urlscan.io logo urlscan.io
SecurityTrails logo

www.freelotto.com Open in urlscan Pro
151.101.1.94  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.precise.co.uk/c/eJwNzbsOgjAAQNGvabeS0tLX0AENagwxGoyCG9AilYcE6v_b5A53O0bbTmIMnUbFhTN0LHcYnfJbjqpXmlXZvogfdwESvK...
Effective URL: https://www.freelotto.com/register/TVpromo-Blue
Submission: On November 13 via manual from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 5 countries across 23 domains to perform 66 HTTP transactions. The main IP is 151.101.1.94, located in San Francisco, United States and belongs to FASTLY - Fastly, US. The main domain is www.freelotto.com.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on July 26th 2018. Valid for: 10 months.
This is the only time www.freelotto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.25.253.172 16509 (AMAZON-02)
1 1 108.174.10.10 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 1 72.11.150.236 8100 (ASN-QUADR...)
1 1 185.35.138.117 62454 (ZYZTM)
1 2 191.101.34.152 20454 (SSASN2)
2 5 151.101.1.94 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.111.226.25 16625 (AKAMAI-AS)
34 151.101.120.249 54113 (FASTLY)
1 13.32.223.99 16509 (AMAZON-02)
1 216.58.214.34 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 208.118.62.70 7296 (ALCHEMYNET)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 147.75.100.185 54825 (PACKET)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 216.74.184.61 3561 (CENTURYLI...)
1 147.75.33.117 54825 (PACKET)
1 147.75.33.209 54825 (PACKET)
1 2a03:2880:f12... 32934 (FACEBOOK)
3 205.185.216.42 20446 (HIGHWINDS3)
66 22
1    52.25.253.172 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-25-253-172.us-west-2.compute.amazonaws.com
email.precise.co.uk
1    108.174.10.10 (Mountain View, United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
PTR: 108-174-10-10.fwd.linkedin.com
lnkd.in
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    72.11.150.236 (Los Angeles, United States)

ASN8100 (ASN-QUADRANET-GLOBAL - QuadraNet Enterprises LLC, US)
www.dwntwnblvd.com
1    185.35.138.117 (Netherlands)

ASN62454 (ZYZTM, NL)
PTR: 185-35-138-117.v4.as62454.net
mgsse.popularshieldredirect.com
2    191.101.34.152 (Siauliai, Lithuania)

ASN20454 (SSASN2 - SECURED SERVERS LLC, US)
bgrh.hrjidi.company
5    151.101.1.94 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
www.freelotto.com
2    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    104.111.226.25 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-226-25.deploy.static.akamaitechnologies.com
cloud.typography.com
34    151.101.120.249 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
f-pinid.a.ssl.fastly.net
1    13.32.223.99 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-223-99.fra56.r.cloudfront.net
api.pushnami.com
1    216.58.214.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f2.1e100.net
www.googleadservices.com
3    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    208.118.62.70 (Los Angeles, United States)

ASN7296 (ALCHEMYNET - Alchemy Communications, Inc., US)
www.upsellit.com
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    147.75.100.185 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-17
static.hotjar.com
2    2a00:1450:4001:821::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:400c:c00::5e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    2a00:1450:400c:c0a::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    216.74.184.61 (Fulton, United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS - Savvis, US)
timing.freelotto.com
1    147.75.33.117 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-18
script.hotjar.com
1    147.75.33.209 (Switzerland)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-13
vars.hotjar.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
3    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net
upsellit.turbobytes.net
Domain Requested by
34 f-pinid.a.ssl.fastly.net www.freelotto.com
f-pinid.a.ssl.fastly.net
5 www.freelotto.com 2 redirects bgrh.hrjidi.company
www.freelotto.com
3 upsellit.turbobytes.net
3 fonts.gstatic.com www.freelotto.com
2 www.google.de www.freelotto.com
2 www.google.com 1 redirects www.freelotto.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 www.upsellit.com www.googletagmanager.com
www.upsellit.com
2 fonts.googleapis.com www.freelotto.com
2 www.googletagmanager.com www.freelotto.com
2 bgrh.hrjidi.company 1 redirects
1 staticxx.facebook.com connect.facebook.net
1 www.facebook.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 timing.freelotto.com www.freelotto.com
1 connect.facebook.net www.freelotto.com
1 stats.g.doubleclick.net 1 redirects
1 static.hotjar.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 api.pushnami.com www.freelotto.com
1 cloud.typography.com www.freelotto.com
1 mgsse.popularshieldredirect.com 1 redirects
1 www.dwntwnblvd.com 1 redirects
1 www.linkedin.com 1 redirects
1 lnkd.in 1 redirects
1 email.precise.co.uk 1 redirects
66 28

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.instagram.com
www.pinterest.com
Subject Issuer Validity Valid
*.hrjidi.company
Let's Encrypt Authority X3		 2018-11-05 -
2019-02-03		 3 months crt.sh
s.ssl.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-26 -
2019-06-02		 10 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.typography.com
DigiCert SHA2 Secure Server CA		 2018-05-15 -
2019-05-15		 a year crt.sh
default.ssl.fastly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-19 -
2019-12-09		 2 years crt.sh
*.pushnami.com
Amazon		 2018-06-29 -
2019-07-29		 a year crt.sh
www.googleadservices.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.upsellit.com
DigiCert SHA2 Secure Server CA		 2017-07-12 -
2020-09-16		 3 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2018-10-11 -
2019-01-09		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2018-10-23 -
2019-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
*.freelotto.com
COMODO RSA Domain Validation Secure Server CA		 2017-07-13 -
2019-07-19		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2018-10-11 -
2019-01-09		 3 months crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2018-10-11 -
2019-01-09		 3 months crt.sh
*.turbobytes.net
DigiCert SHA2 Secure Server CA		 2018-08-02 -
2018-12-13		 4 months crt.sh

This page contains 3 frames:

Primary Page: https://www.freelotto.com/register/TVpromo-Blue
Frame ID: F965429684835C20DE39CB58BFCCB732
Requests: 64 HTTP requests in this frame

Frame: https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Frame ID: 3417D69E2228318DBF8CAC1EBDFA7981
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=43
Frame ID: F857EE8EAFB1E762ADE8D08DD0B82EB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://email.precise.co.uk/c/eJwNzbsOgjAAQNGvabeS0tLX0AENagwxGoyCG9AilYcE6v_b5A53O0bbTmIMnUbFhTN0LHcYnf... HTTP 302
    https://lnkd.in/dJW9ttP HTTP 301
    https://www.linkedin.com/slink?code=dJW9ttP HTTP 301
    https://www.dwntwnblvd.com/Gf_m2thGxqpLONV7GwQGLG7OZmgtyIWvaayKdMIXxH2SbsfPXk4gjvsL07K9I9qdNcPhO3qcl_17... HTTP 302
    https://mgsse.popularshieldredirect.com/?s1=820803&kw=KW HTTP 302
    https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=48... Page URL
  2. https://bgrh.hrjidi.company/FRE298certifiedwinnerALL.html?sov=3165093916&cntrl=00000&pid=2348&redid=7465... HTTP 302
    https://www.freelotto.com/offer.asp?offer=1066987&affiliateid=3165093916&tid=8343e6e4-e75a-11e8-a859-8... HTTP 302
    https://www.freelotto.com/register.asp?skin=CertifiedWinnerRSP&noepu=1&partner=1066987&affiliateid=316... HTTP 302
    https://www.freelotto.com/register/TVpromo-Blue Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /^\/\/static\.hotjar\.com\/c\/hotjar-/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i
  • script /owl.carousel.*\.js/i

Page Statistics

66
Requests

98 %
HTTPS

41 %
IPv6

23
Domains

28
Subdomains

22
IPs

5
Countries

1741 kB
Transfer

2596 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.precise.co.uk/c/eJwNzbsOgjAAQNGvabeS0tLX0AENagwxGoyCG9AilYcE6v_b5A53O0bbTmIMnUbFhTN0LHcYnfJbjqpXmlXZvogfdwESvKy2dZuN2m_0G2Cv4wYLxhoiRFNb0ymccMEUV0q2UlBD4Kh775cN0BSQQ2icBxO5OZw5P5X3V0CowpxRyeGqt3rp3foxQXpPtRuDM_0BnKItqQ HTTP 302
    https://lnkd.in/dJW9ttP HTTP 301
    https://www.linkedin.com/slink?code=dJW9ttP HTTP 301
    https://www.dwntwnblvd.com/Gf_m2thGxqpLONV7GwQGLG7OZmgtyIWvaayKdMIXxH2SbsfPXk4gjvsL07K9I9qdNcPhO3qcl_178xttvOhjBg~~/ HTTP 302
    https://mgsse.popularshieldredirect.com/?s1=820803&kw=KW HTTP 302
    https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780 Page URL
  2. https://bgrh.hrjidi.company/FRE298certifiedwinnerALL.html?sov=3165093916&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780&tov=664695 HTTP 302
    https://www.freelotto.com/offer.asp?offer=1066987&affiliateid=3165093916&tid=8343e6e4-e75a-11e8-a859-8dc9d6521403 HTTP 302
    https://www.freelotto.com/register.asp?skin=CertifiedWinnerRSP&noepu=1&partner=1066987&affiliateid=3165093916&tid=8343e6e4-e75a-11e8-a859-8dc9d6521403&utm_source=YTZ&utm_medium=Display&utm_term=CPA&utm_content=CertifiedWinnerRSP&utm_campaign=EveryoneWinsTV HTTP 302
    https://www.freelotto.com/register/TVpromo-Blue Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://email.precise.co.uk/c/eJwNzbsOgjAAQNGvabeS0tLX0AENagwxGoyCG9AilYcE6v_b5A53O0bbTmIMnUbFhTN0LHcYnfJbjqpXmlXZvogfdwESvKy2dZuN2m_0G2Cv4wYLxhoiRFNb0ymccMEUV0q2UlBD4Kh775cN0BSQQ2icBxO5OZw5P5X3V0CowpxRyeGqt3rp3foxQXpPtRuDM_0BnKItqQ HTTP 302
  • https://lnkd.in/dJW9ttP HTTP 301
  • https://www.linkedin.com/slink?code=dJW9ttP HTTP 301
  • https://www.dwntwnblvd.com/Gf_m2thGxqpLONV7GwQGLG7OZmgtyIWvaayKdMIXxH2SbsfPXk4gjvsL07K9I9qdNcPhO3qcl_178xttvOhjBg~~/ HTTP 302
  • https://mgsse.popularshieldredirect.com/?s1=820803&kw=KW HTTP 302
  • https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780
Request Chain 51
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=465999842&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&dr=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780&ul=en-us&de=UTF-8&dt=FreeLotto%20TV%20Sweepstakes&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=1379708922&gjid=1669957939&cid=931624274.1542123658&tid=UA-2349802-20&_gid=1243800325.1542123658&_r=1&gtm=2wgas3PS3MMNK&z=122339603 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_gid=1243800325.1542123658&gjid=1669957939&_v=j71&z=122339603 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603&slf_rd=1&random=3517382334

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
bgrh.hrjidi.company/
Redirect Chain
  • http://email.precise.co.uk/c/eJwNzbsOgjAAQNGvabeS0tLX0AENagwxGoyCG9AilYcE6v_b5A53O0bbTmIMnUbFhTN0LHcYnfJbjqpXmlXZvogfdwESvKy2dZuN2m_0G2Cv4wYLxhoiRFNb0ymccMEUV0q2UlBD4Kh775cN0BSQQ2icBxO5OZw5P5X3V0Co...
  • https://lnkd.in/dJW9ttP
  • https://www.linkedin.com/slink?code=dJW9ttP
  • https://www.dwntwnblvd.com/Gf_m2thGxqpLONV7GwQGLG7OZmgtyIWvaayKdMIXxH2SbsfPXk4gjvsL07K9I9qdNcPhO3qcl_178xttvOhjBg~~/
  • https://mgsse.popularshieldredirect.com/?s1=820803&kw=KW
  • https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778...
1 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
191.101.34.152 Siauliai, Lithuania, ASN20454 (SSASN2 - SECURED SERVERS LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
bgrh.hrjidi.company
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:57 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=SeTMaPanUO6tk9bpJKn1VWzNLIdkEKlJFSG9dgxXiRHADaSkxFGrCSgofl%2Fc6TLDe3vXI%2BIXcOXcEcaf4LFoLOyFvXmy8lcd%2FAKvQN%2FCjCIw8AKArYcatISRECeyD4wsOaj8zzO9E3nCATDUMsugYpCZ6xLIF%2BDLWMXca%2FZdA9DE27UsCHaafSdhLYbG8Ea%2BpCvKlGsU%2BbsUUmqIU8CTo1375fvUbHJrUDxe7cln84FXinrkXm20onrKdcPsOgS5h5Dun459WAigOWjei89WfMONRHeo87W2H2e8EtR1h7N%2FnK9vehqNzNL4OQ6%2B45yNaMheer49Awy9sIiVjG0KYzpk2Av3%2FILgAF%2BV3OMUnCOsXhdXBfU6Watb%2BFtl0nxVyeUckcO3Ild%2BH%2FniNr8SIseT6EG6FC6k76vH%2FU%2FTQ1T2wUQ4acM75iCHzkLFRO8op9FTOz22T%2FGdCc6BmI6s8A%3D%3D; expires=Wed, 14-Nov-2018 15:40:56 GMT; Max-Age=86400; path=/; domain=.bgrh.hrjidi.company click_id_82c1f396-e75a-11e8-bb26-aa1f778d2780=8343e6e4-e75a-11e8-a859-8dc9d6521403 id=XNSX.820803-r74651-t488; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company SITE_ID=3165093916; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company sov=3165093916; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bgrh.hrjidi.company mov=noprelanders.mini; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company redid=74651; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company campaign_id=1228; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company gsid=488; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company pid=2348; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bgrh.hrjidi.company impid=82c1f396-e75a-11e8-bb26-aa1f778d2780; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company URI=sov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company templateid=957; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company path=redirect; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company version=664695; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[957][expand_enable]=-1; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[957][alert_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[957][audio_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[957][pop_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[664695][expand_enable]=-1; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[664695][alert_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[664695][audio_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[664695][pop_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company content=664695; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company token=32ecf0d6fe594d3b4a807c85cd1707c3; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company rpm=95; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company log_3165093916=1; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company token=32ecf0d6fe594d3b4a807c85cd1707c3; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company rpm=95; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company payload=7f377c30314017582c53fb950b045229ef9a26c2cda8e47432d8805cbc3eca3b2cff31de9c66d379a2b5b7828e6d98bc6cf3418fdc67843b4dbe38d543e626c02eef92b7d594e4a86add8cdeb31dfedd826c1eb055280cc9c836429c07cfd5b8a6c5b25eae80888c2436d0f35c2f720140f699783473d63ff0d5d554e0f30b6c0d7c369b323345a6152e12303d9ac521a81bc46fd25fda586d0c15df3b857ae7587983c561573f6a4503c63a8da104f8f5820934d944bfd4be0af9345cffbdea0770113a0d84789a65cdb92ce2afb4787c8bd87db6e2fe685720b713603345a1e6282ae9d9e6ddf159cf9b617ff0c99ef95504cbb504a2c2cfb8aecbc46404191290e497bc62c471ddf0aeb5d83dd8e5659f23be20ae16ec5edb5c5b3e5df62bf847094a6579c180c43092cd95efc3dd72ca1c735a2c62e92521d07ea0af4ebaa207615569edd086a4ad99c1abc2324c447569a5b4da3afa435443c6d573c8235f5e075916b2f4103ab9ebc472720ca7fbb5c7089c88d12c8727e57f7441db4e824a808a24d30d5bdfe6bf71687fdda2a8c3835a2cce43b4192759bdc69373e1ff7980299fabc76051516c54c944ed9276231cb0adf0baad793f952b57c18cca0051defa2e2f81e0e0af08e29488170237e91aad5f1662187312d2444dc64af1bb49fdc5bd04c937808e41894fa6ae7eb72e30de5a45b221337da5d43b5869808b903889e92792fdc8e47c6b01235caede8889269283a641749c10c00f309bea1fd929289362966813715b9872a20ada749d2ae6804af0cc003671fa02696bb09a52aefd8afc8a4727f5e3a709df5be56043b66a288c4873323374113f2388ba6f97a8e268eadcca63245e2fdc2d7728ce2155f0c968f8af1c76db25d025ae1bd4701d61706376c9ca78fe73ea2d87dabc3c8c9e41173ba7198dc0c96fa3231e0a34c9f424e1ebbd225478fdb88e6d1a1221ad851ef5a58a018b3956bcb3118dea270e3bc7bb0efc182a3b58edf8e1eb96ceb0e29020469d423b8687ae30659559c00bc4a9c1f30a84d4cedf467d640471a5416b8686ef59b5e0dc3e400fedf19b085b5de0134d6701b5f690a1123cf7f898b5350646660150bbe0e2ec548fad1555f65df0bc526c4c80e1183f932ca35c6919bbeed44003d56bb1c70a5b0906bcff9d0e015c8360e6fa5ce37e767790c0bf4885b46ddb514394138f5e628b37b02424dbc953701ea4dfcc9fe781261b59ddfbdefce8876f1aad446f3dedf516d83db6daac2d8dd15deec4dcc59967f6077f7f6eaad8cd82cd35ae24f604cbbb8293759e0bb743a3ff4e13b2c96923d2100fccbab5140c86589fd8b83859448012f65cdec501cd54cbb5f3ec1630e807aa859e35df4976c47d018fdaf631d55ef543b72f83d60f75276e5f892e49b130dec640c7bf8d9ddafb8b5864594dbae26125486dd32b8b627a3621c957f73b9f56ff1d32720f78b95026ce601ea15c40e31bd3b24544e9cbdcfbe8d9ad3f7e185c722200e290f440b9a62342fff52aa34e400dba72eec00267bcb89b66418f185c29249d3b57093016a7fe3483f431d5e1f1a932fdb68f8aec0f92407807d7fc0bc2ce605701f1912e11bd05c08288c9caf54c9db7057dba58b30c; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company payloadIV=85de6869bf778dab997c6679a1d84382; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company init_ev=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company id=XNSX.820803-r74651-t488; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company SITE_ID=3165093916; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company sov=3165093916; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tov=664695; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company mov=noprelanders.mini; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company redid=74651; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company campaign_id=1228; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company gsid=488; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company pid=2348; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bgrh.hrjidi.company impid=82c1f396-e75a-11e8-bb26-aa1f778d2780; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company tags[957][iframe_enable]=0; expires=Wed, 14-Nov-2018 15:42:37 GMT; Max-Age=86500; path=/; domain=.bgrh.hrjidi.company
X-Source
Mini
X-Rot
664695
X-Sov
3165093916
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Tue, 13 Nov 2018 15:40:56 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
82c1f396-e75a-11e8-bb26-aa1f778d2780
Location
https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780
Primary Request TVpromo-Blue
www.freelotto.com/register/
Redirect Chain
  • https://bgrh.hrjidi.company/FRE298certifiedwinnerALL.html?sov=3165093916&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb2...
  • https://www.freelotto.com/offer.asp?offer=1066987&affiliateid=3165093916&tid=8343e6e4-e75a-11e8-a859-8dc9d6521403
  • https://www.freelotto.com/register.asp?skin=CertifiedWinnerRSP&noepu=1&partner=1066987&affiliateid=3165093916&tid=8343e6e4-e75a-11e8-a859-8dc9d6521403&utm_source=YTZ&utm_medium=Display&utm_term=CPA...
  • https://www.freelotto.com/register/TVpromo-Blue
15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.freelotto.com/register/TVpromo-Blue
Requested by
Host: bgrh.hrjidi.company
URL: https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.94 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
e66a22cdc3904631e08fc7bb7ffa07f7afaf8266a74fb653c87468a9f199044e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.freelotto.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780
Accept-Encoding
gzip, deflate
Cookie
affiliateid=3165093916; path=%2F=refcookie; tid=8343e6e4-e75a-11e8-a859-8dc9d6521403; refcookie=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780=path
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://bgrh.hrjidi.company/?sov=3165093916&hid=gmiwmgmgiwskkw&&cntrl=00000&pid=2348&redid=74651&gsid=488&campaign_id=1228&p_id=2348&id=XNSX.820803-r74651-t488&impid=82c1f396-e75a-11e8-bb26-aa1f778d2780

Response headers

Server
Apache/2.4.34
X-Frame-Options
SAMEORIGIN
Cache-Control
private
Content-Type
text/html; charset=UTF-8
Content-Encoding
gzip
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
4574
Date
Tue, 13 Nov 2018 15:40:57 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19136-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1542123658.699423,VS0,VE126
Vary
Accept-Encoding,User-Agent

Redirect headers

Server
Apache/2.4.34
X-Frame-Options
SAMEORIGIN
Location
/register/TVpromo-Blue
Cache-Control
private
Content-Type
text/html; charset=UTF-8
Set-Cookie
refcookie=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780=path; path=/
Accept-Ranges
bytes bytes
Age
0 0
Content-Length
0
Date
Tue, 13 Nov 2018 15:40:57 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19136-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1542123658.525237,VS0,VE168
Vary
User-Agent
js
www.googletagmanager.com/gtag/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-2349802-20
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
f2f092eceb9dbfc3b79c0b02512f8f0b96a76b1b482fb432f468802b3164d5c8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:57 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
31815
x-xss-protection
1; mode=block
expires
Tue, 13 Nov 2018 15:40:57 GMT
css
fonts.googleapis.com/ 		11 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ee9681895a6ff86073dc3f1c49285bc04c9b677d86b036e446255b19484cbc8f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 13 Nov 2018 15:40:57 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Nov 2018 15:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 13 Nov 2018 15:40:57 GMT
fonts.css
cloud.typography.com/6930452/610482/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typography.com/6930452/610482/css/fonts.css
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.226.25 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-226-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
max-age=2
Content-Type
text/html
css
fonts.googleapis.com/ 		4 KB
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,400,700,400italic,300italic
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
531c6d1a15bda17c571eaa96f28fa87fa3fb65fd2cfaf9b623ab86d7577d44c9
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 13 Nov 2018 15:40:57 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 13 Nov 2018 15:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 13 Nov 2018 15:40:57 GMT
docs.theme.min.87884-ssl.css
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/ 		170 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/docs.theme.min.87884-ssl.css
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
b597992889ffaab79edf11891ddf4b537a3faa13026dfe232d37243c786f769a

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
22559
X-Served-By
cache-cdg20730-CDG
Last-Modified
Mon, 12 Nov 2018 21:21:41 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.982325,VS0,VE99
ETag
"2a701-57a7e498cb59e-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Via
1.1 varnish
Accept-Ranges
bytes
X-Cache-Hits
0
owl.carousel.min.87884-ssl.css
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/owl.carousel.min.87884-ssl.css
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
1068
X-Served-By
cache-cdg20725-CDG
Last-Modified
Mon, 12 Nov 2018 21:21:41 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.984599,VS0,VE82
ETag
"d17-57a7e498cbaea-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Via
1.1 varnish
Accept-Ranges
bytes
X-Cache-Hits
0
owl.theme.default.min.87884-ssl.css
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/ 		1 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/owl.theme.default.min.87884-ssl.css
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
4b8f619be871bb212a1b9f2662ff2edb07c3e1536f109f98043a4ef6c1f50fee

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
503
X-Served-By
cache-cdg20749-CDG
Last-Modified
Mon, 12 Nov 2018 21:21:41 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.984173,VS0,VE81
ETag
"415-57a7e498cbecb-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Via
1.1 varnish
Accept-Ranges
bytes
X-Cache-Hits
0
jquery.min.87884-ssl.js
f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/jquery.min.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0, 0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
30305
X-Served-By
cache-cdg20727-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.981958,VS0,VE99
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
private
Accept-Ranges
bytes, bytes
Expires
Wed, 13 Nov 2019 21:29:44 GMT
owl.carousel.87884-ssl.js
f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/ 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/owl.carousel.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
c48789f1b49bf24638fab122ee8b340f7526e3194ceee9df00540e1f6e50a08b

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0, 0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
20037
X-Served-By
cache-cdg20747-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.994845,VS0,VE110
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
private
Accept-Ranges
bytes, bytes
Expires
Wed, 13 Nov 2019 21:29:44 GMT
jquery.countdown.min.87884-ssl.js
f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/jquery.countdown.min.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0, 0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
2373
X-Served-By
cache-cdg20749-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.088204,VS0,VE85
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
private
Accept-Ranges
bytes, bytes
Expires
Wed, 13 Nov 2019 21:29:44 GMT
page1.87884-ssl.css
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
81c9b77c66ca2f8233c2603a7e2d47e38c219c73171cc202c64788eacc0cfe89

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
1601
X-Served-By
cache-cdg20735-CDG
Last-Modified
Mon, 12 Nov 2018 21:21:41 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.981494,VS0,VE81
ETag
"1720-57a7e498cc2a4-gzip"
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Via
1.1 varnish
Accept-Ranges
bytes
X-Cache-Hits
0
logo.jpg
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/logo.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
4e53e37c11b43ca3e8021182900a3391980faf1fc5d4266bc14ef69af5a293fd

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65317
ETag
"17eb-57a7e4998209c"
X-Served-By
cache-cdg20725-CDG
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.087756,VS0,VE0
Content-Length
6123
X-Cache-Hits
190
samsung_tv_img.jpg
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/samsung_tv_img.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
5137b3423fd41a8451d33158dde05b8f00fa2d9e6d85b447b2566ace9651353b

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
64911
ETag
"8b3b-57a7e49982ebb"
X-Served-By
cache-cdg20730-CDG
X-Cache
HIT
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.202293,VS0,VE0
Content-Length
35643
X-Cache-Hits
212
sign_up_icon.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/sign_up_icon.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
44ccada0a5aecd8b127f414b8d711433010f3d71419b08d73380c9e38a2a1f53

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65352
ETag
"698b-57a7e499838fb"
X-Served-By
cache-cdg20735-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.199387,VS0,VE0
Content-Length
27019
X-Cache-Hits
194
have_fun_icon.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/have_fun_icon.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
49f1b84f50243e2aaab445496e0517eb51db72043eb6fc141159360b06d19ef3

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65132
ETag
"1467c-57a7e499810bf"
X-Served-By
cache-cdg20730-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.221599,VS0,VE0
Content-Length
83580
X-Cache-Hits
202
check_for_win.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/check_for_win.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
5020f9d081f69c633339c8072439478d4ff2f215acb3a1db79703dc2cba56a0e

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65129
ETag
"11f85-57a7e4997ff59"
X-Served-By
cache-cdg20725-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.225693,VS0,VE0
Content-Length
73605
X-Cache-Hits
200
316.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/316.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
e295e88499bfef9a25b46b93394cb13b6d314a10bf183222aa2ba251e20db075

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
2574
X-Served-By
cache-cdg20747-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.311432,VS0,VE320
ETag
"a0e-4e90841c568e4"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
315.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/315.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
8e70271e820678b01c95be5c400e032483032916833ffa06abbade1be7a2e0dc

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
2346
X-Served-By
cache-cdg20749-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.316997,VS0,VE81
ETag
"92a-4e90841c4fc4c"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
314.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/314.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
90d1c2a82a1cb7109928b5b4852cb80fda02c74b5e8ff16a3f758cc5e659d3c6

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
2860
X-Served-By
cache-cdg20735-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.364912,VS0,VE80
ETag
"b2c-4e90841c3d580"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
109.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/109.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
d30ac65be64e5d94baa3bf006ee18f061457f23886241151a5c2c68cd3f621d3

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
3008
X-Served-By
cache-cdg20730-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.385064,VS0,VE82
ETag
"bc0-4e90841c6a8dc"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
299.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/299.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
0db59a840af37a4bc7f048af7f41cb37b0d64063eb95c1a5e3e052f892f196d2

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
2239
X-Served-By
cache-cdg20725-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.403284,VS0,VE82
ETag
"8bf-4e90841c63369"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
348.jpg
f-pinid.a.ssl.fastly.net//dynamic/winners/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//dynamic/winners/348.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
8561a549fc2cc9a356ead2511e8d5737937829db28858ab8a10cae0bf40cb3a5

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
2456
X-Served-By
cache-cdg20749-CDG
Last-Modified
Fri, 18 Oct 2013 18:39:39 GMT
Server
Apache/2.4.34
X-Timer
S1542123658.420645,VS0,VE81
ETag
"998-4e90841c6b46d"
Vary
User-Agent
Content-Type
image/jpeg
Cache-Control
public, max-age=315360000, immutable
Accept-Ranges
bytes
X-Cache-Hits
0
twitter.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/twitter.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
24c1a12071871dc647da53558f1d9732b907b1f2be19f1454db27c38d0af2b1f

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65062
ETag
"856-57a7e49985470"
X-Served-By
cache-cdg20735-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.469152,VS0,VE0
Content-Length
2134
X-Cache-Hits
180
facebook.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/facebook.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
6a2b6237efe01646b83cf1b4b6f6ebf8e568179648abaeac96990230910c260f

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65319
ETag
"6d6-57a7e49980459"
X-Served-By
cache-cdg20730-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.485572,VS0,VE0
Content-Length
1750
X-Cache-Hits
182
insta.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/insta.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
7e637ba8e32e25c0376221ad92c1e54ae04414d1c551e882fb629c73e3475f9a

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65215
ETag
"825-57a7e49981b54"
X-Served-By
cache-cdg20735-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123658.492203,VS0,VE0
Content-Length
2085
X-Cache-Hits
187
pinterest.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/pinterest.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
311c3027ac43e1eb35aefbbfc1cea352a3c7e84805af787fbc1def925944e7f9

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65352
ETag
"857-57a7e4998252a"
X-Served-By
cache-cdg20730-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123659.504517,VS0,VE0
Content-Length
2135
X-Cache-Hits
182
secure_icon.png
f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net//img/register/TVpromo-Blue/secure_icon.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
0fd79fb45fb5cf3afad30cfe416afcee2bd043a80705448d1ef2e14959b3df7b

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Last-Modified
Mon, 12 Nov 2018 21:21:42 GMT
Server
Apache/2.4.34
Age
65351
ETag
"2422-57a7e499832e2"
X-Served-By
cache-cdg20725-CDG
X-Cache
HIT
Content-Type
image/png
Cache-Control
public, max-age=315360000, immutable
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1542123659.506487,VS0,VE0
Content-Length
9250
X-Cache-Hits
208
FL.87884-ssl.js
f-pinid.a.ssl.fastly.net/xmljs/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/xmljs/FL.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
c564e14dff6a51b274329eb107011a61709e654729726aee24e706f0487f9e3b

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0, 0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
7585
X-Served-By
cache-cdg20735-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.085580,VS0,VE89
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
private
Accept-Ranges
bytes, bytes
Expires
Wed, 13 Nov 2019 21:29:44 GMT
countrystate.87884-ssl.js
f-pinid.a.ssl.fastly.net/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/js/countrystate.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
bae9d76f63b0ae56a2cd922ede41dce72f454482a1825b1b3c18df7f0a0c544c

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
2056
X-Served-By
cache-cdg20725-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.109431,VS0,VE95
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
public, must-revalidate
Accept-Ranges
bytes
Expires
Tue, 13 Nov 2018 16:40:58 GMT
reg_skins.87884-ssl.js
f-pinid.a.ssl.fastly.net/xmljs/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/xmljs/reg_skins.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
3bb1a483137edb19ae77d0ba0c427093ed31e1de755090ce76c8fab2c18faed1

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
4923
X-Served-By
cache-cdg20749-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.198211,VS0,VE95
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
public, must-revalidate
Accept-Ranges
bytes
Expires
Tue, 13 Nov 2018 16:40:58 GMT
flzipcode.87884-ssl.js
f-pinid.a.ssl.fastly.net/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/js/flzipcode.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
4aa494491aad7a4268ef6ac7e77a04ae87000159206ed2c924bb2c6c408d05f0

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
1068
X-Served-By
cache-cdg20747-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.202010,VS0,VE83
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
public, must-revalidate
Accept-Ranges
bytes
Expires
Tue, 13 Nov 2018 16:40:58 GMT
register.min.87884-ssl.js
f-pinid.a.ssl.fastly.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f-pinid.a.ssl.fastly.net/js/register.min.87884-ssl.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
e0484942b59fa152263d7de82c1781ad1a6e620f5ffedbe0802129c1e89752dd

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Age
0, 0
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
817
X-Served-By
cache-cdg20727-CDG
Server
Apache/2.4.34
X-Timer
S1542123658.198912,VS0,VE85
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Via
1.1 varnish
Cache-Control
private
Accept-Ranges
bytes, bytes
Expires
Wed, 13 Nov 2019 21:29:44 GMT
offer.asp
www.freelotto.com/ 		23 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freelotto.com/offer.asp?offer=692390&r=0.601418052475154
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.94 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.freelotto.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.freelotto.com/register/TVpromo-Blue
Cookie
affiliateid=3165093916; path=%2F=refcookie; tid=8343e6e4-e75a-11e8-a859-8dc9d6521403; refcookie=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780=path
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Server
Apache/2.4.34
Age
0 0
X-Frame-Options
SAMEORIGIN
X-Served-By
cache-fra19136-FRA
Vary
User-Agent
X-Cache
MISS
Content-Type
image/gif
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes bytes
X-Timer
S1542123658.196616,VS0,VE94
X-Cache-Hits
0
offer.asp
www.freelotto.com/ 		23 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.freelotto.com/offer.asp?offer=10698886
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.94 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache/2.4.34 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.freelotto.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.freelotto.com/register/TVpromo-Blue
Cookie
affiliateid=3165093916; path=%2F=refcookie; tid=8343e6e4-e75a-11e8-a859-8dc9d6521403; refcookie=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780=path
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Via
1.1 varnish
Server
Apache/2.4.34
Age
0 0
X-Frame-Options
SAMEORIGIN
X-Served-By
cache-fra19144-FRA
Vary
User-Agent
X-Cache
MISS
Content-Type
image/gif
Cache-Control
private
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes bytes
X-Timer
S1542123658.269235,VS0,VE95
X-Cache-Hits
0
gtm.js
www.googletagmanager.com/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PS3MMNK
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
41ad635507c32092177b6678e22290221a0cfaa9d8f2f4a3bb2af4000c644303
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:58 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
28774
x-xss-protection
1; mode=block
expires
Tue, 13 Nov 2018 15:40:58 GMT
5b68c1a5b76a5a602116f0bb
api.pushnami.com/scripts/v1/pushnami-adv/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/5b68c1a5b76a5a602116f0bb
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.223.99 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-223-99.fra56.r.cloudfront.net
Software
/
Resource Hash
12da04d346a5b3575f87982754646c1ab2332d86369092b98f1d42fddcf2d279

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:32:14 GMT
content-encoding
gzip
age
524
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache
x-amz-cf-id
JKG1gfit0UyPhnkYE7xZe0SdlR8HXbvGdWv3WsWm3qYoTfTdvPK9LQ==
via
1.1 c735fa223fb16fb135c387781f0fadf6.cloudfront.net (CloudFront)
conversion_async.js
www.googleadservices.com/pagead/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-2349802-20
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.58.214.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s09-in-f2.1e100.net
Software
cafe /
Resource Hash
1a7d8ac09be6eac4399f0f231cc1994e8ee1c7ecc349b0c8d75b23e4486b51ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8739
x-xss-protection
1; mode=block
server
cafe
etag
10852258307701183158
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 13 Nov 2018 15:40:58 GMT
background_bg.png
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/background_bg.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
right_border.png
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/right_border.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
hero_main_bg.jpg
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/hero_main_bg.jpg
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
time_icon.png
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/time_icon.png
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_cJD3gnD_vx3rCs.woff2
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700
Origin
https://www.freelotto.com

Response headers

date
Mon, 05 Nov 2018 09:21:15 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:24:26 GMT
server
sffe
age
713983
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13080
x-xss-protection
1; mode=block
expires
Tue, 05 Nov 2019 09:21:15 GMT
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700
Origin
https://www.freelotto.com

Response headers

date
Tue, 06 Nov 2018 22:59:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:24:13 GMT
server
sffe
age
578506
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13248
x-xss-protection
1; mode=block
expires
Wed, 06 Nov 2019 22:59:12 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v12/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
0d18b4bafb15e54b797456bb5688463e8a302996a32273efb4ab1de84a91fb92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700
Origin
https://www.freelotto.com

Response headers

date
Sat, 10 Nov 2018 08:44:40 GMT
x-content-type-options
nosniff
last-modified
Tue, 07 Nov 2017 15:24:46 GMT
server
sffe
age
284178
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13092
x-xss-protection
1; mode=block
expires
Sun, 10 Nov 2019 08:44:40 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/997036998/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/997036998/?random=1542123658261&cv=9&fst=1542123658261&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2ouas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&ref=https%3A%2F%2Fbgrh.hrjidi.company%2F%3F%3D%26campaign_id%3D1228%26cntrl%3D00000%26gsid%3D488%26hid%3Dgmiwmgmgiwskkw%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780%26p_id%3D2348%26pid%3D2348%26redid%3D74651%26sov%3D3165093916&tiba=FreeLotto%20TV%20Sweepstakes&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
db2ee4d6b819343dd30a010a3a33b63fda3b8cb20d91df825c99a553e32df27c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Nov 2018 15:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
1152
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
freelotto.jsp
www.upsellit.com/active/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/active/freelotto.jsp
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS3MMNK
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.62.70 Los Angeles, United States, ASN7296 (ALCHEMYNET - Alchemy Communications, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
fc4ce7519c63682e7649ca4c2dad600909df52d4b2f753b2494dc6d864b29ddb

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript;charset=ISO-8859-1
Expires
Wed, 14 Nov 2018 15:40:58 GMT
analytics.js
www.google-analytics.com/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS3MMNK
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
6378
date
Tue, 13 Nov 2018 13:54:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17301
expires
Tue, 13 Nov 2018 15:54:40 GMT
hotjar-985137.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-985137.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PS3MMNK
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.100.185 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-17
Software
/
Resource Hash
7c963d84d9e02100ad75a925a6113cc5c333342ee26d53acf6318d4f7ffd7398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
etag
W/d7a810fbdfa7c2e3e8920c5186bc408a
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.046
section-io-origin-status
304
accept-ranges
bytes
section-io-id
80da1f6e32681c50dd4cd7fb00faa257
content-length
1402
/
www.google.com/pagead/1p-user-list/997036998/ 		42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/997036998/?random=1542123658261&cv=9&fst=1542121200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2ouas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&ref=https%3A%2F%2Fbgrh.hrjidi.company%2F%3F%3D%26campaign_id%3D1228%26cntrl%3D00000%26gsid%3D488%26hid%3Dgmiwmgmgiwskkw%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780%26p_id%3D2348%26pid%3D2348%26redid%3D74651%26sov%3D3165093916&tiba=FreeLotto%20TV%20Sweepstakes&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2132952434&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Nov 2018 15:40:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/997036998/ 		42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/997036998/?random=1542123658261&cv=9&fst=1542121200000&num=1&bg=ffffff&guid=ON&eid=659255991&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&data=event%3Dgtag.config&gtm=2ouas3&sendb=1&frm=0&url=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&ref=https%3A%2F%2Fbgrh.hrjidi.company%2F%3F%3D%26campaign_id%3D1228%26cntrl%3D00000%26gsid%3D488%26hid%3Dgmiwmgmgiwskkw%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780%26p_id%3D2348%26pid%3D2348%26redid%3D74651%26sov%3D3165093916&tiba=FreeLotto%20TV%20Sweepstakes&async=1&fmt=3&crd=CITQGw&cdct=2&is_vtc=1&random=2132952434&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c00::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Nov 2018 15:40:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=465999842&t=pageview&_s=1&dl=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&dr=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D316509...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_gid=1243800325.1542123658&gjid=1669957939&_v=j71&z=122339603
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603&slf_rd=1&random=3517382334
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603&slf_rd=1&random=3517382334
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:400c:c00::5e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Nov 2018 15:40:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Nov 2018 15:40:58 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2349802-20&cid=931624274.1542123658&jid=1379708922&_v=j71&z=122339603&slf_rd=1&random=3517382334
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_US/ 		182 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
aa75e3445742a09fc75763f033ec1d068fcb2361b6525c5a8fcd3b1d0e6eba30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-type-options
nosniff
content-md5
AwLvXJGt2FWFT9a0Fl/wFw==
status
200
content-length
186538
x-xss-protection
0
x-fb-debug
skPHE7l0O7ybRE1v87BUqqPYM9k60y+zjq/TplpXANrVzDxTO40i+YXvY6AnxkCXZN4NBGmveZg4hxy1VXYGWQ==
x-fb-content-md5
0302ef5c91add855854fd6b4165ff017
date
Tue, 13 Nov 2018 15:40:59 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b5154d5acf4a64b45fcab168c7801bdb"
timing-allow-origin
*
expires
Tue, 13 Nov 2018 15:41:09 GMT
timing
timing.freelotto.com/ 		0
163 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://timing.freelotto.com/timing?skin=TVpromo-Blue&evt=load&duration=1185
Requested by
Host: www.freelotto.com
URL: https://www.freelotto.com/register/TVpromo-Blue
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
216.74.184.61 Fulton, United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS - Savvis, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
timing.freelotto.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.freelotto.com/register/TVpromo-Blue
Cookie
_ga=GA1.2.931624274.1542123658; _gid=GA1.2.1243800325.1542123658; _gat_UA-2349802-20=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:40:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Content-Type
text/css
test_right_bg.png
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/test_right_bg.png
Requested by
Host: f-pinid.a.ssl.fastly.net
URL: https://f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/jquery.min.87884-ssl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
test_left_bg.png
f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/ 		0
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/freelotto_landingpage/test_left_bg.png
Requested by
Host: f-pinid.a.ssl.fastly.net
URL: https://f-pinid.a.ssl.fastly.net/xmljs/register/TVpromo-Blue/jquery.min.87884-ssl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.120.249 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://f-pinid.a.ssl.fastly.net/css/reg/TVpromo-Blue/page1.87884-ssl.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=UTF-8
modules-ecfaedf68407a4ee43917b9c71b23cf2.js
script.hotjar.com/ 		399 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules-ecfaedf68407a4ee43917b9c71b23cf2.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-985137.js?sv=5
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.117 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-18
Software
/
Resource Hash
4a9a8b8af3790a49a3ebbd1415e79e255e5f9b5c8881622c2a7894e2713ad533
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
last-modified
Tue, 13 Nov 2018 13:04:47 GMT
etag
W/"ecfaedf68407a4ee43917b9c71b23cf2"
status
200
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.041
accept-ranges
bytes
section-io-id
e50c3eff37cde011f1992c2a4595cf94
content-length
82210
rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
vars.hotjar.com/ Frame 3417 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-985137.js?sv=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.33.209 , Switzerland, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-13
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/rcj-da10bd4908deb9e19dfde013ec3fe4ff.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.freelotto.com/register/TVpromo-Blue
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.freelotto.com/register/TVpromo-Blue

Response headers

status
200
date
Tue, 13 Nov 2018 15:40:58 GMT
content-type
text/html
content-length
857
cache-control
max-age=31536000
last-modified
Fri, 09 Nov 2018 16:30:32 GMT
section-io-origin-status
200
section-io-origin-time-seconds
0.042
etag
W/"da10bd4908deb9e19dfde013ec3fe4ff"
content-encoding
gzip
accept-ranges
bytes
section-io-id
ca0149f35bb93d721153dad457afd994
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1824661671128573&ev=fb_page_view&dl=https%3A%2F%2Fwww.freelotto.com%2Fregister%2FTVpromo-Blue&rl=https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780&if=false&ts=1542123659431&sw=1600&sh=1200
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 13 Nov 2018 15:40:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Tue, 13 Nov 2018 15:40:59 GMT
__Bz3h5RzMx.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame F857 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/__Bz3h5RzMx.js?version=43
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.freelotto.com/register/TVpromo-Blue
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.freelotto.com/register/TVpromo-Blue

Response headers

status
200
expires
Wed, 13 Nov 2019 07:07:16 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
x-fb-debug
zgU5PUOon72tKx21RFkVQth84b4G3UgtLD2TmIbsE4R1rhPzmnlogRR+a6hpZzd8lpExVYB/Bps8wdl2HkMmBA==
content-length
39369
date
Tue, 13 Nov 2018 15:40:59 GMT
view.jsp
www.upsellit.com/ 		53 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.upsellit.com/view.jsp?hash=GZJwrfQg5FTbXgMjf4qCG0W&siteID=21700&keys=desktop_video
Requested by
Host: www.upsellit.com
URL: https://www.upsellit.com/active/freelotto.jsp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
208.118.62.70 Los Angeles, United States, ASN7296 (ALCHEMYNET - Alchemy Communications, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
5e9791bb1491111a520bd88a35c91bc1baef79dc39e7b8b36cf59f4e9e8263c5

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:41:00 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Tue, 13 Nov 2018 16:41:00 GMT
spacer.gif
upsellit.turbobytes.net/images/ 		43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upsellit.turbobytes.net/images/spacer.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7f68affba3f1c780f877960c7ee3e441309078b41043d35501e2eda8f7fde683

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:41:00 GMT
Last-Modified
Tue, 27 Oct 2009 02:17:28 GMT
ETag
"1256609848"
X-HW
1542123660.dop033.fr8.t,1542123660.cds055.fr8.shn,1542123660.dop033.fr8.t,1542123660.cds078.fr8.c
Content-Type
image/gif
Cache-Control
max-age=2565271
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
freelotto-TT-pt1.png
upsellit.turbobytes.net/chatskins/946/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upsellit.turbobytes.net/chatskins/946/freelotto-TT-pt1.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
7fc8827d17e85186b81a23749ad576858660821fe7c8ffbfcd8d8f4d9994bf85

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 13 Nov 2018 15:41:00 GMT
Last-Modified
Tue, 07 Aug 2018 21:16:05 GMT
ETag
"1533676565"
X-HW
1542123660.dop002.fr8.t,1542123660.cds010.fr8.shn,1542123660.dop002.fr8.t,1542123660.cds076.fr8.c
Content-Type
image/png
Cache-Control
max-age=2565359
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6873
freelotto-TT-V2.mp4
upsellit.turbobytes.net/chatskins/946/ 		0
0
freelotto-TT-V2.mp4
upsellit.turbobytes.net/chatskins/946/ 		907 KB
907 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://upsellit.turbobytes.net/chatskins/946/freelotto-TT-V2.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
22806efd208cbb9726b83c791ffbac56f47fa80451d544284c30d5f6056fc48b

Request headers

Referer
https://www.freelotto.com/register/TVpromo-Blue
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Tue, 13 Nov 2018 15:41:00 GMT
Last-Modified
Tue, 07 Aug 2018 21:16:04 GMT
ETag
"1533676564"
X-HW
1542123660.dop002.fr8.t,1542123660.cds107.fr8.shn,1542123660.dop002.fr8.t,1542123660.cds017.fr8.c
Content-Type
video/mp4
Content-Range
bytes 0-928401/928402
Cache-Control
max-age=59687
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
928402

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
upsellit.turbobytes.net
URL
https://upsellit.turbobytes.net/chatskins/946/freelotto-TT-V2.mp4

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| FL function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings object| pushWrap undefined| o object| Pushnami object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData function| recordTime function| getBlurTime object| params object| games function| flip function| drawlabel function| drawcheck function| checkReload function| checkTop function| checkPIN function| checksForGame function| addCB function| remCB function| cbClick function| qp function| checkNumsForSubmit function| checkCCNum function| checkCVV function| checkSubmitCookie function| updateSubmitCookie function| checkCCSubmit function| regPage7083Submit function| regPageSubmit object| TokenEx function| cvvpop function| whyphonepop function| errormsg boolean| isIE function| loadZipDoc function| loadDoc function| loadDocPageLoad function| processZip function| show_errors string| fluent_gate boolean| bool_reg object| hjSiteSettings function| hjBootstrap function| hasOwnProperty object| usi_commons object| usi_cookies object| usi_dom object| usi_data object| usi_url object| usi_app object| FB object| usi_js

7 Cookies

Domain/Path Name / Value
.freelotto.com/ Name: _gid
Value: GA1.2.1243800325.1542123658
.freelotto.com/ Name: _ga
Value: GA1.2.931624274.1542123658
www.freelotto.com/ Name: path
Value: %2F=refcookie
www.freelotto.com/ Name: refcookie
Value: https%3A%2F%2Fbgrh.hrjidi.company%2F%3Fsov%3D3165093916%26hid%3Dgmiwmgmgiwskkw%26%26cntrl%3D00000%26pid%3D2348%26redid%3D74651%26gsid%3D488%26campaign_id%3D1228%26p_id%3D2348%26id%3DXNSX.820803-r74651-t488%26impid%3D82c1f396-e75a-11e8-bb26-aa1f778d2780=path
.freelotto.com/ Name: _gat_UA-2349802-20
Value: 1
www.freelotto.com/ Name: tid
Value: 8343e6e4-e75a-11e8-a859-8dc9d6521403
www.freelotto.com/ Name: affiliateid
Value: 3165093916

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.freelotto.com/register/TVpromo-Blue(Line 279)
Message:
[object Object]
console-api log URL: https://www.freelotto.com/register/TVpromo-Blue(Line 255)
Message:
Load time: 1185

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pushnami.com
bgrh.hrjidi.company
cloud.typography.com
connect.facebook.net
email.precise.co.uk
f-pinid.a.ssl.fastly.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lnkd.in
mgsse.popularshieldredirect.com
script.hotjar.com
static.hotjar.com
staticxx.facebook.com
stats.g.doubleclick.net
timing.freelotto.com
upsellit.turbobytes.net
vars.hotjar.com
www.dwntwnblvd.com
www.facebook.com
www.freelotto.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
www.upsellit.com
upsellit.turbobytes.net
104.111.226.25
108.174.10.10
13.32.223.99
147.75.100.185
147.75.33.117
147.75.33.209
151.101.1.94
151.101.120.249
185.35.138.117
191.101.34.152
205.185.216.42
208.118.62.70
216.58.214.34
216.74.184.61
2a00:1450:4001:80b::2002
2a00:1450:4001:821::2003
2a00:1450:4001:821::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c00::5e
2a00:1450:400c:c0a::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
52.25.253.172
72.11.150.236
0d18b4bafb15e54b797456bb5688463e8a302996a32273efb4ab1de84a91fb92
0db59a840af37a4bc7f048af7f41cb37b0d64063eb95c1a5e3e052f892f196d2
0fd79fb45fb5cf3afad30cfe416afcee2bd043a80705448d1ef2e14959b3df7b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12da04d346a5b3575f87982754646c1ab2332d86369092b98f1d42fddcf2d279
1a7d8ac09be6eac4399f0f231cc1994e8ee1c7ecc349b0c8d75b23e4486b51ba
2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f
22806efd208cbb9726b83c791ffbac56f47fa80451d544284c30d5f6056fc48b
24c1a12071871dc647da53558f1d9732b907b1f2be19f1454db27c38d0af2b1f
311c3027ac43e1eb35aefbbfc1cea352a3c7e84805af787fbc1def925944e7f9
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3bb1a483137edb19ae77d0ba0c427093ed31e1de755090ce76c8fab2c18faed1
41ad635507c32092177b6678e22290221a0cfaa9d8f2f4a3bb2af4000c644303
44ccada0a5aecd8b127f414b8d711433010f3d71419b08d73380c9e38a2a1f53
49f1b84f50243e2aaab445496e0517eb51db72043eb6fc141159360b06d19ef3
4a9a8b8af3790a49a3ebbd1415e79e255e5f9b5c8881622c2a7894e2713ad533
4aa494491aad7a4268ef6ac7e77a04ae87000159206ed2c924bb2c6c408d05f0
4b8f619be871bb212a1b9f2662ff2edb07c3e1536f109f98043a4ef6c1f50fee
4e53e37c11b43ca3e8021182900a3391980faf1fc5d4266bc14ef69af5a293fd
5020f9d081f69c633339c8072439478d4ff2f215acb3a1db79703dc2cba56a0e
50e7e16fa947036ed479023375a7a44597c72dcc780c110ddb87a28cfa7fd16c
5137b3423fd41a8451d33158dde05b8f00fa2d9e6d85b447b2566ace9651353b
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
531c6d1a15bda17c571eaa96f28fa87fa3fb65fd2cfaf9b623ab86d7577d44c9
5e9791bb1491111a520bd88a35c91bc1baef79dc39e7b8b36cf59f4e9e8263c5
6a2b6237efe01646b83cf1b4b6f6ebf8e568179648abaeac96990230910c260f
7c963d84d9e02100ad75a925a6113cc5c333342ee26d53acf6318d4f7ffd7398
7e637ba8e32e25c0376221ad92c1e54ae04414d1c551e882fb629c73e3475f9a
7f68affba3f1c780f877960c7ee3e441309078b41043d35501e2eda8f7fde683
7fc8827d17e85186b81a23749ad576858660821fe7c8ffbfcd8d8f4d9994bf85
81c9b77c66ca2f8233c2603a7e2d47e38c219c73171cc202c64788eacc0cfe89
8561a549fc2cc9a356ead2511e8d5737937829db28858ab8a10cae0bf40cb3a5
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
8e70271e820678b01c95be5c400e032483032916833ffa06abbade1be7a2e0dc
90d1c2a82a1cb7109928b5b4852cb80fda02c74b5e8ff16a3f758cc5e659d3c6
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
aa75e3445742a09fc75763f033ec1d068fcb2361b6525c5a8fcd3b1d0e6eba30
b597992889ffaab79edf11891ddf4b537a3faa13026dfe232d37243c786f769a
bae9d76f63b0ae56a2cd922ede41dce72f454482a1825b1b3c18df7f0a0c544c
c48789f1b49bf24638fab122ee8b340f7526e3194ceee9df00540e1f6e50a08b
c564e14dff6a51b274329eb107011a61709e654729726aee24e706f0487f9e3b
d30ac65be64e5d94baa3bf006ee18f061457f23886241151a5c2c68cd3f621d3
db2ee4d6b819343dd30a010a3a33b63fda3b8cb20d91df825c99a553e32df27c
e0484942b59fa152263d7de82c1781ad1a6e620f5ffedbe0802129c1e89752dd
e295e88499bfef9a25b46b93394cb13b6d314a10bf183222aa2ba251e20db075
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66a22cdc3904631e08fc7bb7ffa07f7afaf8266a74fb653c87468a9f199044e
ee9681895a6ff86073dc3f1c49285bc04c9b677d86b036e446255b19484cbc8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd03b0d726d18465de44b4bcbe6ada589e6d4cd28c022efda2b23ff2db80060
f2f092eceb9dbfc3b79c0b02512f8f0b96a76b1b482fb432f468802b3164d5c8
fc4ce7519c63682e7649ca4c2dad600909df52d4b2f753b2494dc6d864b29ddb