www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://valottery.com/
Effective URL:
https://www.valottery.com/
Submission Tags: tranco_l324
Submission: On November 11 via api (November 11th 2021, 7:01:29 am UTC) from DE — Scanned from DE

Summary HTTP 220 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 52 IPs in 7 countries across 45 domains to perform 220 HTTP transactions. The main IP is 52.168.86.34, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.valottery.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 17th 2021. Valid for: a year.

This is the only time www.valottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47 111	52.168.86.34 52.168.86.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	8.43.83.17 8.43.83.17	394729 (NPIASN) (NPIASN)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
34	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
3	151.101.66.65 151.101.66.65	54113 (FASTLY) (FASTLY)
2 5	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	18.66.139.43 18.66.139.43	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3031::ac43:91b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
2	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6812:a4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	104.18.12.251 104.18.12.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.58.68.120 52.58.68.120	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.97 13.225.78.97	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	52.50.112.189 52.50.112.189	16509 (AMAZON-02) (AMAZON-02)
2	54.85.189.129 54.85.189.129	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
16 22	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4264:c62f:533:271f:3e7e	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	3.120.154.132 3.120.154.132	16509 (AMAZON-02) (AMAZON-02)
1 1	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
2	52.222.214.6 52.222.214.6	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	3.225.136.82 3.225.136.82	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
12	162.247.243.148 162.247.243.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.43.83.18 8.43.83.18	394729 (NPIASN) (NPIASN)
3	93.184.220.43 93.184.220.43	15133 (EDGECAST) (EDGECAST)
1	2620:1ec:bdf::45 2620:1ec:bdf::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
220	52

111 52.168.86.34 (Washington, United States) 47 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.43.83.17 (United States)

ASN394729 (NPIASN, US)

gamesrv1.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.65 (United States)

ASN54113 (FASTLY, US)

www.zmbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8930728.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6528888.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.139.43 (United States)

ASN16509 (AMAZON-02, US)

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:91b0 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:a4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:c05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.251 (None, )

ASN13335 (CLOUDFLARENET, US)

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.68.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-68-120.eu-central-1.compute.amazonaws.com

77148.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net

tag.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.112.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-112-189.eu-west-1.compute.amazonaws.com

content.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-aeui1.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.85.189.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-189-129.compute-1.amazonaws.com

pixel.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.184 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:c62f:533:271f:3e7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.154.132 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-154-132.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.136.236 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-6.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.136.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-136-82.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.247.243.148 (United States)

ASN13335 (CLOUDFLARENET, US)

insights-collector.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.83.18 (United States)

ASN394729 (NPIASN, US)

info.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)

mediacdn.espssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

videocdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
128	valottery.com 47 redirects valottery.com www.valottery.com cdn.valottery.com gamesrv1.valottery.com info.valottery.com videocdn.valottery.com	2 MB
34	gamesrv1.com download.gamesrv1.com	2 MB
25	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	18 KB
12	newrelic.com insights-collector.newrelic.com	3 KB
9	doubleclick.net 5 redirects 8930728.fls.doubleclick.net 6528888.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
8	gstatic.com fonts.gstatic.com	138 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	uplynk.com content.uplynk.com content-aeui1.uplynk.com	3 KB
4	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	4 KB
4	foresee.com gateway.foresee.com	82 KB
4	listrakbi.com cdn.listrakbi.com s1.listrakbi.com m1.listrakbi.com	66 KB
3	espssl.com mediacdn.espssl.com	62 KB
3	google.de 1 redirects www.google.de adservice.google.de	1 KB
3	samba.tv tag.mtrcs.samba.tv pixel.mtrcs.samba.tv	5 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	zmbl.co www.zmbl.co	24 KB
3	googletagmanager.com www.googletagmanager.com	200 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	pro-market.net 2 redirects fei.pro-market.net	876 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	957 B
2	tapad.com 1 redirects pixel.tapad.com	884 B
2	facebook.com www.facebook.com	442 B
2	adsrvr.org insight.adsrvr.org	521 B
2	facebook.net connect.facebook.net	113 KB
2	jquery.com code.jquery.com	97 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googleadservices.com 1 redirects www.googleadservices.com	630 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	lijit.com ce.lijit.com	348 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	siteimproveanalytics.io 77148.global.siteimproveanalytics.io	650 B
1	listrak.com services.listrak.com	3 KB
1	media6degrees.com action.media6degrees.com	189 B
1	dstillery.com 1 redirects action.dstillery.com	296 B
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
220	45

	Domain	Requested by
110	www.valottery.com	46 redirects www.valottery.com cdn.valottery.com
34	download.gamesrv1.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
22	um.simpli.fi	16 redirects 8930728.fls.doubleclick.net
12	insights-collector.newrelic.com	download.gamesrv1.com
10	gamesrv1.valottery.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
8	fonts.gstatic.com	fonts.googleapis.com
5	cdn.valottery.com	www.valottery.com
4	ib.adnxs.com	2 redirects 8930728.fls.doubleclick.net
4	gateway.foresee.com	www.valottery.com gateway.foresee.com
4	fonts.googleapis.com	www.valottery.com download.gamesrv1.com client
3	mediacdn.espssl.com	ajax.googleapis.com mediacdn.espssl.com
3	content-aeui1.uplynk.com	cdn.valottery.com
3	6528888.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.google-analytics.com	www.googletagmanager.com www.valottery.com
3	www.zmbl.co	www.valottery.com www.zmbl.co
3	www.googletagmanager.com	www.valottery.com www.googletagmanager.com download.gamesrv1.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects 8930728.fls.doubleclick.net
2	sync.search.spotxchange.com	1 redirects 8930728.fls.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects 8930728.fls.doubleclick.net
2	loadm.exelator.com	1 redirects 8930728.fls.doubleclick.net
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	8930728.fls.doubleclick.net
2	pixel.tapad.com	1 redirects 8930728.fls.doubleclick.net
2	www.facebook.com	www.valottery.com
2	pixel.mtrcs.samba.tv	tag.mtrcs.samba.tv 8930728.fls.doubleclick.net
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	www.google.de	www.valottery.com 8930728.fls.doubleclick.net
2	www.google.com	1 redirects www.valottery.com
2	adservice.google.com	8930728.fls.doubleclick.net 6528888.fls.doubleclick.net
2	tag.simpli.fi	8930728.fls.doubleclick.net
2	insight.adsrvr.org	8930728.fls.doubleclick.net 6528888.fls.doubleclick.net
2	a.tribalfusion.com	1 redirects 8930728.fls.doubleclick.net
2	connect.facebook.net	www.valottery.com connect.facebook.net
2	8930728.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	cdn.listrakbi.com	www.valottery.com cdn.listrakbi.com
2	code.jquery.com	www.valottery.com
2	maxcdn.bootstrapcdn.com	www.valottery.com maxcdn.bootstrapcdn.com
1	m1.listrakbi.com	cdn.listrakbi.com
1	videocdn.valottery.com
1	info.valottery.com	download.gamesrv1.com
1	pixel.rubiconproject.com	8930728.fls.doubleclick.net
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	8930728.fls.doubleclick.net
1	ce.lijit.com	8930728.fls.doubleclick.net
1	stags.bluekai.com	8930728.fls.doubleclick.net
1	sync.bfmio.com	8930728.fls.doubleclick.net
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	8930728.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	i.simpli.fi	tag.simpli.fi
1	content.uplynk.com	cdn.valottery.com
1	tag.mtrcs.samba.tv	8930728.fls.doubleclick.net
1	77148.global.siteimproveanalytics.io	www.valottery.com
1	services.listrak.com	cdn.listrakbi.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	action.media6degrees.com	8930728.fls.doubleclick.net
1	action.dstillery.com	1 redirects
1	s1.listrakbi.com	cdn.listrakbi.com
1	extend.vimeocdn.com	www.valottery.com
1	siteimproveanalytics.com	www.valottery.com
1	ajax.googleapis.com	www.valottery.com
1	valottery.com	1 redirects
220	65

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-17` - `2022-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
cdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-30` - `2022-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.valottery.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-02-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2021-09-18` - `2022-08-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.listrakbi.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.zmbl.co COMODO RSA Domain Validation Secure Server CA	`2020-05-11` - `2022-02-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
foresee.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-20` - `2021-11-18`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
listrak.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
*.samba.tv Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.uplynk.com Amazon	`2021-08-19` - `2022-09-17`	a year	crt.sh
*.newrelic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-26` - `2022-03-29`	a year	crt.sh
s3.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-10-30` - `2021-11-30`	a year	crt.sh
videocdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-30` - `2022-07-30`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.valottery.com/
Frame ID: F94780BCB319A95DDAD233DB93397599
Requests: 158 HTTP requests in this frame

Frame: https://www.valottery.com/live_draw_show/index.html
Frame ID: 991E48CF8889E562343974A09CFB7E54
Requests: 11 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 43E07DB49077D4ECC45C57820928D2DD
Requests: 34 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: C7240B87587C96A89D6EA2068EB2E6F7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 3C813729410EEDC005221411839158B2
Requests: 1 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 5F5D22C7790FF2F690E9CC6021A3C3B3
Requests: 2 HTTP requests in this frame

Frame: https://download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame/index.html
Frame ID: CCDD0D0EE8C1234C88259D696837EE33
Requests: 2 HTTP requests in this frame

Frame: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd
Frame ID: 0A6C72D67B0FED1BE02EB59E87D0C802
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virginia Lottery - Play Games and Check Winning Numbers

Page URL History Show full URLs

http://valottery.com/ HTTP 307
https://www.valottery.com/ Page URL

Page Statistics

220
Requests

69 %
HTTPS

38 %
IPv6

45
Domains

65
Subdomains

52
IPs

7
Countries

4479 kB
Transfer

12216 kB
Size

51
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/valottery

Search URL Search Domain Scan URL

URL: https://twitter.com/VirginiaLottery

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VirginiaLottery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/virginia-lottery

Search URL Search Domain Scan URL

URL: https://www.instagram.com/virginialottery/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/virginia-lottery-official-app/id1409781643?ls=1&version=App-Version-3.0.7&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.va.lottery&version=App-Version-4.0.0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://valottery.com/ HTTP 307
https://www.valottery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

Request Chain 15

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

Request Chain 16

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E

Request Chain 17

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

Request Chain 18

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

Request Chain 19

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

Request Chain 20

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

Request Chain 21

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

Request Chain 22

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

Request Chain 23

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295 HTTP 307
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

Request Chain 24

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9 HTTP 307
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

Request Chain 25

https://www.valottery.com/-/media/VAL/Images/Promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356 HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

Request Chain 26

https://www.valottery.com/-/media/VAL/Images/Promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

Request Chain 27

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71 HTTP 307
https://www.valottery.com/-/media/val/images/promos/holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71

Request Chain 28

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday-Cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D HTTP 307
https://www.valottery.com/-/media/val/images/promos/holiday-cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D

Request Chain 29

https://www.valottery.com/-/media/VAL/Images/Promos/Schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1 HTTP 307
https://www.valottery.com/-/media/val/images/promos/schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1

Request Chain 30

https://www.valottery.com/-/media/VAL/Images/Promos/Big-Wins/BMJ-Katherine-Rhind-Promo-Circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47 HTTP 307
https://www.valottery.com/-/media/val/images/promos/big-wins/bmj-katherine-rhind-promo-circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47

Request Chain 45

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0

Request Chain 46

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903

Request Chain 47

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448

Request Chain 48

https://www.valottery.com/-/media/VAL/Images/Promos/Precious-Metals/blockpromo_2ndChance_Sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E HTTP 307
https://www.valottery.com/-/media/val/images/promos/precious-metals/blockpromo_2ndchance_sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E

Request Chain 49

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Blocks/blockpromo_PiratesQuest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5 HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-blocks/blockpromo_piratesquest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5

Request Chain 50

https://www.valottery.com/-/media/VAL/Images/Promos/Interstitials/PowerHours_InterstitialCBT.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5 HTTP 307
https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5

Request Chain 51

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

Request Chain 52

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

Request Chain 53

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

Request Chain 54

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

Request Chain 55

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

Request Chain 56

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C& HTTP 307
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Request Chain 57

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx HTTP 307
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Request Chain 66

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx HTTP 307
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Request Chain 75

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 77

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 82

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/swapImageDesktop_VikingVoyage_wCTA.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/swapimagedesktop_vikingvoyage_wcta.ashx

Request Chain 83

https://www.valottery.com/api/v1/drawgames/15/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/15/nextdrawing

Request Chain 84

https://www.valottery.com/api/v1/drawgames/20/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/20/nextdrawing

Request Chain 85

https://www.valottery.com/api/v1/drawgames/1070/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

Request Chain 86

https://www.valottery.com/api/v1/drawgames/1065/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

Request Chain 87

https://www.valottery.com/api/v1/drawgames/1030/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

Request Chain 88

https://www.valottery.com/api/v1/drawgames/1040/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

Request Chain 89

https://www.valottery.com/api/v1/drawgames/1050/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

Request Chain 95

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 119

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_C5-EZMatch-229x95.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

Request Chain 120

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/150x45/bankamillion.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

Request Chain 121

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

Request Chain 122

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

Request Chain 133

https://adservice.google.de/ddm/fls/i/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 134

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=65A944C95FC747A1900F9568DE63C360

Request Chain 135

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360

Request Chain 136

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://d.agkn.com/pixel/10751/?che=1636614082&ip=136.243.198.81&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165010803967000060067 HTTP 302
https://um.simpli.fi/aa_px?sk=165010803967000060067

Request Chain 138

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=65A944C95FC747A1900F9568DE63C360

Request Chain 141

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=65A944C95FC747A1900F9568DE63C360;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=65A944C95FC747A1900F9568DE63C360;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-3199631009391096470

Request Chain 142

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0&xl8blockcheck=1

Request Chain 144

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=65A944C95FC747A1900F9568DE63C360

Request Chain 145

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=65A944C95FC747A1900F9568DE63C360

Request Chain 146

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360

Request Chain 147

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=65A944C95FC747A1900F9568DE63C360

Request Chain 148

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=65A944C95FC747A1900F9568DE63C360

Request Chain 149

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1636614081944&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=wb-MYfqtPJHXx_AP6P-5kA0&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wb-MYfqtPJHXx_AP6P-5kA0&cid=CAQSKQCNIrLMivLdPC5Cy6plLhFnaY6XTL6zwntxO_xK_8-ZXrMf51bM9aU3&random=4054250447 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wb-MYfqtPJHXx_AP6P-5kA0&cid=CAQSKQCNIrLMivLdPC5Cy6plLhFnaY6XTL6zwntxO_xK_8-ZXrMf51bM9aU3&random=4054250447&ipr=y&prhg=0

Request Chain 150

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360&__user_check__=1&sync_id=2d87f23f-42bd-11ec-8d47-1ac857eb0406

Request Chain 151

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=65A944C95FC747A1900F9568DE63C360 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D65A944C95FC747A1900F9568DE63C360

Request Chain 152

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=65A944C95FC747A1900F9568DE63C360&expires=365

Request Chain 153

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=65A944C95FC747A1900F9568DE63C360

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEGm3MRpdg5wHLq1_kGH-5I4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65A944C95FC747A1900F9568DE63C360 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 155

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%221602706635%22%2C%22th%22%3A9599983460%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aYmneM5AFKodIoUHBcXrbiUcFXVBTot6%22%2C%22url%22%3A%22https%3A%2F%2Fwww.valottery.com%2F%22%2C%22clientName%22%3A%22Virginia%2520Lottery%22%2C%22clientID%22%3A769933%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22VALotto%22%7D HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=8487561158213133000&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662303892153040

Request Chain 156

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

Request Chain 160

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

Request Chain 185

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/Powerball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

220 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.valottery.com/
Redirect Chain

http://valottery.com/
https://www.valottery.com/

155 KB
31 KB

741ms
540ms

Document
text/html

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c51a6b85e1bc07d017827c616a8b139c9eb85c111358255631b374029b016fd9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
content-length: 31227

Redirect headers

Content-Type: text/html; charset=UTF-8
Location: https://www.valottery.com/
Server
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Date: Thu, 11 Nov 2021 07:01:18 GMT
Content-Length: 149

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 49ms
18ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 07:01:19 GMT
server: ESF
date: Thu, 11 Nov 2021 07:01:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 07:01:19 GMT

GET
H2 200 bootstrap.min.css
www.valottery.com/dist/vendor/bootstrap/css/ 119 KB
19 KB 97ms
95ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 17:23:17 GMT
server
x-frame-options: SAMEORIGIN
etag: "8070b894b7fbd51:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19689
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-datepicker.standalone.min.css
www.valottery.com/dist/vendor/bootstrap-datepicker/css/ 16 KB
2 KB 97ms
95ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2214
x-xss-protection: 1; mode=block

GET
H2 200 video-js.min.css
www.valottery.com/dist/vendor/videojs/ 45 KB
13 KB 162ms
160ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/videojs/video-js.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 13687
x-xss-protection: 1; mode=block

GET
H2 200 styles.bundle.css
cdn.valottery.com/css/ 398 KB
31 KB 430ms
17ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/css/styles.bundle.css?cachebuster=20210830
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 906e71f52631575bbc2e2454a0db08cc2d50f509ec8d2a4263103148a8b25683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:19 GMT
content-encoding: br
x-azure-ref-originshield: 0V4WMYQAAAAADj0Gjqig3SJOKqQemAeGhQU1TMDRFREdFMTgwOAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: 2VZyLUlqTLxcQSMSX0xF1g==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 30 Aug 2021 15:10:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96BC84496C34F
x-azure-ref: 0wL+MYQAAAAA5eUUlcyuwR5fkq7Imk+6NWlJIRURHRTA4MTQANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 89d95f0b-d01e-0062-17c5-d57d0a000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 36ms
15ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617
age: 6845301
cdn-cachedat: 2021-08-02 15:28:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 18374a3871bc2e758de6de54beff4b1a
cf-ray: 6ac5a60e4f574315-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 common.css
www.valottery.com/neo/web/_webportal/css/ 1 KB
747 B 162ms
159ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/common.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "a748f4b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 662
x-xss-protection: 1; mode=block

GET
H2 200 top-bar.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 162ms
160ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/top-bar.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "e7bf5b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 968
x-xss-protection: 1; mode=block

GET
H2 200 cart-preview.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 188ms
186ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/cart-preview.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "2bcbf7b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 986
x-xss-protection: 1; mode=block

GET
H2 200 instant-game.css
www.valottery.com/neo/web/_webportal/css/ 3 KB
984 B 161ms
160ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/instant-game.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 19:28:43 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a7f07f4b4ed61:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 898
x-xss-protection: 1; mode=block

GET
H2 200 webportal.js Show response
www.valottery.com/neo/web/_webportal/ 20 KB
4 KB 187ms
186ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/webportal.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 09 Aug 2020 12:28:23 GMT
server
x-frame-options: SAMEORIGIN
etag: "80cd9592486ed61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:19 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4386
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mwc-app.js Show response
gamesrv1.valottery.com/MWC/ 65 KB
19 KB 644ms
103ms Script
application/javascript 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/MWC/mwc-app.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

0b830f41e86c2f3716287d09c699d6d402794926a96fe6e50107965a4721c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 27 Oct 2021 12:39:44 GMT
X-Powered-By: ASP.NET
ETag: "028e7b72fcbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Thu, 11 Nov 2021 07:01:20 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18453

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 41ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:19 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1636614079.dop165.fr8.t,1636614079.cds259.fr8.hn,1636614079.cds004.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 41ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:19 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1636614079.dop165.fr8.t,1636614079.cds259.fr8.hn,1636614079.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

12 KB
12 KB

129ms
129ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 17:47:22 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12351
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_pb_homepage_dropdown.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

3 KB
4 KB

103ms
103ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 05:39:59 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_PB_homepage_Dropdown.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3474
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 289
x-xss-protection: 1; mode=block

GET
H2

200

cash4life_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E

2 KB
2 KB

103ms
103ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:24 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Cash4Life_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1625
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=90BE1C2D9159FC50166F6C706F22F5AD68D9DE5E
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p3fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

7 KB
8 KB

103ms
103ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:17:56 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P3Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p4fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

8 KB
8 KB

104ms
104ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:18:48 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P4Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7864
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo-numberscards_c5-ezmatch.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

9 KB
9 KB

106ms
106ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:47 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo-numbersCards_C5-EZMatch.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9088
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 292
x-xss-protection: 1; mode=block

GET
H2

200

bankamillion_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

11 KB
12 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:23 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BankAMillion_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11716
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_keno_winningnumbers_midpage.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

4 KB
4 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 05:19:23 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_keno_winningNumbers_midPage.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3787
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 296
x-xss-protection: 1; mode=block

GET
H2

200

logo_rollingjackpot_winningnumbers.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

9 KB
9 KB

114ms
114ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 26 May 2019 08:51:06 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_rollingjackpot_winningnumbers.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9574
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 298
x-xss-protection: 1; mode=block

GET
H2

200

enter-tickets.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

321 B
418 B

117ms
117ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:31 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="enter tickets.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 321
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

online-play.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

292 B
388 B

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:14 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="online-play.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 292
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 265
x-xss-protection: 1; mode=block

GET
H2

200

desktoptopnavlogo202110121.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356
https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

6 KB
6 KB

121ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b120b16074e4bdf34ac5c84bd56800f0106d1362ae39b340902774698410c1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 21:03:49 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="desktoptopnavlogo202110121.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6016
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 286
x-xss-protection: 1; mode=block

GET
H2

200

footerlogo202110121.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D
https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

4 KB
5 KB

120ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

892a36bc18f47d47c7b086dcf1eed969fafe1792fff326604af4bb9911b65d2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 21:04:19 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="footerlogo202110121.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4599
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 278
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_holiday2021.ashx
www.valottery.com/-/media/val/images/promos/holiday/2021/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71
https://www.valottery.com/-/media/val/images/promos/holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71

30 KB
30 KB

213ms
213ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa9128474745c0432885515633094d0be322c0041dfdec24213d364e884b7c63

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 25 Oct 2021 21:44:12 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_holiday2021.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 30773
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/holiday/2021/bubblepromo_holiday2021.ashx?h=234&w=234&la=en&hash=7CF6B4E721D89C3692292FF7FD03587E2940DB71
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 292
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_holiday2021_2ndchance.ashx
www.valottery.com/-/media/val/images/promos/holiday-cheer-2nd-chance/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday-Cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D
https://www.valottery.com/-/media/val/images/promos/holiday-cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D

29 KB
30 KB

197ms
197ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/holiday-cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

412e1bb0cf61a37b776b51f894c512378e8b160edb678e47a972228cac9a6592

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 14:13:21 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_holiday2021_2ndchance.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 30135
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/holiday-cheer-2nd-chance/bubblepromo_holiday2021_2ndchance.ashx?h=234&w=234&la=en&hash=F740F56DB5802F24D9C17CA6B5168157E568A00D
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 314
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_veterans.ashx
www.valottery.com/-/media/val/images/promos/schedule/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1
https://www.valottery.com/-/media/val/images/promos/schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1

9 KB
9 KB

121ms
121ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3a58c93d49c5d0269b7ff1877632ad9bcdaf3b531318b0726af7cb65cad20ec1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 09 Nov 2021 15:12:58 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_veterans.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9451
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/schedule/bubblepromo_veterans.ashx?h=234&w=234&la=en&hash=4D8A040C25B5C7F8FC528EE7F240950910B163E1
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 285
x-xss-protection: 1; mode=block

GET
H2

200

bmj-katherine-rhind-promo-circle-v2.ashx
www.valottery.com/-/media/val/images/promos/big-wins/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Big-Wins/BMJ-Katherine-Rhind-Promo-Circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47
https://www.valottery.com/-/media/val/images/promos/big-wins/bmj-katherine-rhind-promo-circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47

29 KB
29 KB

219ms
219ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/big-wins/bmj-katherine-rhind-promo-circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7b82c7f3efbf61573b95f99f7feff4ea4e194f71f1c36df9254fa49eada774be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 09 Nov 2021 14:25:53 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BMJ-Katherine-Rhind-Promo-Circle-v2.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 29695
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/big-wins/bmj-katherine-rhind-promo-circle-v2.ashx?h=234&w=234&la=en&hash=637DF094C67FC6BF974BFC97DA7289BCFAC64A47
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3219_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3219/ 33 KB
33 KB 82ms
24ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3219/290x192_3219_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F13) / ASP.NET
Resource Hash: a34905132e8ee938a04d3b948347b2ad2a7f425a35afa0f5420e50bb271e65bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "db0597fe0cfd71:0"
last-modified: Tue, 02 Nov 2021 11:55:14 GMT
server: ECAcc (frc/8F13)
age: 241040
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 33350

GET
H2 200 ilottery_gamecard_flag_new.png
www.valottery.com/images/ilottery/ 3 KB
3 KB 138ms
128ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_new.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 20 May 2020 02:08:34 GMT
server
etag: "5e7a58914b2ed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3243
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3703_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3703/ 74 KB
74 KB 67ms
9ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3703/290x192_3703_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F08) / ASP.NET
Resource Hash: db30900985cb8da2aa3da0e65d333c22a82a4b7e7e6009dca70872e15851dea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "9cdd61bb3552d71:0"
last-modified: Wed, 26 May 2021 13:47:56 GMT
server: ECAcc (frc/8F08)
age: 180686
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 75328

GET
H2 200 290x192_1787_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/ 91 KB
92 KB 73ms
14ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/290x192_1787_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F41) / ASP.NET
Resource Hash: 37e5d96414f5d3dd3281e73cb2b1a4be0dd251e7a9a2978eac1cb9971790593c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "1ad02c970c4d71:0"
last-modified: Mon, 18 Oct 2021 09:14:44 GMT
server: ECAcc (frc/8F41)
age: 124531
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 93683

GET
H2 200 ilottery_gamecard_flag_featured.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 140ms
131ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_featured.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 14:49:15 GMT
server
etag: "35e1817ea7b6d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5036
x-xss-protection: 1; mode=block

GET
H2 200 290x192_1790_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1790/ 131 KB
131 KB 82ms
24ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1790/290x192_1790_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F15) / ASP.NET
Resource Hash: 0d4a3423e4be6f7c3a8b876b9fb41912206194953ea208a2bb98c75bb3351882

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "d9cce9a1ec7d61:0"
last-modified: Mon, 30 Nov 2020 13:42:11 GMT
server: ECAcc (frc/8F15)
age: 208939
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 134017

GET
H2 200 ilottery_gamecard_flag_progressive.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 143ms
134ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_progressive.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 19:31:06 GMT
server
etag: "19244786aabed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4904
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3215_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3215/ 77 KB
78 KB 81ms
24ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3215/290x192_3215_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6F) / ASP.NET
Resource Hash: 16216d2d481225790ac4f9f63deb73317c5e1769149350ec3d0765e31864fefe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "a11ba7735ecfd71:0"
last-modified: Mon, 01 Nov 2021 20:24:20 GMT
server: ECAcc (frc/8F6F)
age: 235700
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 79261

GET
H2 200 290x192_3218_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3218/ 74 KB
74 KB 81ms
23ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3218/290x192_3218_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FD7) / ASP.NET
Resource Hash: 648bf8f1b5ce7e53ad61091d82907a518e29e2e5c98fe3316c46d59cb88da407

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "e8e476573fa2d71:0"
last-modified: Sun, 05 Sep 2021 10:18:16 GMT
server: ECAcc (frc/8FD7)
age: 256588
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 76097

GET
H2 200 ilottery_gamecard_flag_popular.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 140ms
131ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_popular.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 16:21:32 GMT
server
etag: "80cbf83934b1d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4975
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3214_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3214/ 70 KB
70 KB 20ms
20ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3214/290x192_3214_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCF) / ASP.NET
Resource Hash: b139dd93f7c1f9e816dd6e25182efe6efc19c7f031325081c1e47ba6cab0c257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "a7b73197ac77d71:0"
last-modified: Tue, 13 Jul 2021 06:01:58 GMT
server: ECAcc (frc/8FCF)
age: 221217
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 71450

GET
H2 200 290x192_3213_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3213/ 73 KB
73 KB 19ms
18ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3213/290x192_3213_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F95) / ASP.NET
Resource Hash: b80bc30222d12c1cecbdf3836745a1cb363fe36e2f101fb27dc3964c41c202b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
etag: "fa2b84496342d71:0"
last-modified: Thu, 06 May 2021 10:33:43 GMT
server: ECAcc (frc/8F95)
age: 164368
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 74585

GET
H2 200 val-footer-logo.png
www.valottery.com/images/ilottery/ 4 KB
5 KB 104ms
96ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/val-footer-logo.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

892a36bc18f47d47c7b086dcf1eed969fafe1792fff326604af4bb9911b65d2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 01 Oct 2021 15:30:00 GMT
server
etag: "08c5f32d9b6d71:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4599
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 10:19:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Mon, 07 Nov 2022 10:19:53 GMT

GET
H2

200

icon_winningnumbers_balls.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0

2 KB
2 KB

114ms
113ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 22 Jan 2020 14:43:31 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="icon_winningNumbers_balls.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2187
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=7C84752751211A0B6AA9BFF1E3F6C488716D89A0
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 288
x-xss-protection: 1; mode=block

GET
H2

200

random-number-generator-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903

3 KB
3 KB

206ms
206ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:49:16 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="random-number-generator-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3356
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=23869F595CF9477163C557FC25F0D661DBC77903
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 290
x-xss-protection: 1; mode=block

GET
H2

200

find-a-retailer-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448

2 KB
2 KB

207ms
206ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:45:17 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="find-a-retailer-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2126
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=23E72777A755E656BEE7A4A3352101F3F2E2C448
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 282
x-xss-protection: 1; mode=block

GET
H2

200

blockpromo_2ndchance_sept2021.ashx
www.valottery.com/-/media/val/images/promos/precious-metals/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Precious-Metals/blockpromo_2ndChance_Sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E
https://www.valottery.com/-/media/val/images/promos/precious-metals/blockpromo_2ndchance_sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E

49 KB
49 KB

126ms
126ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/precious-metals/blockpromo_2ndchance_sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

53fe3acf9872fde751b6d8a7fa222b7200e2eaa45e81a38a45d57c3b9c295553

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 23 Aug 2021 22:31:06 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="blockpromo_2ndChance_Sept2021.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50343
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/precious-metals/blockpromo_2ndchance_sept2021.ashx?la=en&hash=F0C003311F572FBB4CD0C9DA23F4D323110CE37E
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 281
x-xss-protection: 1; mode=block

GET
H2

200

blockpromo_piratesquest.ashx
www.valottery.com/-/media/val/images/promos/instant-games/promo-blocks/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Blocks/blockpromo_PiratesQuest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-blocks/blockpromo_piratesquest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5

40 KB
40 KB

205ms
205ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/promo-blocks/blockpromo_piratesquest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

867aff97724966cb2d1ee4cec05a1254ebcced2e936748c2cff7597410938085

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 17:54:19 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="blockpromo_PiratesQuest.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 41027
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/promo-blocks/blockpromo_piratesquest.ashx?la=en&hash=A0494BA976135E0F875F41BF71AC8F885B7BA7A5
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 286
x-xss-protection: 1; mode=block

GET
H2

200

powerhours_interstitialcbt.ashx
www.valottery.com/-/media/val/images/promos/interstitials/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Interstitials/PowerHours_InterstitialCBT.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5
https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5

46 KB
46 KB

124ms
124ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f22202d5d46efe1f1a3ec66734e0866e3af063dcc41490c5ae55d34984c2c3e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 17:30:40 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="PowerHours_InterstitialCBT.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 47085
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=7FE585114E452FE6AD76751F88F2CE52E80BA7A5
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

facebook.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

3 KB
3 KB

124ms
124ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:11 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="facebook.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2935
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 268
x-xss-protection: 1; mode=block

GET
H2

200

twitter.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

3 KB
3 KB

122ms
122ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:00 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="twitter.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3034
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

youtube.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

3 KB
3 KB

181ms
180ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:50 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="youtube.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2927
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

linkedin_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

240 B
339 B

209ms
208ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2017 16:40:16 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="linkedin_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

instagram_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

341 B
441 B

181ms
180ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:36 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="instagram_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 341
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

53d8198ebdfc429a8260c2f200fe4fe7.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

3 KB
3 KB

189ms
189ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2019 15:32:43 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="apple_app.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2602
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 255
x-xss-protection: 1; mode=block

GET
H2

200

c646eb7c858a499db091d338bb81a3f3.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

4 KB
4 KB

181ms
180ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 12:43:52 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="google-play-badge.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3795
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 app.bundle.js Show response
cdn.valottery.com/jscript/ 1 MB
240 KB 18ms
18ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20211011
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d94055d3632e18740f1f177a959b229be3ca2b73d205e3f0518f568ee211183d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:19 GMT
content-encoding: br
x-azure-ref-originshield: 0VYWKYQAAAACXsHHL9sapTauGclxd9gKOQU1TMDRFREdFMTgyMQA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: XFk/jacfsAv8xoeQED2VfA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 16:48:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D98CD7062595B1
x-azure-ref: 0wL+MYQAAAAA/FDNCR2n4QpFyXCFz+1WdWlJIRURHRTA4MTQANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d2806282-701e-006f-6571-d59206000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 pulltorefresh.js Show response
www.valottery.com/assets/ 10 KB
3 KB 95ms
95ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/assets/pulltorefresh.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 16:56:35 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a3b9d0fd17d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2652
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 12 KB
6 KB 148ms
142ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&CurrencyCode=USD&IUA=neow&LNG=ENU&IP=&AR=&AFI=&GameVerticalID=&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd&cm=PLI&rst=j&uniqueNoCache=1636614080514

Requested by

Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

59059cee3381dbfb44d58f23647b24a441ab66209d5195f1b2e880409f1f76b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 4849
Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:20 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
71 KB 65ms
25ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57c846a3f781663e7ba73944e05d04644a6d24db82770a26e3463874d40970f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71715
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 07:01:20 GMT

GET
H2 200 index.html Show response
www.valottery.com/live_draw_show/ Frame 991E 959 B
755 B 95ms
95ms Document
text/html 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/live_draw_show/index.html

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 14:28:49 GMT
accept-ranges: bytes
etag: "a3b9bc156fe3d61:0"
vary: Accept-Encoding
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
content-length: 645

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 336ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 22:11:08 GMT
x-content-type-options: nosniff
age: 550212
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 22:11:08 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.valottery.com/dist/vendor/bootstrap/fonts/ 18 KB
18 KB 95ms
95ms Font
application/font-woff2 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
etag: "2ff67cb9a2c0d31:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:20 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 338ms
18ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 13:46:49 GMT
x-content-type-options: nosniff
age: 494071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 05 Nov 2022 13:46:49 GMT

GET
H2

200

sunburst_2.ashx
www.valottery.com/-/media/val/images/background-illustrations/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

242 KB
243 KB

104ms
104ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2017 19:22:16 GMT
server
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="sunburst_2.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 248152
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:20 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx
date: Thu, 11 Nov 2021 07:01:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 208
x-xss-protection: 1; mode=block

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 245ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:15:59 GMT
x-content-type-options: nosniff
age: 571521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:15:59 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 32ms
18ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 17443519
cdn-cachedat: 2021-04-23 11:02:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a53a510e4b77027b45e5caf016587c57
accept-ranges: bytes
cf-ray: 6ac5a6145ede5c1a-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 437.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/ 344 KB
118 KB 10ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) / ASP.NET
Resource Hash: 0d4b77e3842444dcb370502be6b39f5325615b2af5835c9f2d815892bbc4d317

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: gzip
etag: "05518b92fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:46 GMT
server: ECAcc (frc/8F49)
age: 1271257
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 120521

GET
H2 200 438.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/ 63 KB
27 KB 12ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/438.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3D) / ASP.NET
Resource Hash: 7b95c0b5754aadd62cafe5152ad69ced6481ba05f66eafa791f1743a129370cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: gzip
etag: "a9f19cb92fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:46 GMT
server: ECAcc (frc/8F3D)
age: 1268220
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 27289

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 185ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 32209
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 10 Nov 2022 22:04:31 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 326 KB
63 KB 181ms
126ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4eed6025a6c3fb552654d41c8f4dc7a1d1e1e2a08c380b394e03d840a2199322

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:01:21 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
X-ltk: 11/9/2021 12:19:03 PM
X-Powered-By: ASP.NET
X-Cache: RefreshHit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 63546
Last-Modified: Fri, 05 Nov 2021 15:53:43 GMT
Server: cloudflare
ETag: "PeS2Sw2KRbuSGHAxo49FCw=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 6ab8b4326c762b35-FRA
X-Amz-Cf-Id: EU5kuBvhcy5Upa0-2bpFMHaw1UahjWeQ_hcFaU9yFuJPplN5b_Jjxw==
Expires: Thu, 11 Nov 2021 08:01:20 GMT

GET
H2 200 zmbl.js Show response
www.zmbl.co/build/ 79 KB
23 KB 47ms
8ms Script
application/javascript 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/build/zmbl.js?v=3.1.0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

263865e3d69fec5665a2a53187767df7df3236958b192591be0c001287fb3805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
age: 1392
x-cache: HIT
content-encoding: gzip
content-length: 23081
x-served-by: cache-fra19171-FRA
last-modified: Wed, 10 Nov 2021 20:23:24 GMT
server: Cowboy
x-timer: S1636614081.988052,VS0,VE1
date: Thu, 11 Nov 2021 07:01:20 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 160 KB
59 KB 33ms
26ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f9e1d9237321a632e7dd0fc7ac93887c2bd48845dd60826d1f5b9d1e9cf44fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60647
x-xss-protection: 0
expires: Thu, 11 Nov 2021 07:01:20 GMT

GET
H3

200

activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
8930728.fls.doubleclick.net/ Frame 43E0
Redirect Chain

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.v...

2 KB
1 KB

31ms
31ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

6fdfb44206dc8ea84d3913aab4556f53ade143b889083833e0591eca18ed28b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:21 GMT
expires: Thu, 11 Nov 2021 07:01:21 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3615
date: Thu, 11 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 08:01:06 GMT

GET
H2

200

activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
6528888.fls.doubleclick.net/ Frame C724
Redirect Chain

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F...

489 B
562 B

25ms
21ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

12613957e264c8109e39539a92697e0cee85e44a87e54a54e514f66f4e2644a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 385
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/virginialottery/production/ 109 KB
24 KB 82ms
13ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b16723895b39a80a39bdc5aff3f02759788ea76943b0386ba3588c408c6276a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
status: 200
content-length: 23788
access-control-allow-origin: *
last-modified: Fri, 15 Oct 2021 12:25:47 GMT
server: nginx/1.18.0
etag: W/"9945281788becc30fad525b59c2addb9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 8Ykj7HUAx_GXUwUjNzfExFXMFQwgSvz3A-4Bs4sQ0GlWXNQqGinkHA==
expires: Thu, 11 Nov 2021 08:28:18 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: RJjmHyLY0NSZ0cch/+EjHIhWXc2rXMI/0IisFmC8T6+o+8x//tV1jDHXO1LWK2PhRGrExGkaxwOEXPBr2oWc4g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Thu, 11 Nov 2021 07:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_77148.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 64ms
25ms Script
application/javascript 2606:4700:3031::ac43:91b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_77148.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:91b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6942
cf-ray: 6ac5a616db944d89-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8089
x-amz-id-2: vhJpBjxmSxHkn+Ioa1nHkMQKqqMW/+CIKhQBcvBmAuALt2lc0FZyeeBk5K00VDucvDeza6T0j38=
last-modified: Tue, 22 Jun 2021 14:44:58 GMT
server: cloudflare
etag: "338e574f139b53e598851d6c150d2e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g27B0HnxM0KqYcvL1VNBeAYU%2ByKOuJ%2BKZu6uhOP7gZzTLdbDXO2KZyYuyd78z9XFS3ySS1%2BzhzH5z1X2hRXzf4ad7d6T4ro0KMb4mePylmHT71X6AsZKHhmgOw7rxXIb4SMWAIXvENSswIg5lfxOlofsaMZ7iWk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: Y1DX40KE48WTV782
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 27249216.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 45ms
8ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/27249216.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
age: 42960324
x-cache: HIT
x-cache-hits: 1699
content-length: 5672
x-served-by: cache-fra19153-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1636614081.140889,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2

200

swapimagedesktop_vikingvoyage_wcta.ashx
www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/swapImageDesktop_VikingVoyage_wCTA.ashx
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/swapimagedesktop_vikingvoyage_wcta.ashx

119 KB
119 KB

127ms
97ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/swapimagedesktop_vikingvoyage_wcta.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

646bc77ad0c7d821ccd4a8922329ab5361b737c46923b7ab89e06a8d7561c756

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 12:21:41 GMT
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="swapImageDesktop_VikingVoyage_wCTA.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 121753
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:21 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/swapimagedesktop_vikingvoyage_wcta.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 241
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/15/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/15/nextDrawing
https://www.valottery.com/api/v1/drawgames/15/nextdrawing

629 B
670 B

130ms
120ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/15/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

602ce469ed9fc6c1db897df59253fb79115a8e0f396042cfbaa76f206c41cc86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 629
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/15/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 180
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/20/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/20/nextDrawing
https://www.valottery.com/api/v1/drawgames/20/nextdrawing

619 B
664 B

1636ms
1628ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/20/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62720dda83035d6754ddd75bd3bacdb0cb797eb565f8420fac7eea0400d1489c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 619
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/20/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 180
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1070/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1070/nextDrawing
https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

629 B
674 B

115ms
107ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

762bf9ff8142211eb6218adfbe1e0cbae44ca6c2021cf0b01f7cfe004a41a374

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 629
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1070/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1065/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1065/nextDrawing
https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

633 B
678 B

1127ms
1120ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f425cb77942e495bed4f49423d7c847a5cd194989e2924d68e682b5d8de9e2e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 633
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1065/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1030/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1030/nextDrawing
https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

639 B
737 B

112ms
107ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6f737151ca7681404cec86ea2e3216d5c128d251153236fac35bbcb5137a61b6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 639
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1030/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1040/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1040/nextDrawing
https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

643 B
688 B

621ms
615ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

89cae7fda4d4d53df8bb328ff7eef4e3dd5811e96d1d9abe756dfad7d52955b3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 643
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1040/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1050/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1050/nextDrawing
https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

642 B
687 B

113ms
107ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3c7f1d9ee1023a830cbe592c26f673a55efa3ec83de6f16c3febef6b7c153951

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 642
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1050/nextdrawing
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2 200 video-js.css
cdn.valottery.com/live-draw-show/ Frame 991E 44 KB
10 KB 25ms
21ms Stylesheet
text/css 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video-js.css
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: br
x-azure-ref-originshield: 0BnyMYQAAAAD45p+DOfdFQrPG122eqQ9VQU1TMDRFREdFMTgxMgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: nSwg8y0lCcUL3Lkjn7m2Lg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F43953E7
x-azure-ref: 0wb+MYQAAAAA4SYptcHMWQJFUPLXlCIg9WlJIRURHRTA4MTQANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 01f0f399-a01e-00c7-1fa1-d64613000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 video.js Show response
cdn.valottery.com/live-draw-show/ Frame 991E 2 MB
335 KB 24ms
19ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: br
x-azure-ref-originshield: 0jruMYQAAAAAf9jar8D9ZTauB+0quoSD9QU1TMDRFREdFMTgxNAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: TRBMje7ARKMlSRoICa/OUw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F470C1CB
x-azure-ref: 0wb+MYQAAAAAWHvIv4+TXTogRoD0fTqMoWlJIRURHRTA4MTQANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8cde430a-401e-010e-7aae-d6908c000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 videojs-http-streaming.js Show response
cdn.valottery.com/live-draw-show/ Frame 991E 937 KB
185 KB 58ms
52ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/videojs-http-streaming.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:20 GMT
content-encoding: br
x-azure-ref-originshield: 0CcCKYQAAAACEbTwujp69TLo9E0Z2HuAgQU1TMDRFREdFMTgxOQA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: ALiRz1YETu9PeIDWre8EIA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F4551E67
x-azure-ref: 0wb+MYQAAAABww21xZA/tTqX1GSjvCx7DWlJIRURHRTA4MTQANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b38c1e13-e01e-0084-23bf-d46cfa000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.1.2-mp/ 81 KB
27 KB 25ms
7ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.1.2-mp/mpathy-modern.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 14:07:52 GMT
content-encoding: gzip
age: 1875209
x-cache: Hit from cloudfront
status: 200
content-length: 26751
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 15:05:31 GMT
server: nginx/1.18.0
etag: W/"809a12b3d845af05b552212f8a272cee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: gxW5et65KPb8ArQh5FOLKTaBXC4Syq-UemgJHGpm7SqQCGZPp3fO-A==
expires: Wed, 17 Nov 2021 14:07:52 GMT

GET
H2 200 getIds Show response
s1.listrakbi.com/hDU7VeqGarZm/session/ 175 B
1 KB 433ms
405ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/hDU7VeqGarZm/session/getIds?callback=ltkCallback9020&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0bb6ca5cecd8ee989016ab3b8bcd53aef4d640c8f97a1c64ede7a0fe5111e67a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 6ac5a6187cab4e67-FRA
expires: -1

GET
H2

200

nspix
action.media6degrees.com/orbserv/ Frame 43E0
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

43 B
189 B

339ms
130ms

Image
image/gif

2606:4700::6812:a4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 2606:4700::6812:a4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ac5a61d5f336934-FRA
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 43

Redirect headers

date: Thu, 11 Nov 2021 07:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
cf-ray: 6ac5a6196dd36934-FRA

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/ Frame 43E0 8 KB
2 KB 190ms
165ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba85ee22e046f19a70dc0c7a2c9f2b70a222aa23340e8d30fb8409e96503a9ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2002
x-function: 151
last-modified: Fri, 13 Aug 2021 06:35:37 GMT
server: cloudflare
x-reuse-index: 36
etag: 17387160207539963605
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 6ac5a618b97f4e9e-FRA
expires: Thu, 11 Nov 2021 08:01:21 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 43E0 70 B
261 B 118ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=k5obd07&ct=0:e9md8kf&fmt=3
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 43E0 3 KB
4 KB 68ms
17ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: FrZr1gVL7bVCASvvHm7h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 43E0 3 KB
4 KB 69ms
18ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: FrZr1gVkzq42sX7vHm8h
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=*;~oref=https%3A%2F%2Fwww.valottery.com%2F
adservice.google.com/ddm/fls/z/ Frame 43E0 42 B
118 B 86ms
74ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=*;~oref=https%3A%2F%2Fwww.valottery.com%2F

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app-bundle~widgets-sport.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/ 42 KB
17 KB 7ms
6ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle~widgets-sport.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA1) / ASP.NET
Resource Hash: d79718aaff57ab783963b93c56efff9afd3476d347fdc3c5667c8004f6dcba3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
etag: "34913bc52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8FA1)
age: 1267990
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 16956

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/ 249 KB
99 KB 8ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA6) / ASP.NET
Resource Hash: c9239f307b86ebb491afb17c1100ecdab08b9ef353c75b6f6a70a4b80c4d4f44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
etag: "21c037c52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8EA6)
age: 1269510
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 101611

GET
H2 200 50.css
download.gamesrv1.com/secure/MWC/2021.09_427462/ 145 KB
33 KB 24ms
23ms Stylesheet
text/css 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/50.css
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF7) / ASP.NET
Resource Hash: 449693c548a52829666000defe81d2045a95856bba01b7358bf252b5ff5aa7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
etag: "437822ba2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:47 GMT
server: ECAcc (frc/8FF7)
age: 1268221
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 33761

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/appBl/ 805 KB
230 KB 13ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/appBl/app-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDE) / ASP.NET
Resource Hash: 1859e1572c7bbf1e023a8173e5db360a1068364e6318a7a97264ace9e791b17f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
etag: "c27241ba2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:47 GMT
server: ECAcc (frc/8FDE)
age: 1267990
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 235058

OPTIONS
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json
www.zmbl.co/targets/ Frame 0
0 39ms
18ms Preflight 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-zembula-enabled
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Cowboy
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers
access-control-max-age: 600
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Thu, 11 Nov 2021 07:01:21 GMT
age: 1075
x-served-by: cache-fra19154-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1636614081.419508,VS0,VE1
vary: Accept-Encoding, Fastly-Orig-Host
access-control-allow-origin: https://www.valottery.com
access-control-allow-credentials: true
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
content-length: 20

GET
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json Show response
www.zmbl.co/targets/ 1 KB
1 KB 7ms
7ms XHR
application/json 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Requested by

Host: www.zmbl.co
URL: https://www.zmbl.co/build/zmbl.js?v=3.1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json
Referer: https://www.valottery.com/
X-Zembula-Enabled: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"74405cb4b4e68f024e10c29aef4b91a2"
age: 25212
x-cache: HIT
access-control-max-age: 600
content-length: 542
via: 1.1 vegur, 1.1 varnish
x-request-id: 2ebda3e5-c3e2-4cb5-b798-3b8ae1b04492
x-served-by: cache-fra19171-FRA
x-runtime: 0.125169
x-content-digest: fc1a9ec1fb7a2d96b14a46f4bfbec0f26a46ebad
server: Cowboy
x-timer: S1636614081.438966,VS0,VE1
x-frame-options: ALLOWALL
date: Thu, 11 Nov 2021 07:01:21 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valottery.com
access-control-expose-headers
cache-control: public, no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
x-rack-cache: stale, valid, store
x-cache-hits: 1

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.14.5-fs/ 58 KB
19 KB 13ms
6ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.utils.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:22:04 GMT
content-encoding: gzip
age: 1942757
x-cache: Hit from cloudfront
status: 200
content-length: 19338
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.18.0
etag: W/"20da4972d4302e2944463977d82cdf65"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: IzFEfQjIgLZKaBqWmlyjf6zbsfBTDD6Kf_j3wDLJolDYUYE25jAjSw==
expires: Tue, 16 Nov 2021 19:22:04 GMT

GET
H2 200 fs.compress.js Show response
gateway.foresee.com/code/19.14.5-fs/ 31 KB
12 KB 12ms
7ms Script
application/javascript 18.66.139.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.compress.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 15 Oct 2021 04:51:45 GMT
content-encoding: gzip
age: 2340576
x-cache: Hit from cloudfront
status: 200
content-length: 11641
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.18.0
etag: W/"6f6ff76e4273c8dcc527c14eb8b24744"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2Bv4C9y9rHZaKkNt8kRC9mEMYi7b309YGOyVMub7Gmag2-njr3j8rg==
expires: Fri, 12 Nov 2021 04:51:45 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 15ms
13ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J0YJNS3PS0&gtm=2oeb80&_p=2115771308&sr=1600x1200&ul=en-us&cid=1619543850.1636614081&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sid=1636614080&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 61ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1732052-1&cid=1619543850.1636614081&jid=138354002&gjid=687229180&_gid=1353834943.1636614081&_u=YCDAiEABBAAAAE~&z=228471899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Nov 2021 07:01:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
155 B 8ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2115771308&t=pageview&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F&ul=en-us&de=UTF-8&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABB~&jid=138354002&gjid=687229180&cid=1619543850.1636614081&tid=UA-1732052-1&_gid=1353834943.1636614081&gtm=2wgb80T3WQN9J&z=840282382

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 22:05:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 32170
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 424ms
361ms Script
text/javascript 104.18.12.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
cf-ray: 6ac5a6198d7368e9-FRA
x-aspnet-version: 4.0.30319
content-length: 2729

GET
H2 200 dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 3C81 488 B
855 B 84ms
42ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Requested by

Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/activityi;dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df9c1edf1c1aaaf1250d5e449cfa90253c593472208c8c23ae6211a0c6944faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.aspx
77148.global.siteimproveanalytics.io/ 34 B
650 B 104ms
8ms Image
image/gif 52.58.68.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://77148.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.valottery.com%2F&title=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&res=1600x1200&accountid=77148&rt=2718&prev=f47cdd7e-9c87-9217-597c-ddc514a674b4&luid=5a14cd80-d9c6-4477-5c1c-8ee86eee769c&rnd=78235
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.68.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-68-120.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:01:21 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Thu, 11 Nov 2021 07:01:21 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H2 200 509692809681502 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 145ms
140ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509692809681502?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60af92e44d1ebd789fb17b78c89b5042ffeb1e2ebb25cbf4d1f6aff1ce4e17f9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: DidiXeQtm1ePt50FcwKX+U8VO9i4ASZRKv7aK9tIjVBdSCMfPVinpqtX4gJjH09rTJMDFRl2ceMBVY7xItToQw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 11 Nov 2021 07:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sambaTag.js Show response
tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 43E0 3 KB
3 KB 45ms
10ms Script
application/javascript 13.225.78.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-97.fra2.r.cloudfront.net
Software: /
Resource Hash: 6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 14:12:08 GMT
Via: 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
Age: 60553
Transfer-Encoding: chunked
Access-Control-Allow-Methods: HEAD,OPTIONS,GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C2
Access-Control-Allow-Headers: Content-Type, Authorization
X-Amz-Cf-Id: V8P2nlI-96VrW5_kmY-n2FSu6bnBgKrHcGfLzlDh7nhp4D0ZHiprCA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 49ms
26ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1732052-1&cid=1619543850.1636614081&jid=138354002&_u=YCDAiEABBAAAAE~&z=824268584

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 42ms
20ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1732052-1&cid=1619543850.1636614081&jid=138354002&_u=YCDAiEABBAAAAE~&z=824268584

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

logo_c5-ezmatch-229x95.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_C5-EZMatch-229x95.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

17 KB
17 KB

109ms
108ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d7f3a550a9946103f8ec640689863b6b989bc874fbf4a5d77db7e2b6231125b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:39 GMT
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_C5-EZMatch-229x95.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17542
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:21 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 211
x-xss-protection: 1; mode=block

GET
H2

200

bankamillion.ashx
www.valottery.com/-/media/val/images/winning-numbers/150x45/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/150x45/bankamillion.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

18 KB
19 KB

105ms
105ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d6af973b9ea670ac79c24c681f0e6cf4b6b680e32159d5ff04d1972f1f4b47e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 13:35:24 GMT
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bankamillion.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18871
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:21 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 208
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p3fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

7 KB
8 KB

106ms
105ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:17:56 GMT
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P3Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:21 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 225
x-xss-protection: 1; mode=block

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

12 KB
12 KB

106ms
106ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 17:47:22 GMT
server
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12351
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:21 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 204
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 9c20595a-fb83-45dc-b35e-7c3a0898d25e
https://www.valottery.com/ Frame 991E 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/9c20595a-fb83-45dc-b35e-7c3a0898d25e
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
BLOB 200
OK d0e80399-2b3a-4a02-8513-c779a4227363
https://www.valottery.com/ Frame 991E 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/d0e80399-2b3a-4a02-8513-c779a4227363
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 glyphicons-halflings-regular.woff
download.gamesrv1.com/secure/MWC/2021.09_427462/assets/base/fonts/ 23 KB
23 KB 28ms
9ms Font
font/x-woff 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/50.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://download.gamesrv1.com/secure/MWC/2021.09_427462/50.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
etag: "c66759ba2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:48 GMT
server: ECAcc (frc/8F1E)
age: 1271251
x-powered-by: ASP.NET
x-cache: HIT
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 23320

GET
H2 200 7a5dbb27be9e4845b902647b334625da.m3u8 Show response
content.uplynk.com/channel/ Frame 991E 2 KB
883 B 632ms
224ms XHR
application/vnd.apple.mpegurl 52.50.112.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da.m3u8

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.112.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-112-189.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f6cbae61786bda12e26a392d3482dd8ba5990d9a2dc68052a6ad91feb5cf0867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: b8a931a777324958af66303274293e83
content-length: 565
x-content-type-options: nosniff

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 43E0 677 B
705 B 175ms
166ms Script
application/x-javascript 2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=9599983460
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6d1e16d0210569021aa22c10cde85e24cf747ab809a211b3aacbdd220b1482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 328
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 16
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 6ac5a61b4e7f4e9e-FRA
expires: Wed, 09 Feb 2022 07:01:21 GMT

GET
BLOB 200
OK 9c999c1f-ce89-496a-a3be-a8a5bd3c9f15
https://www.valottery.com/ Frame 991E 23 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/9c999c1f-ce89-496a-a3be-a8a5bd3c9f15
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 23533
Content-Type: application/javascript

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
2 KB 7ms
7ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 01:27:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 21924
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jul 2021 14:43:11 GMT
Server: cloudflare
ETag: W/"f064b7ba3e7ed71:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type: text/css
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
CF-RAY: 6a81d16c0ac74414-FRA
X-Amz-Cf-Id: oMOPrGO34-_DSGx0ya9-VReka2Cq6VmCS8xSTiNJwZtpFpYfHt_iIQ==

GET
H2 200 p Show response
i.simpli.fi/ Frame 43E0 752 B
1 KB 26ms
14ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=87665&cb=sifi_att_17963502272._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

5f46225e6f8f67b46e1258d0a9f1af221ab9e8af62e5ce496305b5ff9cd5cac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 load Show response
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 43E0 729 B
978 B 360ms
106ms XHR
application/json 54.85.189.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/load?sa_referrer=https%3A%2F%2Fwww.valottery.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNKSxMfej_QCFcZOGwodW7UACg%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D7437429272945%3Bgtm%3D2wgb80%3Bauiddc%3D527162429.1636614081%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F%3F&c=1636614081900
Requested by: Host: tag.mtrcs.samba.tv
URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.189.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-189-129.compute-1.amazonaws.com
Software: /
Resource Hash: 57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:22 GMT
access-control-allow-headers: Content-Type, Authorization
content-length: 729
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=PageView&dl=https%3A%2F%2Fwww.valottery.com%2F&rl=&if=false&ts=1636614081915&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636614081913.289363836&it=1636614081454&coo=false&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 11 Nov 2021 07:01:21 GMT

GET
H3

200

dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
6528888.fls.doubleclick.net/ddm/fls/r/ Frame 5F5D
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.v...
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F...

330 B
292 B

20ms
18ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:22 GMT
expires: Thu, 11 Nov 2021 07:01:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 11 Nov 2021 07:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=65A944C95FC747A1900F9568DE63C360

43 B
183 B

337ms
94ms

Image
image/gif

2600:1f18:612b:4264:c62f:533:271f:3e7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 2600:1f18:612b:4264:c62f:533:271f:3e7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 43E0
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360

95 B
424 B

19ms
19ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=65A944C95FC747A1900F9568DE63C360
date: Thu, 11 Nov 2021 07:01:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/ Frame 43E0
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=65A944C95FC747A1900F9568DE63C360
https://d.agkn.com/pixel/10751/?che=1636614082&ip=136.243.198.81&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D165010803967000060067
https://um.simpli.fi/aa_px?sk=165010803967000060067

43 B
367 B

13ms
13ms

Image
image/gif

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=165010803967000060067

Requested by

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:21 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=165010803967000060067
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ Frame 43E0 43 B
415 B 65ms
21ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 43E0
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=65A944C95FC747A1900F9568DE63C360

0
0

82ms
8ms

Image
text/html

52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 43E0 43 B
415 B 65ms
22ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 43E0 43 B
415 B 21ms
16ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 43E0
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=65A944C95FC747A1900F9568DE63C360;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=65A944C95FC747A1900F9568DE63C360;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-3199631009391096470

0
0

7ms
7ms

Image
text/html

52.222.214.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-3199631009391096470
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 52.222.214.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-6.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-3199631009391096470
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 43E0
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0&xl8blockcheck=1

0
755 B

35ms
35ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0&xl8blockcheck=1
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=65A944C95FC747A1900F9568DE63C360&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 43E0 43 B
415 B 22ms
17ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=65A944C95FC747A1900F9568DE63C360

0
421 B

441ms
98ms

Image
text/plain

3.225.136.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Server: 3.225.136.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-136-82.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 11 Nov 2021 07:01:21 GMT

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/ Frame 43E0
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=65A944C95FC747A1900F9568DE63C360

62 B
745 B

210ms
152ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 7d63
Content-Type: image/gif

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

200

tpid=65A944C95FC747A1900F9568DE63C360
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 43E0
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360

49 B
737 B

44ms
44ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.15.159
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=65A944C95FC747A1900F9568DE63C360
cache-control: no-cache
x-server: 10.45.26.161
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=65A944C95FC747A1900F9568DE63C360

0
348 B

104ms
29ms

Image
text/plain

72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:22 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=65A944C95FC747A1900F9568DE63C360

0
66 B

45ms
16ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=65A944C95FC747A1900F9568DE63C360
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 43E0
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1636614081944&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
154 B

21ms
20ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wb-MYfqtPJHXx_AP6P-5kA0&cid=CAQSKQCNIrLMivLdPC5Cy6plLhFnaY6XTL6zwntxO_xK_8-ZXrMf51bM9aU3&random=4054250447&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1068552937&cv=7&fst=1636614081944&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=wb-MYfqtPJHXx_AP6P-5kA0&cid=CAQSKQCNIrLMivLdPC5Cy6plLhFnaY6XTL6zwntxO_xK_8-ZXrMf51bM9aU3&random=4054250447&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360&__user_check__=1&sync_id=2d87f23f-42bd-11ec-8d47-1ac857eb0406

43 B
549 B

22ms
22ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360&__user_check__=1&sync_id=2d87f23f-42bd-11ec-8d47-1ac857eb0406
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 142
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=65A944C95FC747A1900F9568DE63C360&__user_check__=1&sync_id=2d87f23f-42bd-11ec-8d47-1ac857eb0406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 72
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=65A944C95FC747A1900F9568DE63C360
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D65A944C95FC747A1900F9568DE63C360

43 B
1 KB

26ms
25ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D65A944C95FC747A1900F9568DE63C360

Requested by

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4aa1721d-9754-49f6-b3dd-396dd7512f04
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d16d521d-2802-4dbf-8630-00e141557adf
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D65A944C95FC747A1900F9568DE63C360
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 43E0
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=65A944C95FC747A1900F9568DE63C360&expires=365

0
239 B

46ms
14ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=65A944C95FC747A1900F9568DE63C360&expires=365
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=65A944C95FC747A1900F9568DE63C360&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 10 Nov 2021 07:01:22 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 43E0
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=65A944C95FC747A1900F9568DE63C360
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=65A944C95FC747A1900F9568DE63C360

43 B
180 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=65A944C95FC747A1900F9568DE63C360
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=65A944C95FC747A1900F9568DE63C360
date: Thu, 11 Nov 2021 07:01:22 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 43E0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEGm3MRpdg5wHLq1_kGH-5I4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=65A944C95FC747A1900F9568DE63C360
https://um.simpli.fi/g_match?id=

0
326 B

13ms
13ms

Image
text/plain

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 10 Nov 2021 07:01:22 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 43E0
Redirect Chain

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%221602706635%22%2C%22th%22%3A9599983460%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aYmneM5AFKodIoUHBcXrbiUcFXVBTot6%22%2C%22url%22%3A%22http...
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=8487561158213133000&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662303892153040

43 B
1 KB

29ms
28ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662303892153040

Requested by

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:22 GMT
X-Proxy-Origin: 136.243.198.81; 136.243.198.81; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 31a037fd-1f91-43bf-ad3c-3c31eb024cb9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 37
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ac5a61f8e504e9e-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662303892153040
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

logo_dropdownnumberscards_p4fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

8 KB
8 KB

103ms
102ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:18:48 GMT
server
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P4Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7864
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:22 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx
date: Thu, 11 Nov 2021 07:01:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 225
x-xss-protection: 1; mode=block

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 5F5D 70 B
260 B 38ms
37ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=d7dwi9z&ct=0:s2xb1ei&fmt=3
Requested by: Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CNChwsfej_QCFZNmGwodMNMMNA;src=6528888;type=count0;cat=sitev03v;ord=1;num=2705111051680;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 07:01:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 impression
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 43E0 0
213 B 319ms
107ms Image
text/plain 54.85.189.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/impression?sa_referrer=https%3A%2F%2Fwww.valottery.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCNKSxMfej_QCFcZOGwodW7UACg%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D7437429272945%3Bgtm%3D2wgb80%3Bauiddc%3D527162429.1636614081%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F%3F&c=1636614081900&
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNKSxMfej_QCFcZOGwodW7UACg;src=8930728;type=pagev0;cat=valot0;ord=7437429272945;gtm=2wgb80;auiddc=527162429.1636614081;~oref=https%3A%2F%2Fwww.valottery.com%2F?
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.189.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-189-129.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Nov 2021 07:01:22 GMT
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: HEAD,OPTIONS,GET

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame 991E 11 KB
837 B 1210ms
1177ms XHR
application/vnd.apple.mpegurl 52.50.112.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=ce7fd1f3ff984eb9bcb777b7cf4c9c6e

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.112.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-112-189.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3d53ac3b884b42003557ea982bf6494802087cc97b7c4aa1c655356c6617bba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 12988d4568dd4e429684cd332387ee07
content-length: 520
x-content-type-options: nosniff

GET
H2

200

cash4life.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

4 KB
5 KB

103ms
102ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b400dd5fcb38c85929561997154146554b2150314a0a9c2f4cb54215cd44fd13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:02:36 GMT
server
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Cash4Life.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4517
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:22 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 198
x-xss-protection: 1; mode=block

GET
H2 200 index.html Show response
download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame/ Frame CCDD 172 B
365 B 10ms
10ms Document
text/html 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame/index.html
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDB) / ASP.NET
Resource Hash: 8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 1271252
cache-control: public,max-age=31536000
content-type: text/html
date: Thu, 11 Nov 2021 07:01:22 GMT
etag: "8a4c9ec52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:07 GMT
server: ECAcc (frc/8FDB)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
x-robots-tag: noindex, nofollow
content-length: 234

GET
H2 200 xd-local-storage-shared-frame-loader.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462// Frame CCDD 2 KB
1 KB 9ms
8ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame-loader.js
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0A) / ASP.NET
Resource Hash: d193438379ce07fe686eae249f7fddcf38b45529f51a273f8490fc9eecabfe80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://download.gamesrv1.com/secure/MWC/2021.09_427462//xd-local-storage-shared-frame/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "8296a0c52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:07 GMT
server: ECAcc (frc/8F0A)
age: 1271251
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1225

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 56ms
21ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a621fbcf4aa3-FRA

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 54ms
21ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a622087f4e86-FRA

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 63ms
31ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a621fe287027-FRA

GET
H2 200 branding.css.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/ 45 KB
11 KB 11ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/branding.css.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA8) / ASP.NET
Resource Hash: b8014db3bd7e2b4e7c59206b78b71bdd76d217659368a9e9c694b6885b688f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "d4496fbb2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:49 GMT
server: ECAcc (frc/8EA8)
age: 1267961
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11245

GET
H2 200 icons.css.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/ 16 KB
3 KB 12ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/icons.css.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F73) / ASP.NET
Resource Hash: 16ab8aed34b09e3c42e2a0a00287e924f5bc424341feb393e836b8763455fee2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "c6d182bb2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:50 GMT
server: ECAcc (frc/8F73)
age: 1267961
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3058

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 134ms
132ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f51889cb09004ed9cb21bcc2ec51790e9ffff6054fc9c09e3ea678eaaa1b73c

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a62228c34e86-FRA
Content-Length: 63

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 448ms
446ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24be7e4ecf98ccd99a263703275014d7aa598953546593bfdcd5e2d3ecd7a6f4

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a6222c284aa3-FRA
Content-Length: 63

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 441ms
441ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6d21206d4222b32a9c146c72b8469277d33df994aef07838667f4fe4f1b9bcb

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a6223f654327-FRA
Content-Length: 63

GET
H2 200 regulation-va.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/regulationCustomization/regulation/ 7 KB
3 KB 8ms
3ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/regulationCustomization/regulation/regulation-va.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F84) / ASP.NET
Resource Hash: def07961d4198669441d753cf49b3fccbd800885103dc987c3c5cd7c825397e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "99bd13c52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8F84)
age: 1267960
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3241

GET
H2 200 css Show response
fonts.googleapis.com/ 10 KB
1 KB 37ms
14ms XHR
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:11:49 GMT
server: ESF
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 07:01:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
841 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/appBl/app-bundle.js?v=2021.09_427462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:01:31 GMT
server: ESF
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 07:01:22 GMT

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 32ms
15ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:22 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a6221f1d4327-FRA

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 148ms
148ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c68aa42ef0a09a952af8a2800c643afc506cb726100a823f9b1140f3a4e92c37

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a6223e9c7027-FRA
Content-Length: 63

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 206 KB
70 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57c846a3f781663e7ba73944e05d04644a6d24db82770a26e3463874d40970f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71715
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 07:01:22 GMT

GET
H2 200 login-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/login/ 32 KB
11 KB 15ms
15ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/login/login-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC6) / ASP.NET
Resource Hash: 31781ce9a89cc6a71e29c99bc1de0660850c3b17381499d116ab7243feff73a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "6aa6cbc32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:03 GMT
server: ECAcc (frc/8FC6)
age: 1267959
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11071

GET
H2 200 base-bundle-uxt-2~8ef0ea5e.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/account/account-bundle~modules/base/base-bundle-uxt-1~modules/base/ 126 KB
51 KB 8ms
8ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/account/account-bundle~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~8ef0ea5e.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F90) / ASP.NET
Resource Hash: 1de65f22178fcfd3907dd0e0ac2cedc840323b30280fdaafad2278e5a08c9f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "fec4cc52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8F90)
age: 1267959
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 51754

GET
H2 200 base-bundle-uxt-3~6be9331b.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 161 KB
64 KB 10ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3~6be9331b.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) / ASP.NET
Resource Hash: eea781d44376106e4ba2aed2a13dc36c68d6e6cde9a377f3d42d25d6e567694d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "0174c52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8F6C)
age: 1271248
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 65564

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 290 KB
105 KB 14ms
14ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F7F) / ASP.NET
Resource Hash: ef366b67d33cbe74b49a3530fa6498be105d17bffe4b7670c6cf5487adcf0d2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "b9825ec52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8F7F)
age: 1267959
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 106920

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 153 KB
49 KB 11ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E97) / ASP.NET
Resource Hash: 9ba9e30922ea11b9cfdc51a08102fd6021cccd330532a601bceee7617893c1ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "fe9f2ec32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:02 GMT
server: ECAcc (frc/8E97)
age: 1268221
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 49817

GET
H2 200 base-bundle-uxt-1.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/base/ 2 KB
916 B 12ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/base/base-bundle-uxt-1.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFE) / ASP.NET
Resource Hash: 818a464c526b5c62a4ec295be5aadb5063b3c75283f72201673f61acedb0e6b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:22 GMT
content-encoding: gzip
etag: "3b4829c32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:02 GMT
server: ECAcc (frc/8FFE)
age: 1267957
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 839

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
805 B 109ms
108ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENG&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=jxm192wih7mfpnml&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

1b9ff5a8b0b197cd21bc3cff064d97d101019b9881839eefb4d45f0e4622e94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 354
Date: Thu, 11 Nov 2021 07:01:23 GMT
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 621ms
101ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Thu, 11 Nov 2021 07:01:22 GMT

GET
H2

200

powerball.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/Powerball.ashx
https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

6 KB
6 KB

105ms
104ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

Protocol

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0da5449c35c4ceb45e7d54cf77ab873d4dca7ee6f866b934cb36a61fbf37176d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 13:27:18 GMT
server
date: Thu, 11 Nov 2021 07:01:23 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Powerball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6259
x-xss-protection: 1; mode=block
expires: Thu, 18 Nov 2021 07:01:23 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx
date: Thu, 11 Nov 2021 07:01:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=Microdata&dl=https%3A%2F%2Fwww.valottery.com%2F&rl=&if=false&ts=1636614083418&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers%5Cn%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Find%20a%20Virginia%20Lottery%20game%20you%20love!%20Play%20Online%20Instant%20Games%20or%20Mega%20Millions%2C%20Powerball%20or%20Cash4Life%C2%AE%20online!%20Enter%20eXTRA%20Chances%20or%202nd%20Chance%20promotions!%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636614081913.289363836&it=1636614081454&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 11 Nov 2021 07:01:23 GMT

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 12ms
12ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a626cb724327-FRA

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 143ms
143ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea18e899b7f4715907c01b0e260410baf9a9fa77a51dc55efe0f7faabb2295fc

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:23 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a626dbac4327-FRA
Content-Length: 63

GET
H2 200 Lang_ENU.json Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/assets/lang/124/ 270 KB
78 KB 9ms
9ms XHR
application/json 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/assets/lang/124/Lang_ENU.json?bid=427462
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/appBl/app-bundle.js?v=2021.09_427462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2B) / ASP.NET
Resource Hash: 05c9d881e57d9137db81c8bdcb99275beb97154d3d354feddf661842aca6a6df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "ffa6bac22fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:02 GMT
server: ECAcc (frc/8F2B)
age: 1271244
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 79797

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/cart/ 39 KB
14 KB 11ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~modules/cart/cart-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBE) / ASP.NET
Resource Hash: 78aa771639fe00d5a40a591ce0bf9be6683194debb70c5fe96d2bd12bf86f222

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "4d2068c52fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:06 GMT
server: ECAcc (frc/8FBE)
age: 1267927
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 14700

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/cart/ 197 KB
45 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/cart/cart-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6A) / ASP.NET
Resource Hash: fa5824d0e0ab03fbf5f2a823d56c9454f33e74013c00c930c12fd6be4bf97127

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "80533ac32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:03 GMT
server: ECAcc (frc/8F6A)
age: 1271242
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 45587

GET
H2 200 dbg-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/dbg/ 61 KB
14 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/dbg/dbg-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FB5) / ASP.NET
Resource Hash: 4b71d3ed6f2dabf910cb75c87b86d90fded992d38ffdbde0eedbce1ac27cea91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "80533ac32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:03 GMT
server: ECAcc (frc/8FB5)
age: 1271242
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 14526

GET
H2 200 bonuses-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/bonuses/ 60 KB
14 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/bonuses/bonuses-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA4) / ASP.NET
Resource Hash: 28ab23c74359cb9e3bcb86e2996d4d49aa9d27dc73b80ce6cedd220541d20183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "0bda1c22fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:02 GMT
server: ECAcc (frc/8EA4)
age: 1271241
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 14347

GET
H2 200 48.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/ 48 KB
15 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/48.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F33) / ASP.NET
Resource Hash: ad3b228fc4e9b8f7f894fecae42be3c9c4f646e537494058cc7b0bfa80795ddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "9dc2feb92fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:47 GMT
server: ECAcc (frc/8F33)
age: 1267909
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 15277

GET
H2 200 dbg-game-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.09_427462/modules/dbg-game/ 226 KB
68 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/modules/dbg-game/dbg-game-bundle.js?v=2021.09_427462
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F75) / ASP.NET
Resource Hash: 758d01cb6e033d05c514ef4fc602de8b9a8445b63c4b3f3c08b19459b2dea954

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:23 GMT
content-encoding: gzip
etag: "83967ec32fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:40:03 GMT
server: ECAcc (frc/8F75)
age: 1267909
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 69029

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 56 KB
11 KB 156ms
156ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd&cm=GGL&rst=j&uniqueNoCache=1636614083731

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

fcf742aa763b5158965213916f3411c4e9848eeb96bab39933c85b84a702943a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 10193
Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:23 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 100ms
100ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=xou692k7e1x33ib8&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Thu, 11 Nov 2021 07:01:22 GMT

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
805 B 110ms
110ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

56357e6daf5931d228df763155892780d9a7e044f72a45fe8a546ad00c28f11b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 354
Date: Thu, 11 Nov 2021 07:01:23 GMT
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 101ms
101ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=G&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=x1bcfv9t9353yxic&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Thu, 11 Nov 2021 07:01:24 GMT

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 18 KB
4 KB 112ms
111ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

f46ce9b035301d5e0f61c1f28c0562ebc8e65104e3eab46ce78a118d725668a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 3592
Date: Thu, 11 Nov 2021 07:01:23 GMT
Expires: -1

GET
H2 200 preloader.gif
download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/ 49 KB
49 KB 13ms
8ms Image
image/gif 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/assets/branded/124/preloader.gif?bid=427462
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1C) / ASP.NET
Resource Hash: f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:24 GMT
etag: "cded91bb2fcbd71:0"
last-modified: Wed, 27 Oct 2021 12:39:50 GMT
server: ECAcc (frc/8F1C)
age: 1271187
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 50456

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 151ms
151ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/vendors~appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c2fa9c194d614278772842839cbb5fca1572d381adb54437e749031db385c14

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 11 Nov 2021 07:01:24 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 6ac5a62bbfbe4327-FRA
Content-Length: 63

POST
H2 200 updatesessionuser Show response
www.valottery.com/api/v1/ 85 B
205 B 113ms
110ms XHR
application/json 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/updatesessionuser

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20211011

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.valottery.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Thu, 11 Nov 2021 07:01:24 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 85
x-xss-protection: 1; mode=block
expires: -1

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 11ms
10ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Thu, 11 Nov 2021 07:01:24 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ac5a62baf7f4327-FRA

POST
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 4 KB
3 KB 139ms
138ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd&cm=GCL&rst=j

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/437.js?v=2021.09_427462

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 2563
Pragma: no-cache
Date: Thu, 11 Nov 2021 07:01:24 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H/1.1 200
OK visit.aspx Show response
info.valottery.com/ Frame 0A6C 247 B
374 B 622ms
100ms Document
text/html 8.43.83.18
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=581aea59-5189-4bc8-a324-10ffa33319cd
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.09_427462/appBl/app-bundle.js?v=2021.09_427462
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.43.83.18 , United States, ASN394729 (NPIASN, US),
Reverse DNS
Software: /
Resource Hash: 2e5c176d786684b24337709ce488c81ab49dc209a7a2cafaf0a342d568b2cdf4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

Cache-Control: no-cache
Connection: close
Content-Type: text/html
Pragma: no-cache
Content-Length: 247

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame 991E 11 KB
848 B 395ms
394ms XHR
application/vnd.apple.mpegurl 52.50.112.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=ce7fd1f3ff984eb9bcb777b7cf4c9c6e

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.112.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-112-189.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6b3a43278456e428dcd9804b52e82a59eec2bbc20dea8571c26407ac4185249d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:25 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: fc8d298e56554e118f46671f656ba18d
content-length: 531
x-content-type-options: nosniff

GET
H2 200 css
fonts.googleapis.com/ 4 KB
625 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 06:18:52 GMT
server: ESF
date: Thu, 11 Nov 2021 07:01:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 07:01:26 GMT

GET
H2 200 fontawesomev5.min.css
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 418 B
623 B 53ms
6ms Stylesheet
text/css 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:26 GMT
last-modified: Thu, 08 Feb 2018 20:17:05 GMT
server: ECS (frb/6763)
age: 22758
etag: "516682c919a1d31:0"
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 418

GET
H2 200 BannerBlue_Popup.jpg
videocdn.valottery.com/listrak/ 10 KB
10 KB 306ms
18ms Image
image/jpeg 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videocdn.valottery.com/listrak/BannerBlue_Popup.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 11 Nov 2021 07:01:26 GMT
last-modified: Fri, 08 Jan 2021 16:19:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yznYqEEGhqD80LO4EpR7Zw==
etag: 0x8D8B3F13DDB83E6
x-azure-ref: 0x7+MYQAAAABV/BLevNHrRoyEul2yt9dGWlJIRURHRTA3MTMAN2E0MjdlM2UtZmNlMS00NWY4LTgxMzktN2QxMGViYmE2ZGUx
x-cache: TCP_HIT
content-type: image/jpeg
x-ms-request-id: 1802b962-701e-0044-6564-d5e499000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0Z5KKYQAAAACQAxLJtuP8SrCBSuhgbM+gQU1TMDRFREdFMTgwNwA3YTQyN2UzZS1mY2UxLTQ1ZjgtODEzOS03ZDEwZWJiYTZkZTE=
content-length: 9866

GET
H2 200 Gotham-Book.woff2
mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/ 19 KB
20 KB 27ms
7ms Font
application/font-woff2 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/Gotham-Book.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:26 GMT
last-modified: Tue, 02 Jan 2018 15:15:39 GMT
server: ECS (frb/67A8)
age: 58010
etag: "ba5d7f8cdc83d31:0"
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 19832

GET
H2 200 ModalImpression.ashx Show response
m1.listrakbi.com/ 103 B
547 B 404ms
382ms Script
application/javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m1.listrakbi.com/ModalImpression.ashx?callback=ltkCallback7584&t=impression&ctid=hDU7VeqGarZm&globalSessionUID=c1ae0098-1a07-4253-ac67-fa9ee44a7f4c&mid=d9f118bf-8a80-4592-96b1-112433f8cbe7
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7e4c77acbb60ccfa2be37bbb8a870925afcb65afbd383a20b50347daad1fcb2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:27 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ac5a63b49fa4e67-FRA
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: private
content-type: application/javascript; charset=utf-8

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 32215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 10 Nov 2022 22:04:31 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:53:46 GMT
x-content-type-options: nosniff
age: 133660
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 17:53:46 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:15:59 GMT
x-content-type-options: nosniff
age: 571527
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:15:59 GMT

GET
H2 200 FontAwesome-v-5-Custom.ttf
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 41 KB
42 KB 7ms
6ms Font
application/octet-stream 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/FontAwesome-v-5-Custom.ttf
Requested by: Host: mediacdn.espssl.com
URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9

Request headers

Referer: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:26 GMT
last-modified: Thu, 08 Feb 2018 20:14:37 GMT
server: ECS (frb/67D3)
age: 15863
etag: "572f797119a1d31:0"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 42456

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 05:32:05 GMT
x-content-type-options: nosniff
age: 178161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 05:32:05 GMT

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame 991E 11 KB
850 B 338ms
338ms XHR
application/vnd.apple.mpegurl 52.50.112.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=ce7fd1f3ff984eb9bcb777b7cf4c9c6e

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.112.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-112-189.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9b578ff42ad66d67aa0e434aca1f36bed53616b0cb011d24d6dec8c5c1e4341f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 07:01:28 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 12988d4568dd4e429684cd332387ee07
content-length: 533
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage	1970-01-20 08:05:42	Name: sambapxid Value: e70ace2ffa0a94e3
.listrakbi.com/hDU7VeqGarZm	1970-01-23 14:15:46	Name: gsid Value: oBtPpPMeixNsQFN9hYQuhMwQiUbqjR5hOoDib0YAumv5vRwiH671kSHMZgaZyp0O3Tdw7SfNx8E%3d
www.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 3ssn3wz0auycph4dgu4dmteh
www.valottery.com/	1970-01-23 14:12:54	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: ab7bd67279894ad48c6094b7317e5ebc\|False
www.valottery.com/	1970-02-25 11:11:27	Name: ValAlert Value: e6663612-0a75-4a50-b5ae-26df0b394cea
.valottery.com/	1970-01-20 07:22:30	Name: UniqueDeviceId Value: 581aea59-5189-4bc8-a324-10ffa33319cd
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vopqzjjmk04aei1zerisgej2
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: TS01f5bd3b Value: 0141e9310e57b2c4bd8d7dd22e41c21fa5572ef05bdf69bcc6879032c940b99d371c1dbc75166840c3e576334b18ef40eaf226d88731ef17098c229e8db91aacaf09260787
.valottery.com/	1970-01-20 00:46:30	Name: _gcl_au Value: 1.1.527162429.1636614081
.doubleclick.net/	1970-01-20 07:58:30	Name: IDE Value: AHWqTUlX9xQwORjRLmeh9LhdZYWW2vWww3gmzUBA8PB63aqnEwhYNzj5W48otI2O4R4
.valottery.com/	1970-01-20 16:08:06	Name: _ga_J0YJNS3PS0 Value: GS1.1.1636614080.1.0.1636614080.0
.valottery.com/	1970-01-20 16:08:06	Name: _ga Value: GA1.2.1619543850.1636614081
.valottery.com/	1970-01-19 22:38:20	Name: _gid Value: GA1.2.1353834943.1636614081
.valottery.com/	1970-01-19 22:36:54	Name: _dc_gtm_UA-1732052-1 Value: 1
.valottery.com/	1970-01-20 22:36:54	Name: nmstat Value: f47cdd7e-9c87-9217-597c-ddc514a674b4
.simpli.fi/	1970-01-20 07:23:56	Name: suid Value: 65A944C95FC747A1900F9568DE63C360
77148.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1981F7471278D2E5200322457FFB222DB8AF541B057095385CB5B7C14B792926FCB43A208B8D10B5C6859F294FEB265160659E2F6D1D6F23037F9004CC1D3117D4C25434F9
s1.listrakbi.com/	1970-01-19 22:46:58	Name: AWSALBCORS Value: 9cFBhEaqkbAMoQx5VvwBttgT3sNbxhkuLQbL2nbshbaDa0gHk04JZ5WQqMWls+ab9yVooO2ULYLe8PB1X6eiybBTNZyQ/dcal3W/7gzUTb1LazN6uaZVoi5KFncE
.listrakbi.com/	1970-01-20 00:46:30	Name: usid Value: 609f876069024ff997b0f1233a37ea3d
.valottery.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.valottery.com/	1970-01-20 00:46:30	Name: _fbp Value: fb.1.1636614081913.289363836
.simpli.fi/	1970-01-19 22:46:58	Name: uid_syncd_secure Value: true
.valottery.com/	1970-01-23 14:15:46	Name: GSIDhDU7VeqGarZm Value: c1ae0098-1a07-4253-ac67-fa9ee44a7f4c
.tapad.com/	1970-01-20 00:03:18	Name: TapAd_TS Value: 1636614082059
.tapad.com/	1970-01-20 00:03:18	Name: TapAd_DID Value: a090ae31-5251-4c6b-8785-480e306686de
.openx.net/	1970-01-20 07:22:30	Name: i Value: a5195e0b-baff-4b32-9cfd-7ec919e35754\|1636614082
.tapad.com/	1970-01-20 00:03:18	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-20 07:22:30	Name: ab Value: 0001%3A2shmLmAiKNHcPkxJZriRvIy26MsNjYAw
.adnxs.com/	1970-01-20 00:46:30	Name: uuid2 Value: 8487561158213133000
.pro-market.net/	1970-01-20 02:56:06	Name: anProfile Value: "-ob4uj5nax5zq+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104F80212078E002B000000000001+s2=(r2ebia)+vm=24-65A944C95FC747A1900F9568DE63C360"
.pro-market.net/	1970-01-19 23:20:06	Name: anHistory Value: "-ob4uj5nax5zq+2+!#7')%S!^A%"
.exelator.com/	1970-01-20 01:29:42	Name: EE Value: "36226f8660e2a2d946a6c907c2f06581"
.agkn.com/	1970-01-20 07:22:30	Name: u Value: C\|0AAAAAAAAKR98QgAAAAAA
.spotxchange.com/	1970-01-20 07:22:34	Name: audience Value: 2d87f1d5-42bd-11ec-8d47-1ac857eb0406
.exelator.com/	1970-01-20 01:29:42	Name: ud Value: "eJxrXxzq6XKLQcHYzMjILM3CzMwg1SjRKMXSxCzRLNnSwDzZKM3AzNTCcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F72t7DgA%252B2Cnc"
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_id Value: 79ad60fd61992c7fbe67eb472ebfd572
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_cc Value: "ACZ4XmNQMLdMTDEzSEsxM7S0NEo2T0tKNTNPTTIxN0pNSksxNTdiAILEnv2HQDQUAABsmgvG"
.crwdcntrl.net/	1970-01-20 05:05:42	Name: _cc_aud Value: "ABR4XmNgYGBI7Nl%2FCEhBAQAdxgJv"
.bluekai.com/	1970-01-20 02:56:06	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 02:56:06	Name: bkpa Value: KJpEnXTLu5DlLgx6BgEwEnWN1lV6Beah+MHNzpRl1Uz6+exyzn16BqByzEDp5MRt1y99J8Lnix==
.bluekai.com/	1970-01-20 02:56:06	Name: bku Value: blx991vdMscsXs9t
.bfmio.com/	1970-01-20 07:22:30	Name: __141_cid Value: 65A944C95FC747A1900F9568DE63C360
.bfmio.com/	1970-01-20 07:22:30	Name: __io_cid Value: 18f7f52d0429b5c6964bf4cb5a4be4f6bf88382e
.tribalfusion.com/	1970-01-20 00:46:30	Name: ANON_ID Value: aQnunmo0P88CmTN83MFZaZdoM8ULHZbmZahS8ZbxFIUk9wZbGxH51tpg2VPi8Qu8KiPUBr4Eylwq6rwA7Za8ZaD87ZaKU2AZaK2JUdqImJr1bD
.adnxs.com/	1970-01-20 00:46:30	Name: anj Value: dTM7k!M4.gDunaTF']wIg2Hbzx93v8!@wnfH8KW.dG5<#Z0ru$FTGw<Gme4xGn6dQFT?-kn.Ca@F(ZefF)fBQEkz)Zx2%mv$rQspRcp[zIf3kG*)esoEsJRT$3'JI:^`j`#y#>]!AXTO:4=sB!@8(#Z_9ax
.valottery.com/	1970-01-19 22:46:58	Name: mpt_rate_comparator_50033 Value: 70.64898135405562\|1639206082757
.valottery.com/	1970-01-19 22:46:58	Name: mpt_vid Value: 163661408275835693\|1699686082758
.valottery.com/	1970-01-20 16:07:40	Name: _4c_ Value: %7B%22_4c_s_%22%3A%22dVLRjtowEPwVy88EObGTs3mjnFq1KqcrbdW%2BIcdZiEWII8clpYh%2Frw0Od4d0ecnuzM56ZM8JDzW0eJYWtChSRjgVOZngHRx7PDthq6vwO%2BAZphyyB5qppFRskzCqSMI5z5O0zEpBqBBcVHiC%2F4ZdjFFBCE9FTs8TrLq444SVqcDvSsU0ZdM82fRe4f55hPiis6b6o9zaHbswNECJ%2BmrniQoOWsF60JWrg7og5AWtQW9rF%2BDsCnc2NL4adFuZ4V4W0XtZac3QQ5Auamv2gETuUeNvAf%2B6KIJVCxuw9jLlu1674PMgG%2BMc2ONUmX2E%2Ff0FRtutbvXIe24JW7nUTaNNGzY%2FeejZDGBL2TSxX8i%2BzkdOqx17VdNYf1dWOlWDHZd8nH8byxU4qZuLx9A%2BWjmgT3IPIw%2B%2Ff6zmaFHLVt2wwKOV8fZfPCCGvuoNROSDbHdojqL30ZLVrXt6buRxPNt4ut2iL1LtOuMiujSlN4TmXfcWeCXsDvHNGqNkEw71ofS%2B5uufnx8vb%2BezxCjPyfSW1BSfY9xo8UAI45nguY%2BT8zfJC0bCd76uvqQvvU0Xac5DOEWcTvk4fE1BAu37qoLcqc7n%2Fw%3D%3D%22%7D
.valottery.com/	1970-01-19 22:58:30	Name: ltkpopup-suppression-d9f118bf-8a80-4592-96b1-112433f8cbe7 Value: 1
m1.listrakbi.com/	1970-01-19 22:46:58	Name: AWSALBCORS Value: d8KizYracT058PTw+1fg5/EGmRDDxPd55FxuzqNJGVBh1I/qevQZHhUShZ8f25+L0HSHPF67v+Ia0TIYcI0HXpxhJ3sVSQt0sQ+8t4IRYWAtHXdNwXu0dhrzPJHT

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 47) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 47) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 47) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 47) Message: Unrecognized feature: 'conversion-measurement'.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=65A944C95FC747A1900F9568DE63C360 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=65A944C95FC747A1900F9568DE63C360 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-3199631009391096470 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6528888.fls.doubleclick.net
77148.global.siteimproveanalytics.io
8930728.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bcp.crwdcntrl.net
cdn.listrakbi.com
cdn.valottery.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
content-aeui1.uplynk.com
content.uplynk.com
d.agkn.com
download.gamesrv1.com
extend.vimeocdn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gamesrv1.valottery.com
gateway.foresee.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
info.valottery.com
insight.adsrvr.org
insights-collector.newrelic.com
loadm.exelator.com
m1.listrakbi.com
maxcdn.bootstrapcdn.com
mediacdn.espssl.com
pixel.mtrcs.samba.tv
pixel.rubiconproject.com
pixel.tapad.com
s.tribalfusion.com
s1.listrakbi.com
services.listrak.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.mtrcs.samba.tv
tag.simpli.fi
um.simpli.fi
us-u.openx.net
valottery.com
videocdn.valottery.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.valottery.com
www.zmbl.co
104.111.215.191
104.18.12.251
104.18.7.244
13.225.78.97
142.250.185.162
142.250.186.38
151.101.14.109
151.101.66.65
162.247.243.148
169.50.137.176
169.50.137.184
172.217.16.130
18.66.130.11
18.66.139.43
185.33.221.15
185.94.180.125
2001:4de0:ac18::1:a:2a
2600:1901:0:8eee::
2600:1f18:612b:4264:c62f:533:271f:3e7e
2606:4700:3031::ac43:91b0
2606:4700::6812:a4f
2606:4700::6812:bcf
2606:4700::6812:c05
2620:1ec:46::45
2620:1ec:bdf::45
2a00:1450:4001:802::2002
2a00:1450:4001:802::200a
2a00:1450:4001:808::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2008
2a00:1450:4001:830::2004
2a00:1450:400c:c0c::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.120.154.132
3.124.136.236
3.225.136.82
34.98.64.218
35.227.248.159
35.244.174.68
52.168.86.34
52.208.103.128
52.222.214.6
52.223.40.198
52.50.112.189
52.58.68.120
54.78.254.47
54.85.189.129
69.173.144.165
72.251.249.13
8.43.83.17
8.43.83.18
93.184.220.43
93.184.221.168
001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f
04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25
05c9d881e57d9137db81c8bdcb99275beb97154d3d354feddf661842aca6a6df
08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24
0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201
0b830f41e86c2f3716287d09c699d6d402794926a96fe6e50107965a4721c3ce
0bb6ca5cecd8ee989016ab3b8bcd53aef4d640c8f97a1c64ede7a0fe5111e67a
0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2
0d4a3423e4be6f7c3a8b876b9fb41912206194953ea208a2bb98c75bb3351882
0d4b77e3842444dcb370502be6b39f5325615b2af5835c9f2d815892bbc4d317
0da5449c35c4ceb45e7d54cf77ab873d4dca7ee6f866b934cb36a61fbf37176d
0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8
12613957e264c8109e39539a92697e0cee85e44a87e54a54e514f66f4e2644a9
1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445
143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789
14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b
14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16216d2d481225790ac4f9f63deb73317c5e1769149350ec3d0765e31864fefe
16ab8aed34b09e3c42e2a0a00287e924f5bc424341feb393e836b8763455fee2
18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d
1859e1572c7bbf1e023a8173e5db360a1068364e6318a7a97264ace9e791b17f
18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce
1b120b16074e4bdf34ac5c84bd56800f0106d1362ae39b340902774698410c1c
1b9ff5a8b0b197cd21bc3cff064d97d101019b9881839eefb4d45f0e4622e94b
1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2
1de65f22178fcfd3907dd0e0ac2cedc840323b30280fdaafad2278e5a08c9f94
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f9e1d9237321a632e7dd0fc7ac93887c2bd48845dd60826d1f5b9d1e9cf44fe
2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190
232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42
24be7e4ecf98ccd99a263703275014d7aa598953546593bfdcd5e2d3ecd7a6f4
263865e3d69fec5665a2a53187767df7df3236958b192591be0c001287fb3805
2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c
2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267
28ab23c74359cb9e3bcb86e2996d4d49aa9d27dc73b80ce6cedd220541d20183
2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3
2e5c176d786684b24337709ce488c81ab49dc209a7a2cafaf0a342d568b2cdf4
2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
31781ce9a89cc6a71e29c99bc1de0660850c3b17381499d116ab7243feff73a2
346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10
37e5d96414f5d3dd3281e73cb2b1a4be0dd251e7a9a2978eac1cb9971790593c
3a58c93d49c5d0269b7ff1877632ad9bcdaf3b531318b0726af7cb65cad20ec1
3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c7f1d9ee1023a830cbe592c26f673a55efa3ec83de6f16c3febef6b7c153951
3d53ac3b884b42003557ea982bf6494802087cc97b7c4aa1c655356c6617bba5
3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
412e1bb0cf61a37b776b51f894c512378e8b160edb678e47a972228cac9a6592
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
449693c548a52829666000defe81d2045a95856bba01b7358bf252b5ff5aa7d0
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b71d3ed6f2dabf910cb75c87b86d90fded992d38ffdbde0eedbce1ac27cea91
4d6af973b9ea670ac79c24c681f0e6cf4b6b680e32159d5ff04d1972f1f4b47e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eed6025a6c3fb552654d41c8f4dc7a1d1e1e2a08c380b394e03d840a2199322
4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a
4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64
5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945
52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa
53fe3acf9872fde751b6d8a7fa222b7200e2eaa45e81a38a45d57c3b9c295553
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
56357e6daf5931d228df763155892780d9a7e044f72a45fe8a546ad00c28f11b
57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13
57c846a3f781663e7ba73944e05d04644a6d24db82770a26e3463874d40970f2
59059cee3381dbfb44d58f23647b24a441ab66209d5195f1b2e880409f1f76b9
59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75
5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7
5f46225e6f8f67b46e1258d0a9f1af221ab9e8af62e5ce496305b5ff9cd5cac0
602ce469ed9fc6c1db897df59253fb79115a8e0f396042cfbaa76f206c41cc86
60af92e44d1ebd789fb17b78c89b5042ffeb1e2ebb25cbf4d1f6aff1ce4e17f9
6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3
62720dda83035d6754ddd75bd3bacdb0cb797eb565f8420fac7eea0400d1489c
63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16
646bc77ad0c7d821ccd4a8922329ab5361b737c46923b7ab89e06a8d7561c756
648bf8f1b5ce7e53ad61091d82907a518e29e2e5c98fe3316c46d59cb88da407
668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9
6b3a43278456e428dcd9804b52e82a59eec2bbc20dea8571c26407ac4185249d
6f737151ca7681404cec86ea2e3216d5c128d251153236fac35bbcb5137a61b6
6fdfb44206dc8ea84d3913aab4556f53ade143b889083833e0591eca18ed28b4
75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726
758d01cb6e033d05c514ef4fc602de8b9a8445b63c4b3f3c08b19459b2dea954
762bf9ff8142211eb6218adfbe1e0cbae44ca6c2021cf0b01f7cfe004a41a374
767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231
76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c
78aa771639fe00d5a40a591ce0bf9be6683194debb70c5fe96d2bd12bf86f222
795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde
79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28
7b82c7f3efbf61573b95f99f7feff4ea4e194f71f1c36df9254fa49eada774be
7b95c0b5754aadd62cafe5152ad69ced6481ba05f66eafa791f1743a129370cb
7e4c77acbb60ccfa2be37bbb8a870925afcb65afbd383a20b50347daad1fcb2d
7f51889cb09004ed9cb21bcc2ec51790e9ffff6054fc9c09e3ea678eaaa1b73c
818a464c526b5c62a4ec295be5aadb5063b3c75283f72201673f61acedb0e6b8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c
867aff97724966cb2d1ee4cec05a1254ebcced2e936748c2cff7597410938085
892a36bc18f47d47c7b086dcf1eed969fafe1792fff326604af4bb9911b65d2e
89cae7fda4d4d53df8bb328ff7eef4e3dd5811e96d1d9abe756dfad7d52955b3
89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6
8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0
8c2fa9c194d614278772842839cbb5fca1572d381adb54437e749031db385c14
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
906e71f52631575bbc2e2454a0db08cc2d50f509ec8d2a4263103148a8b25683
913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f
92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03
9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9b578ff42ad66d67aa0e434aca1f36bed53616b0cb011d24d6dec8c5c1e4341f
9ba9e30922ea11b9cfdc51a08102fd6021cccd330532a601bceee7617893c1ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a34905132e8ee938a04d3b948347b2ad2a7f425a35afa0f5420e50bb271e65bd
a6d21206d4222b32a9c146c72b8469277d33df994aef07838667f4fe4f1b9bcb
a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb
aa9128474745c0432885515633094d0be322c0041dfdec24213d364e884b7c63
ad3b228fc4e9b8f7f894fecae42be3c9c4f646e537494058cc7b0bfa80795ddc
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b139dd93f7c1f9e816dd6e25182efe6efc19c7f031325081c1e47ba6cab0c257
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16723895b39a80a39bdc5aff3f02759788ea76943b0386ba3588c408c6276a9
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b400dd5fcb38c85929561997154146554b2150314a0a9c2f4cb54215cd44fd13
b8014db3bd7e2b4e7c59206b78b71bdd76d217659368a9e9c694b6885b688f66
b80bc30222d12c1cecbdf3836745a1cb363fe36e2f101fb27dc3964c41c202b6
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
ba85ee22e046f19a70dc0c7a2c9f2b70a222aa23340e8d30fb8409e96503a9ef
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c
c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72
c51a6b85e1bc07d017827c616a8b139c9eb85c111358255631b374029b016fd9
c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f
c68aa42ef0a09a952af8a2800c643afc506cb726100a823f9b1140f3a4e92c37
c9239f307b86ebb491afb17c1100ecdab08b9ef353c75b6f6a70a4b80c4d4f44
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d193438379ce07fe686eae249f7fddcf38b45529f51a273f8490fc9eecabfe80
d79718aaff57ab783963b93c56efff9afd3476d347fdc3c5667c8004f6dcba3a
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7f3a550a9946103f8ec640689863b6b989bc874fbf4a5d77db7e2b6231125b7
d94055d3632e18740f1f177a959b229be3ca2b73d205e3f0518f568ee211183d
db30900985cb8da2aa3da0e65d333c22a82a4b7e7e6009dca70872e15851dea5
def07961d4198669441d753cf49b3fccbd800885103dc987c3c5cd7c825397e1
df9c1edf1c1aaaf1250d5e449cfa90253c593472208c8c23ae6211a0c6944faf
e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87
e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a
e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972
e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea18e899b7f4715907c01b0e260410baf9a9fa77a51dc55efe0f7faabb2295fc
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8
eea781d44376106e4ba2aed2a13dc36c68d6e6cde9a377f3d42d25d6e567694d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef366b67d33cbe74b49a3530fa6498be105d17bffe4b7670c6cf5487adcf0d2c
f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458
f22202d5d46efe1f1a3ec66734e0866e3af063dcc41490c5ae55d34984c2c3e6
f425cb77942e495bed4f49423d7c847a5cd194989e2924d68e682b5d8de9e2e7
f46ce9b035301d5e0f61c1f28c0562ebc8e65104e3eab46ce78a118d725668a8
f6cbae61786bda12e26a392d3482dd8ba5990d9a2dc68052a6ad91feb5cf0867
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa5824d0e0ab03fbf5f2a823d56c9454f33e74013c00c930c12fd6be4bf97127
fa6d1e16d0210569021aa22c10cde85e24cf747ab809a211b3aacbdd220b1482
fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fcf742aa763b5158965213916f3411c4e9848eeb96bab39933c85b84a702943a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.valottery.com Open in urlscan Pro 52.168.86.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

220 Requests

69 %HTTPS

38 %IPv6

45 Domains

65 Subdomains

52 IPs

7 Countries

4479 kBTransfer

12216 kBSize

51 Cookies

7 Outgoing links

Page URL History

Redirected requests

220 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Screenshot
Live screenshot

Full Image

220
Requests

69 %
HTTPS

38 %
IPv6

45
Domains

65
Subdomains

52
IPs

7
Countries

4479 kB
Transfer

12216 kB
Size

51
Cookies

220 HTTP transactions
0 data transactions