 74810 x-amz-id-2 bVoQdliZnFUTZPva5lJ940voNxx/Cl5FXr4Pacy4d7wyBYELFjMeGaFIhcV+NKWyfh8W71xmn0E= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:10 GMT server cloudflare etag "9cf1d03504dcc13622ff4f0149eff25d" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYbVFsrI8iinLf0hfDAlwuOAgWF7jST39vvIxRzBZRYVJzP32RmBGf%2FRb1RGRLq3TJaVwyz3eU7Yk6uL2La9QUdZUdpGcfeMcsCcB5lYCzfcM0s%2BhqWqtmBPp9lWRsY2ljaoRzrYCx05O5Z4JWBH"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e6fab60-YYZ
GET H3	200	Proceeds_960x600.png kin-sask.lbcdn.io/uploads/2024/01/	715 KB 716 KB	4671ms 4668ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Proceeds_960x600.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b44e4dfeba237d1a58dd8c8b726cc819fa4bce3665b63731cd7dcdafdc64b2c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 9HPBWWM2Z1VSRMXK age 1458436 cf-polished origFmt=png, origSize=991433 x-amz-server-side-encryption AES256 content-disposition inline; filename="Proceeds_960x600.webp" alt-svc h3=":443"; ma=86400 content-length 731984 x-amz-id-2 9//wU62X9+PuqSJBxBgOpi521eiuTOKrhBZJ+FJP6+AwCd2rIMlJgs8O7unPJALnYEyTVO+9WdE= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "fa2d962a2f6b2f4e00a1f7d4ac32ccc2" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZtRA0gMnpC0PZt4PnJlEps%2F0h96d4%2BrNdIT3fFrRq%2Fu2YUw79ZSEW2VBj8M5klXO2kcokc8JjS6uRRZ%2FSpvRWG34D99U82pW6QMOWCn4akP5yn%2BKYwE7qERVbsm8c44zdUi08HBGnslKC77utr%2Bd"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e70ab60-YYZ
GET H3	200	Kinsmenclub-logo_silver-3.png kin-sask.lbcdn.io/uploads/2022/02/	19 KB 20 KB	4916ms 4913ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2022/02/Kinsmenclub-logo_silver-3.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ddc51179ebc0c67948a0e9240143f0924a40702d0d6dbdd2727f70e7472b85d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id ZKR1A3VK4H9S8W1F age 3345183 cf-polished origFmt=png, origSize=28864 x-amz-server-side-encryption AES256 content-disposition inline; filename="Kinsmenclub-logo_silver-3.webp" alt-svc h3=":443"; ma=86400 content-length 19806 x-amz-id-2 E5t4y8ZU89IbQe+BkUQYL8Z9p09BGeACtKqWL63iAoweLLjw9UDrdGsQBrxfNfiAqdBKYJ3BagU= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:11 GMT server cloudflare etag "738d0d0fa6af40bcf06c8779eb9bb187" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCTJ86Zz%2BPzMPaNzpeTnpvDNNdwuSfY%2F5eFqT8XcKJSDSUyIaWvNFYa4LodBW0Lk4B1o5rxQYC5D7I1lmNCe5VfX%2FI06xg9Nn4KgOdyaTaw%2BY9AnVjLVNnpvi8VYfR4c3inpNQ0E9EBFKfaKHCr6"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e72ab60-YYZ
GET H2	200	marketing.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/	3 KB 3 KB	90ms 86ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/marketing.js?ver=1718130185 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 63e8e6c2c236f21bf86bdb0ed108e9fca92fff0b59e38e741d16f70d079302bc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "c9d-61aa15b613ca8" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 3229
GET H2	200	css-vars-ponyfill.min.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/	22 KB 22 KB	104ms 100ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/css-vars-ponyfill.min.js?ver=1718130185 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash cc8fe4bafda198888cee94aaec0b60eba38ba314ad5322edc0ced0eafd1f3d4c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "5824-61aa15b613ca8" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 22564
GET H2	200	url-search-params-polyfill.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/	10 KB 11 KB	104ms 101ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/url-search-params-polyfill.js?ver=1718130185 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 3046a401620fe57641120b7f4f2a48224b8b08cc397d4ab0f7b18b2703629a7a Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "292c-61aa15b613ca8" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 10540
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	461ms 98ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js?ver=6.5.3 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 4423249 x-cache HIT, HIT content-length 30875 x-served-by cache-lga21931-LGA, cache-yyz4569-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1718567069.853254,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 4, 336266
GET H2	200	select2.min.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/select2/js/	71 KB 72 KB	85ms 85ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/select2/js/select2.min.js?ver=1718130209 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:29 GMT server nginx/1.21.3 etag "11dcb-61aa15cc98764" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 73163
GET H2	200	luxon.min.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/luxon/	71 KB 71 KB	86ms 85ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/luxon/luxon.min.js?ver=1718130208 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 12a0e76be278fc3380973e6ea34c2b711b203ad47370e2521076dd18085913c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:28 GMT server nginx/1.21.3 etag "11c7f-61aa15cc12ac2" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 72831
GET H2	200	swiper-bundle.min.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/swiper/	136 KB 137 KB	97ms 97ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/swiper/swiper-bundle.min.js?ver=1718130209 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 35c067e6fac4f78cceb0eafa5df0ea101bb3e4cb417afa110b63679d7100bf40 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:29 GMT server nginx/1.21.3 etag "221b0-61aa15cd147c6" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 139696
GET H2	200	main.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/	112 KB 112 KB	91ms 90ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/main.js?ver=1718130185 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 4a688bf1810803a2fbcd5ac53109ec0072d40fc2b34a1c34998a9a7f12b9f83e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "1beee-61aa15b613ca8" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 114414
GET H2	200	map.js Show response closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/blocks-frontend/	4 KB 4 KB	97ms 96ms	Script text/javascript	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/blocks-frontend/map.js?ver=1718130185 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 6e3ba84c452291c0838ca8be9b953fd72db9cf1a374ad2a5327f88a234db2657 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:29 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "10b6-61aa15b612d08" content-type text/javascript access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 4278
GET H2	200	gtm.js Show response s2s.kinsmenhomelottery.com/	303 KB 94 KB	792ms 243ms	Script application/javascript	2600:1901:0:7cd2:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7cd2:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash d89521077b6d2b2e4fbcaf0b7e50de73ba5e3e6d7a205b671f23b79c6e3b3db9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control x-xss-protection 0 expires Sun, 16 Jun 2024 19:44:31 GMT
GET H3	200	Vacation_NiagaraFalls.png kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	4921ms 4918ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_NiagaraFalls.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7655af0c14008fc0322880daf1db0cb7b7a6163a43033976e54cc9af6db16911 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id H4M1CDXQ04R3TYNS age 1982980 cf-polished origFmt=png, origSize=2005399 x-amz-server-side-encryption AES256 content-disposition inline; filename="Vacation_NiagaraFalls.webp" alt-svc h3=":443"; ma=86400 content-length 1330850 x-amz-id-2 qfm+sdf3/BUwWSUZ20DnfVdP9vKq9L4iWZ8kHTWbqSjTmNHCELD+roauIbAVi2qc4C6EPW0kCQw= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "6ef8eb596871e209c74fbc77fe43dcb1" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7QJkDlNhaWchM95NcQmge%2FRiJfg1S9JDT%2BfT8feAUHUHabhDCbe3tQrKcPs1ySWDe3lPsE7ccdr6p7UWoJb8nw6AlltnyNPc0J9z%2FZ9ZzAniecI5IjyXCstM%2F%2F%2BNI0Es%2Bc3izO2gt5URn%2FXXH6w"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e73ab60-YYZ
GET H3	200	Vacation_BeverlyHills.jpg kin-sask.lbcdn.io/uploads/2024/01/	2 MB 2 MB	5363ms 5360ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_BeverlyHills.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 794baedb0d3bd55c72457a7c1323b92f3ad9ff1d57f14872046341d188dbca7d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CPXEZJDKSK5ESQ1E age 3214567 cf-polished origSize=1779359 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1659974 x-amz-id-2 XJ6aRDKFoFRwRcZIJqlctS6DlHQc1+0uAg3QBA/fzHNoIKqmvElzJ4xKth4BSJaz+uzBqhOhm24= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "8838f65f1ed94930be914f3039e23e60" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MZ7MAYVK5bFiEMX8vvk0cAGrkKyGvngghl3O7oouJf7fKk%2BFZ1jbKBUwQyu4x%2Bh9yYSx5yAaze6Igh1pWM4znPSIYUu36jcIBuIIZvcNnrwJjxkMfUcmeZJS9yeR%2FzI4ECfYUXGIFRRDnik%2BDRz"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e74ab60-YYZ
GET H3	200	Vacation_Arizona.jpg kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	5961ms 5958ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_Arizona.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53a16afd6a5492b619c71a6e679bbcb8dac2e97b3028fc5e684740993dde0eac Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GDYD1CY389HFXP31 age 4160000 cf-polished origSize=1491054 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 1372713 x-amz-id-2 zl76+mSCoIvX45xrieM53I283hiLRhpJvpMb6FlTqy1tj1e3wEEjfyLCE9mw8sUH8iKGXiy5gHI= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "baae158d977de26528487c5bc82130a6" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aWdSRLbXEklUmmCMTldxlhDtRwqEFPYU9ZllE87G4Z7WOvd8%2FVr%2Fu4zqolpdaZ12LXnQlg6sjTFQsd07ttMjhn4ef1rL42YWK%2FkfMcILOK6YomSYyvSG5nNv%2FAqQt8FhU%2Bgyq8vcUy4KysCePXHh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e75ab60-YYZ
GET H3	200	4500CASH.jpg kin-sask.lbcdn.io/uploads/2021/02/	591 KB 592 KB	6385ms 6381ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2021/02/4500CASH.jpg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c29d379e13f61611b8b4d177e6a4b49eab8b5917376aff3a11914d1c8359ef95 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9J76NGN6N2BCJM age 4164177 cf-polished origSize=681141 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 605068 x-amz-id-2 COjJGR/rgHxlgobmo9mBzjfG4CdGL2PrgXjargwg2wjUTqQhM/bIDEQUr1r2gZXXhqGh1wy71VU= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:10 GMT server cloudflare etag "59146be61051a9064c09520b835d857a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rif6mJek5BvXCIqVaQ0lXyqQVh5UpMlLe%2BcCgcHsiSV%2BB9gDAF70hc3boaCCby2thhNPtz09mqNQ2q3UGeQdOom%2F59hIfte0kNR%2BWzWqGTPRIAohjhgiIyEqCobCwvKuiR8OrWbuYzl2erUIjBSY"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e76ab60-YYZ
GET H3	200	Leisure_TV.png kin-sask.lbcdn.io/uploads/2023/12/	765 KB 766 KB	6574ms 6571ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_TV.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bce42d30dcf7c75d87934700a9ade3982c23fce0b055ed7d55b1222e2d6d6ed9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id SDBT2438WSSS76JW age 3378085 cf-polished origFmt=png, origSize=1297528 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_TV.webp" alt-svc h3=":443"; ma=86400 content-length 783440 x-amz-id-2 xIW9F6Kj9aqkxsXKxskkVKRgTIRMLHPCjrw94yXzfkXwXXsRzPsvoewxlq9f3oNIcUwY9dBa5dQ= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "fdd3d52840a7f9a9ea02210e907d6938" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3k2wvb91qmV%2FGnx1mhZk0Sm58Vobzz9ScizPDFnU%2BsyYlQwlpDIEwa13F5p10uIlfPeErTZklv2UKD5YE6g2WwvQ6eLYcJFwjnEe3f%2FTvzRZv4duffXXPpfMvQh1lKjsPosOnwlD1TeFxklsY6t"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e77ab60-YYZ
GET H3	200	Leisure_Shell-ride.png kin-sask.lbcdn.io/uploads/2023/12/	612 KB 613 KB	6816ms 6812ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Shell-ride.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 251e54c2e34372b93dd77196518b2443a574a1990999ee84aadccb14c0a9d7cd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9H9Y39A2Z0Q3EY age 4164177 cf-polished origFmt=png, origSize=1002973 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_Shell-ride.webp" alt-svc h3=":443"; ma=86400 content-length 627010 x-amz-id-2 WJAC9s4qZ7c9mD/cLXWPzzuPxAmYxyMXucqdvyjsZAAFSt+T4k83r0EirWhDeT0FQaE2Lt20k7c= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "7f901f7300c7cfb483aa6836883d7a1c" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GSqDzzCeo24bxSOgGWTDl5Ssjn7UywvI0UN0nhdaOyPjUBKKnOKfNGknaj8R65eP32sqtJPHvEH8MYKiB5mPvjjNicNgZdywTS%2BxFd88yjCDfFY1FaXuEh0gIWUISOXRc2MwEEtcq58yKEKUq4I4"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e78ab60-YYZ
GET H3	200	Leisure_FlatTopGriddle.png kin-sask.lbcdn.io/uploads/2023/12/	698 KB 699 KB	7009ms 7006ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_FlatTopGriddle.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d8dfabe7629218ae828558b16ea30c7a034f74d8602e21ab05976168bb9cf5fe Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id F9M59670YP5QPA99 age 3883149 cf-polished origFmt=png, origSize=1226408 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_FlatTopGriddle.webp" alt-svc h3=":443"; ma=86400 content-length 714454 x-amz-id-2 tnayxsKcgG5koBBMpUxbZxSaJddAjZ93fqt8jb5mgOVT1gJ5VJof8PQOmTitncbt4qN1arA8sDWBZf+TP70x3jG5smWbd/7l cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "764b9b219cbe60a2e54ff769fb36f507" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6f%2B13oJM%2FdoJJVDl78j7dSvFiSugykExCEjbdYbrObwdID0zHYamNUPe6gH79z4V5ciuQhdX%2Fay5CcmdUrY4wCIhWAK5asj1%2B%2FA7LXlhlb%2BA6iX6kaoKWiAXUJVopXu2UgRZ6%2FqIf1aO73KVhZOs"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e79ab60-YYZ
GET H3	200	Leisure_YETI-cooler.png kin-sask.lbcdn.io/uploads/2023/12/	750 KB 751 KB	7220ms 7216ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_YETI-cooler.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1816bf2eef31eb38cd6af91b6b49e0b91d4ecd39fd02795a82bac87322f7e1ab Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GS9SFZ875KBVY47F age 4164177 cf-polished origFmt=png, origSize=1278481 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_YETI-cooler.webp" alt-svc h3=":443"; ma=86400 content-length 767780 x-amz-id-2 rIDjR6HGd2g3AAbC21hEZSXZX4sZ6My7H8e5cyUEj81nBf8oMerBeGnYP7m0cPR+LvnseaoDW3I= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "3b22a7a6fe7c7e0d553da652a9dc1a79" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WczCUncxIpWvgVhdWrWa%2FuvgYopO%2BR2LbcpSyYLkcC8Z843l39PLoA%2B8cGdYUoCx8gIBwNPSGpErL2f7SS7mZR5aOBXVpYjK7s4jtBsg%2BwWtHKJn2WT3dbmgH3nmFpx92T45TRbLtZRBhaUEaPya"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e7aab60-YYZ
GET H3	200	Leisure_BluetoothSpeaker_.png kin-sask.lbcdn.io/uploads/2023/12/	398 KB 399 KB	7496ms 7493ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_BluetoothSpeaker_.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e110847e61f439dd67612ee87851b7388d35f5df981364604e91699279b68b73 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id NXDMWXJ8VE0V30MS age 3070701 cf-polished origFmt=png, origSize=660444 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_BluetoothSpeaker_.webp" alt-svc h3=":443"; ma=86400 content-length 407924 x-amz-id-2 hoZuHIEJx1/SfrXyKgzBtOd7aALkmq/Fm3r1XC9jeOx2NBicSgb/OGaufFl0ZCT8A2qx6H6nD2A= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "0079cfbf920ad09492c20639bf78b6f7" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r95tgXLbp3csfXDKdR2lelXb%2BazQrPAwoydb0LFKzOfFNnX5%2FjYy5mFWh3n3oYUbdIkN8em3hlbuMg9ORNDvChUg0UA4NNtAJKdnIJ7vJIzi%2BQim9aPzCmKobwgUk4bPIJOaDVtJMzGxMrLSsVsz"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e7cab60-YYZ
GET H3	200	Leisure_Projector.png kin-sask.lbcdn.io/uploads/2023/12/	177 KB 177 KB	7605ms 7602ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Projector.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ec2d9ce959e248aa8ffb0dce0eacc2ea9ea2394278c0c0e264fa677f9153a38 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id RQ3TVTYM58C2JNCQ age 867730 cf-polished origFmt=png, origSize=298142 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_Projector.webp" alt-svc h3=":443"; ma=86400 content-length 180750 x-amz-id-2 uhcHbmB72VZB1uJW6BtVXAdXEVPRK0XZXv1RpVRcfmJSnCgaXCh9cKLpvdOZTKk07oJUsPn+KGxyZx3UL7YKOemVJ8A0qPli cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "e69efcd42de3881bb438e8d85d4361df" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FSsUEMS0vlmcKZsVM2R22ArTkTWEGex%2BZGx2ClbBEPCFgOj22vVbGzQW7hgynePRCbbDIciXD4%2FWDG7qXU2Lo9lDe73CVJcViD757eoT1L8WLGwxpge4QtMhaQRsQjaBZcaNRNQMpKtPm3s3Ettr"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e7fab60-YYZ
GET H3	200	Leisure_Airpods.png kin-sask.lbcdn.io/uploads/2023/12/	884 KB 885 KB	7659ms 7656ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Airpods.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc8a1d8347f191ea3a64c6ff13d96afe5099a35e2806305933677fbf1facf197 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id ZF9Q57PB71YK5F8A age 2713514 cf-polished origFmt=png, origSize=1311322 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_Airpods.webp" alt-svc h3=":443"; ma=86400 content-length 905318 x-amz-id-2 oFiZ3N1QC0Mjt2bERL9rWWnXI52FdPfXlGuKaPpE5Rmcf2NPsDdzQ7Gi0ck5NRkdIg75lRmwOO8= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "166b7ac3aacca4bdaa0d3f921a6ddd01" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCFzedL43Mu4Pq7uTZJmN4O6yd9viKdY3wcGJU50Zks4HxSh4ZwLGWUscJUZAEnPsy7hZ5OoSBT%2BZhVG4kSdTGTZP9trpZaavm0mH2wo3%2BecL%2Bk2WcUo%2B4%2BNTKSk0E3kKkB96KDhY0%2BKe7kxIqWI"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e82ab60-YYZ
GET H3	200	Leisure_EspressoMachine.png kin-sask.lbcdn.io/uploads/2023/12/	601 KB 602 KB	7980ms 7976ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_EspressoMachine.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5f50c34be29cb663ac9567c9062ddc313fae93c2f4cf5ee065b0954c17551df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id VP3ERS3W3F7HGK8Q age 2800045 cf-polished origFmt=png, origSize=1030484 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_EspressoMachine.webp" alt-svc h3=":443"; ma=86400 content-length 615266 x-amz-id-2 7EKaOuQwTA9kVoSvoWVYtzWZG+XyQae9bmYe8DfFdIFG6rHcAG1CRediqy6FrkgBheHXtjbh6lk= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "410111076e6bc379ff34bdef3de95e77" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QSePyk88J2WuUR%2FpDXN40X%2B7r2jdkBHgyUrfD1Dety1mtJQjQHXBfhsAerlzdC5GybE6CZzL92GkKcrYzGl3PXEeALi6Ph8QaMWopbGv88KoUq08WZA35dxXPkULA6xMeAitVeflTfybW7NyNLEQ"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e84ab60-YYZ
GET H3	200	Leisure_Blanket.png kin-sask.lbcdn.io/uploads/2023/12/	889 KB 890 KB	8140ms 8136ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Blanket.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9516a2b3a57a503d0b242672e1ab08cc38f7fb52bf60285e01cb65c7b9b9897d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id TZ09XF82VQ3XWPVB age 1458741 cf-polished origFmt=png, origSize=1455694 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_Blanket.webp" alt-svc h3=":443"; ma=86400 content-length 910526 x-amz-id-2 htwWMPNNka2lGu9dwwNqs667LALmmWVLriUDKOiyJaCo1K11ASPis79pq0gsqM5J0PHca4cBo2HN963nGiFoQ23thSs2D9YG cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:30 GMT server cloudflare etag "1a382140e2cbfec0bd727d2e90bd2c71" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAJLmh%2Bv43INGgUs27FUfTt%2FVAK%2F7rZabxQD%2B0XcOiziDvuwDIpvicEpbL3yc1olgAwhQpp%2FQ%2FsT5XVQONuJnvg19vrHTZRQtIsLdg5NWi0fj4DEEYQvKB3uyyU9%2FoXHc1uWFDMl54uibJe3bHAp"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e85ab60-YYZ
GET H3	200	Leisure_Brainsport_RGB_1100x1100-1.png kin-sask.lbcdn.io/uploads/2024/01/	999 KB 1000 KB	8458ms 8454ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_Brainsport_RGB_1100x1100-1.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e55ef771d36e895bc34ffb629d198fe953d1309168bf1ab636a8cde4d6f628f8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 0FJZQ36X90VCHA42 age 2765068 cf-polished origFmt=png, origSize=1376907 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_Brainsport_RGB_1100x1100-1.webp" alt-svc h3=":443"; ma=86400 content-length 1022956 x-amz-id-2 1ZPXNfuyhVYt/6n0Q6iIXMpMJn0VIp89VwvhLD5UZ61bIamYRoRo97Elm/fh2ClJ4ARYbMOAFVZpvfk+bGLlA89raA+pKcLv cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "3cf70ff5f02c7c4c520129d26a0487a1" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FypClVRSldE3%2FGMcv3ACNplJ7OEh9RVAMuTDQXCQ2NpE5O%2FJbnDi4CPdAMXaidOjKVgbI5h41dGg2CJTWhCUyc0xiQ%2BypqDOxHrf3PFNSNnZBgt6yZEu%2F8CF%2B9N2kQwboWep775d6YhkaUzb6Xzh"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e86ab60-YYZ
GET H3	200	Mega-Menu_Adventure_590x340.png kin-sask.lbcdn.io/uploads/2024/01/	309 KB 309 KB	8755ms 8752ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Mega-Menu_Adventure_590x340.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 926b50985a04d07ca2e12a0f427f185d3c01b02735de33be4e1162bfe60a5cfa Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 87T81Y87XJJ3NC2X age 220366 cf-polished origFmt=png, origSize=434159 x-amz-server-side-encryption AES256 content-disposition inline; filename="Mega-Menu_Adventure_590x340.webp" alt-svc h3=":443"; ma=86400 content-length 316082 x-amz-id-2 1E5ukO64YYziHuP/ghLLOEJr4bqgpsLUyo3RUXf4qXw47TZ154jADT8XobaJCQimTB3GlP3sOWk= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "ef7009a8aa9678fa48f66b8989b63850" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tixFKMBVf1CiEJSGLiSHa2jqHM0ZQGEhQvTiRLH0hWZm8wDzw5l03UuV2r2W%2FL30o6YxoraVl0Dv%2BmXvY0QiPFmrlrddbjMoS8uFSY%2F1ayZs9a0CIw5V%2BFhV5Vhmkxdjyk3zkKnDkc3rohipkle%2B"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e88ab60-YYZ
GET H3	200	Lady-Reading_iStock-1264573507_CMYK-1920x1281.jpeg kin-sask.lbcdn.io/uploads/2024/01/	437 KB 437 KB	8852ms 8848ms	Image image/jpeg	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Lady-Reading_iStock-1264573507_CMYK-1920x1281.jpeg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fe91a363c537c0062e9a60f57dabd2d042f0db6f1af3dd875d6865210dff198 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 2HC77AZCXM1C2CVA age 2514338 cf-polished origSize=479634 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 content-length 447007 x-amz-id-2 v9gKvoigSPIlMb3STRDGk9wohu2DVicwa5HjwaWfngspDXYRxvhH7JT0Xcjk8jtjEasugv1gmHU= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "824fe82d8cebeea3adb146f24534080f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=id71h2ErSIYjd3C42kMhHyZJINidHSLJHWAt3mSbAKLi3Ck2FLUeXCiGNyCR%2B9Pxc4pOAsYKXF4fpDdCDYXFZ3%2FGHUI97omVnY2VZt1CDPmTK8CHd63Ct%2BLOH139BiVwMMb%2BGvdC6zzjBPd9Erxk"}],"group":"cf-nel","max_age":604800} content-type image/jpeg access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 894d4b7e9e89ab60-YYZ
GET H3	200	Leisure_1100x1100_PrairieProud.png kin-sask.lbcdn.io/uploads/2024/01/	956 KB 957 KB	8990ms 8987ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_1100x1100_PrairieProud.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2340664827930253b8afb3494aeb638e66a0c06caccaf31dad4b6843632a5a1c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id SDBJGP2ANF9K1M2S age 3378085 cf-polished origFmt=png, origSize=1321997 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_1100x1100_PrairieProud.webp" alt-svc h3=":443"; ma=86400 content-length 978616 x-amz-id-2 7T6myh32wORzthbQBW6AbSGbahBQ9FMnBqWaC8P5VvwOe4+XaILjoH9YmMW+CieYVWPSIuRh/IQ= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "1c619ec614481f136da90f402081f5a7" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CDRexZnUKhc3NOaE9WT1q4LSLOg5zS23rpK%2FZZBl6pknlRObDmkMSB14%2Fb3PzpXif914NjH38XS3MmdEes8k8OqkpvbmDyDchMzr8pdtrizO%2FHhdtt%2FYT8NLOdVqdswEduvyUem3q%2Bs78xjfOYf6"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e8aab60-YYZ
GET H3	200	Leisure_1100x1100_SaskMade.png kin-sask.lbcdn.io/uploads/2024/01/	1 MB 1 MB	9232ms 9228ms	Image image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_1100x1100_SaskMade.png Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49517646ca83f79f248f53f47cc2fc092ddc5b6f14fce2296e0f4af90be31854 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PW7FJPN7V788XMYE age 3366513 cf-polished origFmt=png, origSize=1774517 x-amz-server-side-encryption AES256 content-disposition inline; filename="Leisure_1100x1100_SaskMade.webp" alt-svc h3=":443"; ma=86400 content-length 1227368 x-amz-id-2 4jVXdrUK403ETWYnrsTx99euMrxZ61fP3fmXGTFgaZoGbzpssdrgqXfktUiD2k1WyzYixXp+X66PdqCBx0kvLH2k2u8E5+rb cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:31 GMT server cloudflare etag "a2f52ce5b8fdfad3ac76019084c9487f" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RkdoRwTxR3v2Dyp2i0HiDVVBxE7P6%2B8eWr26v4M%2B4sAFLgfgD2zVL3vv77Zw5bnKKBXlDZbCkFOptSxB%2BbYa0EcEaV8KgAZIGWPdsal%2FNsD5iHUGxwZam9pdlkdBd7idN5tI8p2sCcLn3iGjSst4"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4b7e9e8bab60-YYZ
GET H2	200	loading-white.gif closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/	3 KB 3 KB	85ms 84ms	Image image/gif	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/loading-white.gif Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "c88-61aa15b612d08" content-type image/gif access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 3208
GET H2	200	AvenirLT-Black.woff2 closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/	14 KB 14 KB	89ms 87ms	Font font/woff2	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Black.woff2 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash a43c95d20a9b8be6b56f2b36be711364160e113c203fe0402e32b5d614d903d9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Origin https://closed--2024-spring--kinsmen.lotteries.dev Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "37e4-61aa15b60ee88" content-type font/woff2 access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 14308
GET H2	200	AvenirLT-Roman.woff2 closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/	14 KB 15 KB	87ms 86ms	Font font/woff2	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Roman.woff2 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 27103982c1fab6c6791003a919805cae651fb754d33a4b8e7185b0d933cbaa30 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Origin https://closed--2024-spring--kinsmen.lotteries.dev Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "3930-61aa15b60fe28" content-type font/woff2 access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 14640
GET H2	200	icomoon.ttf closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/icons/	6 KB 6 KB	100ms 99ms	Font font/ttf	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/icons/icomoon.ttf?fx1gpj Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash e047df003d3769e08b7b841bd647bedd6a0c061930538a407deb58d3ac0fe3e6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Origin https://closed--2024-spring--kinsmen.lotteries.dev Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "175c-61aa15b611d68" content-type font/ttf access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 5980
GET H2	200	AvenirLT-Light.woff2 closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/	14 KB 14 KB	99ms 98ms	Font font/woff2	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Light.woff2 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash 8a4356b59a2555f82ddb529f638227864f8a30362c9c79fe42341823f07519e7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Origin https://closed--2024-spring--kinsmen.lotteries.dev Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "384c-61aa15b60fe28" content-type font/woff2 access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 14412
GET H3	206	Kinsmen-S24-Hero-Video-1.mp4 kin-sask.lbcdn.io/uploads/2024/04/	151 KB 0	9571ms 9566ms	Media video/mp4	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Range bytes=0- sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:30 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CNXMMZD84MHA0513 age 4504092 x-amz-server-side-encryption AES256 Content-Range bytes 0-18923690/18923691 alt-svc h3=":443"; ma=86400 Content-Length 18923691 x-amz-id-2 TLM6zWmKRUCW2no0opLhPM+yGtCwRhSfymkfmYlKcq6EIPCE8lbJw4zVhtni0tFvrojxYqT6T+bPyyDw/ehCzB0YZSuOQ5bG last-modified Thu, 25 Apr 2024 00:42:15 GMT server cloudflare etag "0eb28d8713fc1f60bd2377ea15142ea7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3U91piCjp7qY0WJx4Yl4VYF%2FGicyEi5FY10ehK4HmyQ%2FZ%2FyfUi9PxyRqWaynrAq2PbCCa5VwJTE%2Bo2FUi51vHR1Amz8dvIieEKvPZLRlFjvhzI15F84GjwshE0lDPp%2BBfaXdVq4IstXlpa6rs0q"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * cf-ray 894d4b7e9e8cab60-YYZ
GET H2	200	loading-grey.gif closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/	3 KB 3 KB	84ms 84ms	Image image/gif	3.97.106.146 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/loading-grey.gif Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.97.106.146 Montreal, Canada, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-97-106-146.ca-central-1.compute.amazonaws.com Software nginx/1.21.3 / Resource Hash fb0e5c71debe7ad52b30fb8e0c6b1d6e1316c7ab77e075ee57958aad89e281f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1718130222 Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:28 GMT strict-transport-security max-age=31536000 last-modified Tue, 11 Jun 2024 18:23:05 GMT server nginx/1.21.3 etag "c88-61aa15b612d08" content-type image/gif access-control-allow-origin *.lotteries.dev accept-ranges bytes content-length 3208
GET H2	200	js Show response s2s.kinsmenhomelottery.com/gtag/	310 KB 96 KB	249ms 248ms	Script application/javascript	2600:1901:0:7cd2:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s2s.kinsmenhomelottery.com/gtag/js?id=G-G2YTJVPJ0P&l=dataLayer&cx=c Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7cd2:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash 09eddf648ba4d7f29d3b6b94f3d2377136810b431a0fb90611e9f93c4beedb82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server nginx vary Accept-Encoding, Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin x-robots-tag noindex access-control-allow-headers Cache-Control x-xss-protection 0 expires Sun, 16 Jun 2024 19:44:31 GMT
GET H2	200	destination Show response s2s.kinsmenhomelottery.com/gtag/	226 KB 82 KB	183ms 183ms	Script application/javascript	2600:1901:0:7cd2:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s2s.kinsmenhomelottery.com/gtag/destination?id=AW-1018918876&l=dataLayer&cx=c Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7cd2:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software nginx / Resource Hash 59d208ed842b22c8c9112245bfb213f85ba1f14c5deaeb7ba0aeafdc3e00dd5d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:31 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin content-length 83562 x-xss-protection 0 last-modified Sun, 16 Jun 2024 18:00:00 GMT server nginx vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true x-robots-tag noindex access-control-allow-headers Cache-Control expires Sun, 16 Jun 2024 19:44:31 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	56 KB 15 KB	475ms 131ms	Script application/javascript	146.75.28.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:31 GMT content-encoding gzip last-modified Fri, 15 Mar 2024 03:07:08 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip" vary Accept-Encoding,Host x-cache HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kiad7000136-IAD
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	589ms 151ms	Script application/javascript	2600:1408:c400:24::17da:d80b AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:c400:24::17da:d80b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:31 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 20 May 2024 16:52:42 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=58975 accept-ranges bytes content-length 16683
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	609ms 137ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 16 Jun 2024 19:44:31 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=20, rtx=0, c=13, mss=1392, tbw=2793, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug bXVrEXbSIzGY6GmA+S4h5IRvkw7Eb2A450k+FGw2QxnWd+qfrqtBS9KNZJVlyL/zuYIqegSCQi4wHHwBdv49QA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ggo7rmzqgt Show response www.clarity.ms/tag/	637 B 1003 B	919ms 216ms	Script application/x-javascript	2620:1ec:bdf::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/ggo7rmzqgt Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7e9a0a242651068ec3c101ee5e8c5e785936c9f39630af7949a66ef03dddfe58 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Sun, 16 Jun 2024 19:44:32 GMT x-azure-ref 20240616T194432Z-155bd6cbdddrsmdg5d9gt4yh6000000004r0000000002k3v x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 637 request-context appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
GET H2	200	events.js Show response tags.srv.stackadapt.com/	22 KB 8 KB	447ms 120ms	Script text/javascript	18.235.198.50 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.198.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-198-50.compute-1.amazonaws.com Software / Resource Hash 3ed02e6b7530b8b360d15e5230bb1ec638dedee2f4771e302534c4d63615e2f9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 16 Jun 2024 19:44:31 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H2	200	events.js Show response analytics.tiktok.com/i18n/pixel/	5 KB 3 KB	466ms 146ms	Script application/javascript	23.212.250.7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNLJVGJC77UDD0LHV4NG&lib=ttq Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.250.7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-212-250-7.deploy.static.akamaitechnologies.com Software nginx / Resource Hash bdfd978d749f3318da1eaafdeea3a236b4dd17704c0964ca3fdc7c687508a685 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 22836f9b date Sun, 16 Jun 2024 19:44:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240616194432F5C57334BA1EEB96D5D7-640CE6798515A77A-00 x-cache TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11 content-length 1926 pragma no-cache server nginx x-tt-logid 20240616194432F5C57334BA1EEB96D5D7 vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=0, no-cache, no-store x-origin-response-time 12,23.220.106.7 x-tt-trace-host 0145e9018cad10ea556f79aebf7434dd7c3f9b69822530e78649f32828402f2287d1466d354be7c7105bb399aaf4147aa92f100df32d600c67a2150cdc197e2d1b96d1a988f65bde5af38f4a2b6751108a80fa2e2361076bd61051c012794abefe expires Sun, 16 Jun 2024 19:44:32 GMT
GET H3	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/1018918876/	3 KB 1 KB	551ms 128ms	Script text/javascript	2607:f8b0:400d:c0b::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018918876/?random=1718567071690&cv=11&fst=1718567071690&bg=ffffff&guid=ON&async=1&gtm=45be46c0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=1742294031.1718567071&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4 Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtag/destination?id=AW-1018918876&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:400d:c0b::9b Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bdaffd0d1cee8a79c65ea1345f41012332a2d8b8e967310fe8263001d263dd21 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:32 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1435 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect Show response s2s.kinsmenhomelottery.com/g/	1 KB 2 KB	489ms 488ms	XHR text/plain	2600:1901:0:7cd2:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s2s.kinsmenhomelottery.com/g/collect?v=2&tid=G-G2YTJVPJ0P&gtm=45je46c0v895416529z86481674za200zb6481674&_p=1718567068444&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1885836235.1718567072&ecid=1285611636&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.ca&sst.gcd=13l3l3l3l1&sst.tft=1718567068444&sst.ude=0&_s=1&sid=1718567071&sct=1&seg=0&dl=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&dt=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=6b97337f-8137-4b5b-be14-2834a069276d_1718567068444.1&ep.tiktok_event_name=gtm.js&tfd=5599&richsstsse Requested by Host: s2s.kinsmenhomelottery.com URL: https://s2s.kinsmenhomelottery.com/gtag/js?id=G-G2YTJVPJ0P&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7cd2:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash ca58aaf85908a268a7719ad44032b1948f4f39f978f4f5c9d1e478f228f2b085 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT x-content-type-options nosniff content-type text/plain access-control-allow-origin https://closed--2024-spring--kinsmen.lotteries.dev cache-control no-cache access-control-allow-credentials true x-robots-tag noindex, nofollow x-accel-buffering no
GET H2	200	adsct t.co/1/i/	43 B 376 B	553ms 172ms	Image image/gif	72.21.81.130 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=710b48ae-380c-41e2-9993-6f672085e3f7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ccd71357-eae2-427b-95f8-a3f6b2adf137&tw_document_href=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tw_iframe_status=0&txn_id=odvyo&type=javascript&version=2.3.30 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 72.21.81.130 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 5 date Sun, 16 Jun 2024 19:44:31 GMT strict-transport-security max-age=0 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id 716403baf599603a cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash f9d48c6d2c8442af2b30dc0f3bd9286cb3cbe4fbaba9f80e3ea4420930d6cc7a content-length 43
GET H2	200	adsct analytics.twitter.com/1/i/	43 B 726 B	601ms 275ms	Image image/gif	104.244.42.3 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=710b48ae-380c-41e2-9993-6f672085e3f7&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=ccd71357-eae2-427b-95f8-a3f6b2adf137&tw_document_href=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tw_iframe_status=0&txn_id=odvyo&type=javascript&version=2.3.30 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.3 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 83 date Sun, 16 Jun 2024 19:44:32 GMT strict-transport-security max-age=631138519 server tsa_b content-type image/gif;charset=utf-8 x-transaction-id 125bc9ff460ba7d7 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 650c986890e8bbdd81a140e2103242b89b76941e79d1c16df639142579d51ca3 content-length 43
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 204 B	94ms 94ms	Stylesheet text/css	18.235.198.50 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.198.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-198-50.compute-1.amazonaws.com Software / Resource Hash 66a6e3295586434897bacbc9b6123d20276fc298464df6646350e9e53a02876d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 16 Jun 2024 19:44:32 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	430ms 113ms	Fetch image/jpeg	18.235.198.50 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.198.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-198-50.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 16 Jun 2024 19:44:32 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 586 B	562ms 195ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://closed--2024-spring--kinsmen.lotteries.dev/ sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: EBF18FE4FF754ECDA17728C6C09CFADD Ref B: YTO01EDGE0821 Ref C: 2024-06-16T19:44:32Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://closed--2024-spring--kinsmen.lotteries.dev x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYbBxPg42J0DfsauMq4jg==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 766 B	525ms 182ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2 Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 5BC1FB9A8995426892745FB3AA05B7B3 Ref B: YTO01EDGE0721 Ref C: 2024-06-16T19:44:32Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYbBxPgrTv3Uezl28qDEw== x-fs-uuid 00061b0713e0ad3bf751ece5dbca8313
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2 https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4512244%26time%3D1718567072073%26url%3Dhttps%253A%252F%252Fclosed--2024-spring--k... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLfilIZS...	0 490 B	526ms 235ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLfilIZSZYtdgAAAZAilHVav21j_BvXVrrTuElPjRRAGiN9cfLe8tYyeXDroulu9BmzpvCX62Eg Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://closed--2024-spring--kinsmen.lotteries.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sun, 16 Jun 2024 19:44:33 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 4DA663E39815446B9C9E3C925F1CF4E6 Ref B: YTO01EDGE0815 Ref C: 2024-06-16T19:44:33Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAYbBxPxap9ww0NTJprbbg== Redirect headers date Sun, 16 Jun 2024 19:44:33 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: 51940FD0016D4D22A643AA869773A77C Ref B: YTO01EDGE0821 Ref C: 2024-06-16T19:44:33Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1718567072073&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQLfilIZSZYtdgAAAZAilHVav21j_BvXVrrTuElPjRRAGiN9cfLe8tYyeXDroulu9BmzpvCX62Eg x-li-proto http/2 content-length 0 x-li-uuid AAYbBxPqPx7f3D/qJJIzcQ==
GET H2	200	1604745766504903 Show response connect.facebook.net/signals/config/	68 KB 14 KB	194ms 194ms	Script application/x-javascript	2a03:2880:f003:c0e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1604745766504903?v=2.9.158&r=stable&domain=closed--2024-spring--kinsmen.lotteries.dev&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6e9d6baf9f2fc56363884fefef06a64afd87b0250ec96ac32bc30df1580eec35 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 16 Jun 2024 19:44:32 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=26, rtx=0, c=61, mss=1392, tbw=63533, tp=-1, tpl=-1, uplat=75, ullat=0 pragma public x-fb-debug 3XsgxD0rdO5TrxcMpp/hi3JWfPfXWpp6gn+EvUvpDmohhkGbxbR2vlH7tyZh8zi1LEOFUUoH4ck9gHWJstECMg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	170ms 167ms	Script application/javascript	2620:1ec:bdf::38 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/ggo7rmzqgt Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240616T194432Z-155bd6cbdddrsmdg5d9gt4yh6000000004r0000000002k43 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 35eee430-101e-0028-3d64-ba4f73000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	204	collect analytics.google.com/g/s/	0 211 B	668ms 283ms	Image text/plain	2001:4860:4802:36::181 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e46b1v895416529z86481674z99179575867za200zb6481674&_gsid=G2YTJVPJ0PVQKEJsNUhGP2xAExXBZISQ Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:32 GMT server Golfe2 content-type text/plain access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	1112ms 766ms	Image image/gif	2607:f8b0:400d:c04::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-G2YTJVPJ0P&cid=u5hJWWIwOTm%2FnTiro1YkLZIVk3lGGzAD8IbRCaQjTz8%3D.1718567072&gtm=45j91e46b1v895416529z86481674z99179575867za200zb6481674&aip=1&z=13664005 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:33 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	collect stats.g.doubleclick.net/g/	0 211 B	942ms 280ms	Image text/plain	2607:f8b0:400d:c0e::9c GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-G2YTJVPJ0P&cid=u5hJWWIwOTm%2FnTiro1YkLZIVk3lGGzAD8IbRCaQjTz8%3D.1718567072&gtm=45j91e46b1v895416529z86481674z99179575867za200zb6481674&aip=1 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0e::9c Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:33 GMT server Golfe2 content-type text/plain access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	_set_cookie s2s.kinsmenhomelottery.com/	48 B 48 B	167ms 166ms	Image image/gif	2600:1901:0:7cd2:: GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s2s.kinsmenhomelottery.com/_set_cookie?val=sJfKATO2d9US2aJcAF9PMAJ%2Bopwe20kHAztRI3nYl2UQXbI7piIlqPld%2Fad9rMgHlr089%2BKfuusW0pQOIX2n27d5d6iILlqx41c9mQlaP3u%2BAdM7Q%2Ba24fHlQIiy%2BtRrlj9qUDkSlKOOcN7yQshvY7aPgmLqJypm%2BG3qyTIlgpZqsQaS1lpt6nLNcqlbJ3WCG0RKFypfjmB6 Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:7cd2:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT x-robots-tag noindex, nofollow content-type image/gif
GET H2	200	/ www.facebook.com/tr/	0 275 B	627ms 213ms	Image text/plain	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1604745766504903&ev=PageView&dl=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&rl=&if=false&ts=1718567072416&cd[eventID]=6b97337f-8137-4b5b-be14-2834a069276d_1718567068444.1&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718567072412.848041028894959500&cs_est=true&ler=empty&cdl=API_unavailable&it=1718567072180&coo=false&rqm=GET Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=2797, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 16 Jun 2024 19:44:32 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 4 KB	623ms 221ms	Image image/png	2a03:2880:f103:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1604745766504903&ev=PageView&dl=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&rl=&if=false&ts=1718567072416&cd[eventID]=6b97337f-8137-4b5b-be14-2834a069276d_1718567068444.1&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718567072412.848041028894959500&cs_est=true&ler=empty&cdl=API_unavailable&it=1718567072180&coo=false&rqm=FGET Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x44dae46b0c373eb9","source_keys":["1","2"]},{"key_piece":"0x4e1cfcd83a8519a2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Sun, 16 Jun 2024 19:44:33 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=3116, tp=-1, tpl=-1, uplat=102, ullat=0 pragma no-cache x-fb-debug ml2McJCLrqlvsZUIy2tkMUaWYSsudTMPQoeZw3pCZmC8C6JTKzd5F+Vb5Vs7iiEjO2UTQv9i7XCnbQOHWTU7Og== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	main.MTZmOTQwMTEyMQ.js Show response analytics.tiktok.com/i18n/pixel/static/	342 KB 98 KB	170ms 170ms	Script application/javascript	23.212.250.7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNLJVGJC77UDD0LHV4NG&lib=ttq Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.250.7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-212-250-7.deploy.static.akamaitechnologies.com Software nginx / Resource Hash cd5efd9242be0331111acd38f5570a894598d0b18d4811f1a27631f9dac41c65 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 2283729b date Sun, 16 Jun 2024 19:44:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 2024061319203380D339A13B15543B3C69 x-tt-trace-id 00-24061319203380D339A13B15543B3C69-1BB16A96BFCAFF33-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 019bbf8d6285cc597010a0baf9c77e78f033580db3beefecf21393ef22876031c2800ed88751a7f747c199c7df848e3e2f5c23f88b2be5f21f44170a1df5a37fd367ee77af8da45898cdad53f7c3dd8ae4fbc3f350d61e5a766264244f86f9998a server-timing cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3 content-length 99668
GET H2	200	conv tags.srv.stackadapt.com/	43 B 109 B	161ms 161ms	Image image/gif	18.235.198.50 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://tags.srv.stackadapt.com/conv?cid=g11GLUswIr9EeHDFeBUQEz&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&is_js=true&rnd=0.7055960337834821&t=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&tip=fe4Qp6LuMT0ut0ps8IJluZKl7IYO4AA-eBJ4SmX2o60&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa_conv_data_css_value=%270-ef4bb7f6-fc58-57d2-7465-da7dc467528b%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9ef4bb7f6fc5857d27465da7dc467528bc730f3bb&sa-user-id-v3=s%253AAQAKIISa6BL2it1ef-HdE9jgH3b3cGvvKScd7DU6CT47jNcJEAEYAyCfgb2zBjABOgRpr-VwQgSmWeue.SK%252FvPo6JMMTULXTpVhKjonu41J8U%252Fi%252BhCFQDlcwJpAQ&sa-user-id-v2=s%253A70u39vxYV9J0Zdp9xGdSi8cw87s.QUPa9BqE6uxfKudCb3AXOSJC2m1snc7XHZkDjlEsRQQ&sa-user-id=s%253A0-ef4bb7f6-fc58-57d2-7465-da7dc467528b.xF2e%252BHo2%252FzdBN9UBHH1dyDSj%252BA7WkKDwNrKkkxQMomE Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.235.198.50 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-198-50.compute-1.amazonaws.com Software / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:32 GMT content-length 43 content-type image/gif
GET H3	200	/ www.google.com/pagead/1p-user-list/1018918876/	42 B 64 B	547ms 124ms	Image image/gif	2607:f8b0:400d:c0b::63 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/1018918876/?random=1718567071690&cv=11&fst=1718564400000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=1742294031.1718567071&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL-TEDSI31bT_fr0RL6uba3GMCkSAqJg&random=349070673&rmt_tld=0&ipr=y Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:400d:c0b::63 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:33 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.google.ca/pagead/1p-user-list/1018918876/	42 B 64 B	170ms 128ms	Image image/gif	2607:f8b0:400d:c04::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/1018918876/?random=1718567071690&cv=11&fst=1718564400000&bg=ffffff&guid=ON&async=1&gtm=45be46c0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fclosed--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=1742294031.1718567071&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooL-TEDSI31bT_fr0RL6uba3GMCkSAqJg&random=349070673&rmt_tld=1&ipr=y Requested by Host: closed--2024-spring--kinsmen.lotteries.dev URL: https://closed--2024-spring--kinsmen.lotteries.dev/ Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:400d:c04::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:32 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	identify_ce1d8843.js Show response analytics.tiktok.com/i18n/pixel/static/	146 KB 39 KB	107ms 106ms	Script application/javascript	23.212.250.7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.250.7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-212-250-7.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-akamai-request-id 22837613 date Sun, 16 Jun 2024 19:44:32 GMT content-encoding gzip x-tt-trace-tag id=16;cdn-cache=hit;type=static server nginx x-tt-logid 202405231407264BFE357AF1C25747C86C x-tt-trace-id 00-2405231407264BFE357AF1C25747C86C-41219593AD259424-00 vary Accept-Encoding x-cache TCP_MEM_HIT from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable x-tt-trace-host 01aac443b79ae7a679dddac2774377a1af7f5ce9e1d68079f902e87718b16f60bc32d9d1b4602d7e7e2fb0e0ba7e1b32059e01d4f2f890112395263258fc329a89b4382e21f7239613f80475224fd9086ff94ce842218fb1d29512134b26825ebd server-timing cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=3 content-length 39605
POST H2	200	pixel analytics.tiktok.com/api/v2/	0 704 B	214ms 214ms	Ping text/plain	23.212.250.7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.250.7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-212-250-7.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 228376b1 date Sun, 16 Jun 2024 19:44:32 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-24061619443265D3C85DAF76ECD36635-57EF6EC74B430FE3-00 x-cache TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=26, cdn-cache; desc=MISS, edge; dur=10, origin; dur=32 content-length 0 pragma no-cache server nginx x-tt-logid 2024061619443265D3C85DAF76ECD36635 access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 32,23.220.106.7 x-tt-trace-host 0145e9018cad10ea556f79aebf7434dd7c3f9b69822530e78649f32828402f22877056335cdba04db3deb5d8a28af4ad043cc83c01a4e528c3ae2b587fea1aede2490259f517966d58ad64e90e732a02ec3b02eab8188693b17bbf518aff78b26b access-control-allow-headers Authorization,* expires Sun, 16 Jun 2024 19:44:32 GMT
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 306 B	530ms 170ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://closed--2024-spring--kinsmen.lotteries.dev Date Sun, 16 Jun 2024 19:44:33 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
POST H2	200	act analytics.tiktok.com/api/v2/pixel/	0 704 B	154ms 154ms	Ping text/plain	23.212.250.7 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://analytics.tiktok.com/api/v2/pixel/act Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.212.250.7 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-212-250-7.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers x-akamai-request-id 22837991 date Sun, 16 Jun 2024 19:44:33 GMT x-tt-trace-tag id=16;cdn-cache=miss;type=dyn x-tt-trace-id 00-240616194433F488FFAF4479189A632D-6E9EE4C52C079F76-00 x-cache TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.2-56372494) (-) server-timing inner; dur=32, cdn-cache; desc=MISS, edge; dur=11, origin; dur=39 content-length 0 pragma no-cache server nginx x-tt-logid 20240616194433F488FFAF4479189A632D access-control-allow-methods GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE access-control-allow-origin * cache-control max-age=0, no-cache, no-store x-origin-response-time 40,23.220.106.7 x-tt-trace-host 0145e9018cad10ea556f79aebf7434dd7c3f9b69822530e78649f32828402f2287859f21c0a1c0195f636dc3a9128b5b61b4588bbca72be64ad5fb63e34f8fd6f3406eef4a3ca8cd444f3d5f0e985161ecec9964c07662965f90ac427034165e47 access-control-allow-headers Authorization,* expires Sun, 16 Jun 2024 19:44:33 GMT
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 306 B	98ms 97ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://closed--2024-spring--kinsmen.lotteries.dev Date Sun, 16 Jun 2024 19:44:34 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&RedC=c.clarity.ms&MXFR=128340C446D962A0274E546442D96C22 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&MUID=2BD819DE8AF563170B640D7E8BDF62B8	42 B 467 B	89ms 87ms	Image image/gif	20.125.209.212 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&MUID=2BD819DE8AF563170B640D7E8BDF62B8 Protocol H2 Server 20.125.209.212 Chicago, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language en-CA,en;q=0.9;q=0.9 Referer https://closed--2024-spring--kinsmen.lotteries.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 16 Jun 2024 19:44:40 GMT last-modified Fri, 01 Mar 2024 22:54:06 GMT server Microsoft-IIS/10.0 etag "8573f85c2b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Sun, 16 Jun 2024 19:44:40 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1BA4EF2E76034133974174997B873C2E Ref B: YTO01EDGE0810 Ref C: 2024-06-16T19:44:40Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4E6186B6BF3A4184B34F48E3083C5968&MUID=2BD819DE8AF563170B640D7E8BDF62B8 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	cropped-KinsmenFavicon-1-32x32.png kin-sask.lbcdn.io/uploads/2021/02/	898 B 2 KB	116ms 116ms	Other image/webp	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kin-sask.lbcdn.io/uploads/2021/02/cropped-KinsmenFavicon-1-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3d62ef64ad65eed996af23dd64dc3c354c5989e355aa9ee23d35ce7b41a9bc0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id R3B2ZQYHQYAB48YH age 2797173 cf-polished origFmt=png, origSize=1600 x-amz-server-side-encryption AES256 content-disposition inline; filename="cropped-KinsmenFavicon-1-32x32.webp" alt-svc h3=":443"; ma=86400 content-length 898 x-amz-id-2 zC6oLJfj6/tKOH4V7nWp4GxB7QywRq2dcaEhf5LsP3SMcWHZ7AFXYNAyRYtGT9TYi8i3uPT7BZA= cf-bgj imgq:100,h2pri last-modified Fri, 08 Mar 2024 04:57:10 GMT server cloudflare etag "34cd664209d7f84c7701b10ec6f664b3" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5WiNK8XjO7X1BsJKg6CmdZghx71N232%2FDeBuN9LolxD16mBg2hR60JzG30xAf5%2BQ3IbxeuY3yJJ%2FWCaauYTbGf%2BsxJdjC26AWC3%2Bk%2BvWNReu2vIqHBteCGeePWfzQ7YoVDJ2r8YuFTdh356lVHf"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * accept-ranges bytes cf-ray 894d4bba9e43ab60-YYZ
GET H3	206	Kinsmen-S24-Hero-Video-1.mp4 kin-sask.lbcdn.io/uploads/2024/04/	48 KB 49 KB	220ms 110ms	Media video/mp4	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bf1f09860437a04f6127e80c9a86f1595b50c1b5bed8f8157fc93c37b5376a12 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Range bytes=18874368- sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CNXMMZD84MHA0513 age 4504102 x-amz-server-side-encryption AES256 Content-Range bytes 18874368-18923690/18923691 alt-svc h3=":443"; ma=86400 Content-Length 49323 x-amz-id-2 TLM6zWmKRUCW2no0opLhPM+yGtCwRhSfymkfmYlKcq6EIPCE8lbJw4zVhtni0tFvrojxYqT6T+bPyyDw/ehCzB0YZSuOQ5bG last-modified Thu, 25 Apr 2024 00:42:15 GMT server cloudflare etag "0eb28d8713fc1f60bd2377ea15142ea7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f7fuaQ1Mu6NTzFRZj%2F3Ek%2FwuNOVkV%2BFb53v%2F6XpxSkJsNc6PCCMEqwqDizztob9F%2BVOxeQukadsBXT5B2Q%2FLoiXPNrMqzZBplYFUPRpoyQEmDZbSgZE98vHfUQBXXJlkmmq7tIxXHZ3avtwZL4Pq"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * cf-ray 894d4bbb4eacab60-YYZ
GET H3	206	Kinsmen-S24-Hero-Video-1.mp4 kin-sask.lbcdn.io/uploads/2024/04/	5 MB 0	106ms 106ms	Media video/mp4	2606:4700:20::ac43:497b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:497b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Encoding identity;q=1, *;q=0 Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Range bytes=131072- sec-ch-ua-platform "Win32" Response headers date Sun, 16 Jun 2024 19:44:40 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CNXMMZD84MHA0513 age 4504102 x-amz-server-side-encryption AES256 Content-Range bytes 131072-18923690/18923691 alt-svc h3=":443"; ma=86400 Content-Length 18792619 x-amz-id-2 TLM6zWmKRUCW2no0opLhPM+yGtCwRhSfymkfmYlKcq6EIPCE8lbJw4zVhtni0tFvrojxYqT6T+bPyyDw/ehCzB0YZSuOQ5bG last-modified Thu, 25 Apr 2024 00:42:15 GMT server cloudflare etag "0eb28d8713fc1f60bd2377ea15142ea7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8fIg1MVoHFYbCMgK8YmQgpRT2EPhCX3FdwvBVRC1rGRq57wxDtuslgdI93po1e61HGw4S%2BRHVJAGRb%2F%2B6I7gXnDPb1%2F7B%2Bj6e9Q451U425%2B1m97M7iL6AyzedqI9nIcU3GVuw0Y8x55oiHc1h2Pw"}],"group":"cf-nel","max_age":604800} content-type video/mp4 access-control-allow-origin * cf-ray 894d4bbbff35ab60-YYZ
POST H/1.1	204 No Content	collect Show response v.clarity.ms/	0 306 B	96ms 95ms	XHR text/plain	20.114.189.135 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://v.clarity.ms/collect Requested by Host: analytics.tiktok.com URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTZmOTQwMTEyMQ.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.114.189.135 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept application/x-clarity-gzip Referer https://closed--2024-spring--kinsmen.lotteries.dev/ Accept-Language en-CA,en;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://closed--2024-spring--kinsmen.lotteries.dev Date Sun, 16 Jun 2024 19:44:42 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Vary Origin Request-Context appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0