winners--2024-spring--kinsmen.lotteries.dev Open in urlscan Pro
15.157.99.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winners--2024-spring--kinsmen.lotteries.dev/
Submission: On July 25 via api (July 25th 2024, 8:06:49 pm UTC) from US — Scanned from CA

Summary HTTP 117 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 2 countries across 19 domains to perform 117 HTTP transactions. The main IP is 15.157.99.24, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is winners--2024-spring--kinsmen.lotteries.dev.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 25th 2024. Valid for: a year.

This is the only time winners--2024-spring--kinsmen.lotteries.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	15.157.99.24 15.157.99.24	16509 (AMAZON-02) (AMAZON-02)
59	2606:4700:20:... 2606:4700:20::681a:1dc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:400d:c1d::5f	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
4	2600:1901:0:7... 2600:1901:0:7cd2::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	146.75.80.157 146.75.80.157	54113 (FASTLY) (FASTLY)
3	2600:1408:ec0... 2600:1408:ec00:1e::1735:23ec	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	3.218.44.124 3.218.44.124	14618 (AMAZON-AES) (AMAZON-AES)
5	23.48.203.133 23.48.203.133	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:400d:c0e::9d	15169 (GOOGLE) (GOOGLE)
1	72.21.81.130 72.21.81.130	15133 (EDGECAST) (EDGECAST)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2607:f8b0:400... 2607:f8b0:4004:c08::93	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c01::5e	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:400d:c00::66	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c02::9c	15169 (GOOGLE) (GOOGLE)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
117	23

18 15.157.99.24 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

winners--2024-spring--kinsmen.lotteries.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2606:4700:20::681a:1dc (United States)

ASN13335 (CLOUDFLARENET, US)

kin-sask.lbcdn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c1d::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7cd2:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

s2s.kinsmenhomelottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.80.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1408:ec00:1e::1735:23ec (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.218.44.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-44-124.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.203.133 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-203-133.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0e::9d (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.21.81.130 (United States)

ASN15133 (EDGECAST, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c01::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::66 (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c02::9c (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	lbcdn.io kin-sask.lbcdn.io	33 MB
18	lotteries.dev winners--2024-spring--kinsmen.lotteries.dev	1 MB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1114 w.clarity.ms — Cisco Umbrella Rank: 8686 c.clarity.ms — Cisco Umbrella Rank: 1838	29 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	142 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 669 px4.ads.linkedin.com — Cisco Umbrella Rank: 7330	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	9 KB
4	kinsmenhomelottery.com s2s.kinsmenhomelottery.com	273 KB
3	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1884	15 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	3 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	google.com www.google.com — Cisco Umbrella Rank: 10 analytics.google.com — Cisco Umbrella Rank: 238	274 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	74 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 341	771 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1356	722 B
1	t.co t.co — Cisco Umbrella Rank: 979	376 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1253	15 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 1211	31 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	872 B
117	19

	Domain	Requested by
59	kin-sask.lbcdn.io	winners--2024-spring--kinsmen.lotteries.dev
18	winners--2024-spring--kinsmen.lotteries.dev	winners--2024-spring--kinsmen.lotteries.dev
5	analytics.tiktok.com	winners--2024-spring--kinsmen.lotteries.dev analytics.tiktok.com
4	tags.srv.stackadapt.com	winners--2024-spring--kinsmen.lotteries.dev tags.srv.stackadapt.com
4	s2s.kinsmenhomelottery.com	winners--2024-spring--kinsmen.lotteries.dev s2s.kinsmenhomelottery.com
3	w.clarity.ms	analytics.tiktok.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com
3	snap.licdn.com	s2s.kinsmenhomelottery.com snap.licdn.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	winners--2024-spring--kinsmen.lotteries.dev
2	www.google.ca	winners--2024-spring--kinsmen.lotteries.dev
2	www.clarity.ms	winners--2024-spring--kinsmen.lotteries.dev www.clarity.ms
2	connect.facebook.net	winners--2024-spring--kinsmen.lotteries.dev connect.facebook.net
1	c.bing.com	1 redirects
1	stats.g.doubleclick.net	winners--2024-spring--kinsmen.lotteries.dev
1	analytics.google.com	winners--2024-spring--kinsmen.lotteries.dev
1	px4.ads.linkedin.com	winners--2024-spring--kinsmen.lotteries.dev
1	www.google.com	winners--2024-spring--kinsmen.lotteries.dev
1	analytics.twitter.com	winners--2024-spring--kinsmen.lotteries.dev
1	t.co	winners--2024-spring--kinsmen.lotteries.dev
1	googleads.g.doubleclick.net	s2s.kinsmenhomelottery.com
1	static.ads-twitter.com	s2s.kinsmenhomelottery.com
1	code.jquery.com	winners--2024-spring--kinsmen.lotteries.dev
1	fonts.googleapis.com	winners--2024-spring--kinsmen.lotteries.dev
117	24

This site contains links to these domains. Also see Links.

Domain
kin-sask.lbcdn.io
kcos.ca
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
lotteries.dev Amazon RSA 2048 M02	`2024-02-25` - `2025-03-25`	a year	crt.sh
lbcdn.io WE1	`2024-06-23` - `2024-09-21`	3 months	crt.sh
upload.video.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh
s2s.kinsmenhomelottery.com R10	`2024-07-12` - `2024-10-10`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-05-05` - `2024-08-03`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2023-09-09` - `2024-10-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-08` - `2025-05-07`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-11-05`	a year	crt.sh
*.google.com WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
*.google.ca WR2	`2024-07-01` - `2024-09-23`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-07-01` - `2025-01-01`	6 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://winners--2024-spring--kinsmen.lotteries.dev/
Frame ID: 30029486B578C1E0000B4A5A3C8177D4
Requests: 117 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kinsmen Home Lottery - Kinsmen Home Lottery

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

98 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

23
IPs

2
Countries

35980 kB
Transfer

44313 kB
Size

35
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://kin-sask.lbcdn.io/uploads/2024/07/2300642_Kinsmen_S24_WinnerList_24070376.pdf
Title: FULL WINNERS LIST

Search URL Search Domain Scan URL

URL: https://kcos.ca/

Search URL Search Domain Scan URL

URL: https://kin-sask.lbcdn.io/uploads/2024/01/Kinsmen-S23-Winners-Cash-Cal-.pdf
Title: Previous Winners

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KinsmenHomeLottery/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kinsmenhomelottery/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&e_ipv6=AQLNePdzexDu3AAAAZDrgLhkOpSMo6eP80JQP_5t6OPLA-yQE1BVroCD0dfz1fHHputF0c7Ytt98

Request Chain 111

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&RedC=c.clarity.ms&MXFR=049132BCD22667B4213A267BD62669E7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&MUID=3A141E422D6A6FF9355C0A852CC06E72

117 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
winners--2024-spring--kinsmen.lotteries.dev/ 115 KB
116 KB 1564ms
957ms Document
text/html 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 / PHP/8.0.30

Resource Hash

576d9e40881c7dfe74894b94e0481756dad5ec70824159f4101e6a0e2265acd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *.lotteries.dev
cache-control: public, max-age=60, stale-while-revalidate=60
content-type: text/html; charset=UTF-8
date: Thu, 25 Jul 2024 20:06:27 GMT
link: <https://winners--2024-spring--kinsmen.lotteries.dev/wp-json/>; rel="https://api.w.org/" <https://winners--2024-spring--kinsmen.lotteries.dev/wp-json/wp/v2/pages/7>; rel="alternate"; type="application/json" <https://winners--2024-spring--kinsmen.lotteries.dev/>; rel=shortlink
server: nginx/1.21.3
strict-transport-security: max-age=31536000
x-powered-by: PHP/8.0.30

GET
H2 200 style.min.css
winners--2024-spring--kinsmen.lotteries.dev/wp/wp-includes/css/dist/block-library/ 111 KB
111 KB 88ms
88ms Stylesheet
text/css 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.5.3

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:27 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:11 GMT
server: nginx/1.21.3
etag: "1bae5-61ba96e2768c7"
content-type: text/css
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 113381

GET
H2 200 frontend.css
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/ 604 KB
605 KB 130ms
129ms Stylesheet
text/css 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

9602d6839a8376ec243c77fc3ed269ee321fc95541029d358b267ddc74830a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:47 GMT
server: nginx/1.21.3
etag: "96f52-61ba970422918"
content-type: text/css
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 618322

GET
H2 200 Untitled-1.jpg
kin-sask.lbcdn.io/uploads/2023/03/ 10 KB
10 KB 937ms
354ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/03/Untitled-1.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7eee6e9cf282dd80568bb8413e244a94bcbcb63546069a10cb0ad78fce40aa

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7MHM6336WYS10FYA
age: 11259402
cf-polished: origSize=13300
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 9799
x-amz-id-2: JUSRh1PUUoylqlF4mlR+qTGhyDdAkgqSyy4GQQAdW521HQ8xgwc3YOPAUS0Xdj9uEUlo6EI8/O4=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: "91a9c6b42f75daa09ff62484db44b571"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cftNPpmB56UfftktSH2w4XrbKuuOInQRtcMqFfP2x7GTmbAAfJvEL7XJwwtMfoh6GFzKHPJJ16rqa6b%2BuZj%2BrESknFxiaY13N5x5DdLULIXlkMIgB60N3cEb8O%2Bn9tyNYxuyvvnodMZLYdDq4t0d"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54cb975ab63-YYZ

GET
H2 200 Menu_590x430_GP.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 236 KB
237 KB 695ms
112ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_GP.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8520c98ba040004c5fde9ee49bca1ac24587d925ad49a5270d612269065d85

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 7MHZ1BHN2FQTV0DN
age: 11259401
cf-polished: origSize=257307
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 241387
x-amz-id-2: Br+vOaCKkb/98jr/knzTU5vPESuOpRtnkavV8KmTFflGP3M8PYCt4d6MoqAgiiYQoIdsn4nqBKA=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "d89e16affc8185df5168759a413aa16e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7drUv1DAG3Ea8ogM%2B0f9pTHil5eDEU8zVWu%2BkCdYsNV%2FsG8nIY85pmhIE%2FV8SCmy7cv3d4w5o%2Btt0jCVutWZ%2Bv74EhxsFUl2ykXLFcpHVQW%2BNYPUHN9jBbslmmGLB%2B221Z0RWSmHsuXTjT9SPZS%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54cb973ab63-YYZ

GET
H2 200 Menu_590x430_EB.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 214 KB
214 KB 174ms
166ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_EB.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0af313734cec37dbb158ca2448cad5cfeb36888c39c7e906a555636abe1293fb

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KM0VB1TCWMM7FGH6
age: 7535097
cf-polished: origSize=230833
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 218877
x-amz-id-2: ZujveCHnptUMkhk3P3xQ4vWO/Iav3TcfyVffnkU1KAPnb4MfYIhwHCrYj143XC6ki1k6HgQdavI=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "15407574e9808405d5b90996480f3257"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zi5SnjN%2FHFR20yA3N5fB%2FGZX6I3szv4mSTMGJHEXw5NxgtOqC8lQ4JhFWjq7ojO4%2Bmo0T74Okuol86WKrZb0aqhA69gYpVGVZLs%2FPj%2Fk%2BhHk%2FLJbQpngH4%2FdQG%2F5YEND65QXPRsu15isI1aOSQ8Y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54ecb71ab63-YYZ

GET
H2 200 Menu_590x430_Bonus.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 246 KB
247 KB 119ms
112ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Bonus.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f65c5d0f395c2d68015220a7ca64ecd148ce759c4a178dd92b2a3a2efa2911f1

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5N9XZRYQZZWV79QG
age: 1285434
cf-polished: origSize=268167
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 252271
x-amz-id-2: oSAhFtYOoVAniTgqUL2ehqjRsvq3KacFC48Rs5KxJaHjwHnuILCvnEprmiKOjzPjasGEUY1vhx4bfoR8/fiVJtbmkXR6GvH2
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "332a2b2c10587dfca0b12456829ef2d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u0SPYHKXQKQrc5ggIQrmBN3xh13%2BfJklcDjmIt%2FQdHYN5jnaU4aC54%2FrFI7G1vUDq6Eh2qqP3btqlaK%2FaktOS5TfnC9tLew8iwWuKFttalsJ6%2FCH0giWJr%2Fy27roGRWcBT9UkFW7EeS9iptVVjmy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54ecb72ab63-YYZ

GET
H2 200 Menu_590x430_VIP.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 182 KB
182 KB 172ms
165ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_VIP.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c962f79dc4ce4bc429ed42f64e36621247e13b80d35705a33a39dbed97a569d

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BK1F5RYTRNPZYDY6
age: 11244681
cf-polished: origSize=200487
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 186018
x-amz-id-2: +P2ju3+qaaAm1ipCPt/dyyjG+qcpyORkkILGVKyv4Q+wRyPwUGkspDAqRQN0MF+WVXQwOCQsFP4=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "80e7c2af47677c2c426801de1c26a498"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ER1oxmfBgV2SS8vzkMLr8jZgunEzB3k4L07VkgqAW2Bk0%2B77oa4ndr7yOWbRR7b8kWHpSSq7gf%2FBGkBtCSXBqFSbvehIAk1BgBiseWELGe9T5k2eSnXazMjU8olfHbtKh4ffF7QhOlHtrvHsRzr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54ecb74ab63-YYZ

GET
H2 200 Menu_590x430_Vacation.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 304 KB
305 KB 224ms
222ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Vacation.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4783eaccd7a80a58ad310f9cebad6c8c8d3d0f05a19c66c87de2150ddf2b14d0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: BK15R9DA8F4A2V97
age: 11244682
cf-polished: origSize=331960
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 311598
x-amz-id-2: PdHQ9LEVK5QyPW+rSil57we16EkK2aoLPKVDE5i4F8rwocrF/YR9MZQpqKO9DBB7FVCCBlioCK0=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "787083315d281443b492bc995759650c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KS5TsPW5NxV7aDpH3PPFl9HMNCLR8eD1m%2Fuiw6PVB9RchqctyTH9JeJJD2av8SdFgE1cN%2BCgWz6%2BWeM6UouCVQCT5bxs07d5KLjoXUBDAsjj%2FR7bdw3GZk%2Fs%2Fq%2FBzgSFRqqwzWHBx2RJgCkm67dw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac41ab63-YYZ

GET
H2 200 Menu_590x430_LivingLocal.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 150 KB
151 KB 138ms
137ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_LivingLocal.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb54f2a7594eaa6c2c05c32502368ba036c3f1de2a94a2e62c634e908321b7a

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NYKZP5P8C02J8MMY
age: 7532862
cf-polished: origSize=163684
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 153467
x-amz-id-2: wiqb97nvS6J0J/HPnMpcLErEQe1W4hu9ujKNAXNE/ZV9V+692V/gzeMQPOQ2IfCINnrstdwjm1I=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "042bc57c2c71e5cecfb9d76dc5c1f978"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HkDcfSHQtOBIg3D1dQu4WKxOGozrk18pk92UVwPgPtBrxyq290NO%2BBeOCadvsJqD3mrxRtW3PndK4L6BWU8efxH95j0vvlX%2BKlxVNlcr6P8rKFQrBeDstoqI7qmRodL7efqRedOMu6w5fOF9sIH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac3aab63-YYZ

GET
H2 200 Menu_5050AddOn_590x430.jpg
kin-sask.lbcdn.io/uploads/2023/02/ 141 KB
141 KB 202ms
200ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/02/Menu_5050AddOn_590x430.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3947e0f7f76bb6322c20f756c603ff2ef98e4db2a3b0097ae5febcaeb923f6a4

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CAXFEYF4SD7RP7F6
age: 11012375
cf-polished: origSize=151686
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 144205
x-amz-id-2: tfpfjYi3xlMxV/6NSgCx5qnW4iC0wIZD0Wjdqm8If9FWaoH+fLlatYa15WEiEKwj8Jo3ZI/1hSo=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: "0ca27cbc6ef396e6106b849eaa2574dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvIDNIa0E%2BP5bq7s6aojUN8H3Sy6skCDDIsgqMNmSQZQV%2BrWfNnwWixHwq1dPjNkYta33kBUSBgrWdbKtmKQA9hVwfgeT5UiPV2Zs%2FU0Pjkt%2F6o6nXytsdPWjph9%2F0sd77A8EVegwLY06bK1Z6V2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac42ab63-YYZ

GET
H2 200 Menu_CashCalendar_590x430.jpg
kin-sask.lbcdn.io/uploads/2023/02/ 143 KB
144 KB 177ms
176ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/02/Menu_CashCalendar_590x430.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb840e8c0ff6abbd1a8f8caf2cfa8a3c8cdac054b1e2767368da977f475ff0e6

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6TQPK6HW1GAD64VD
age: 6441622
cf-polished: origSize=155085
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 146696
x-amz-id-2: WIsPqVYvPAJXRLhXuZDTDQ1UopufvFhLQWJDCOmux56KUxk54JwD6hqXFWdesD+mhno8R7pvimA=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: "d2a858da06585713d6d9d8b49fb96dc9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5vBoZDl1C8q4Y9xcc8QlG37cop9jsxxHWx2Cm3LdpSBHvkuCNSZhKkeExjeBFt4A82S0ogLzPET3hNPWLjAOVp%2Bq6MYcB56%2B2scNccsLRojZHp%2B3qIjWgHmIo0A5JebNfQO%2Ff%2FxKSnMv6nRSPDpl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac40ab63-YYZ

GET
H2 200 Menu_590x430_Proceed.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 253 KB
254 KB 157ms
155ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Menu_590x430_Proceed.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c968aaf215c0bdbd44f227ffd2156498680421921bca50b6b3faa645eec030e4

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: R06CP5S8WCPPS7V7
age: 6257005
cf-polished: origSize=276321
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 259066
x-amz-id-2: 6N7fb9IAerygmXL4iu8avagFPEpc6BMOtFsXVSdhUAPLlyLeGaM2pizsNgvbMHsPIAWgsfQVyr22Og7gK7JP+OqP9/Bmzjp6
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "a3f437dc655ec5e97ec9458f7254d77d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2F%2FXZsvidcw5xsJX0ZC75F1xqy%2BrwSvZeesHBpLu3rbnhHkDJr4QvlZU3uvYQJvhT0GgCtX%2BIjOkr5%2Bz%2BRBlLhch82FfvcAHXL8ahBOWQcmFaWu1PZUvhcVqlCjQrduKLniZRvT274GBN1DjEG2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac44ab63-YYZ

GET
H2 200 Kinsmenclub-logo_silver_150x150.png
kin-sask.lbcdn.io/uploads/2023/02/ 22 KB
23 KB 103ms
102ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/02/Kinsmenclub-logo_silver_150x150.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e6eebbdf495a89aef0a64c368757d101de2d6d892b0984fd9d01f6b2864331

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8SYPYHE4SAK3R5G3
age: 2074693
cf-polished: origFmt=png, origSize=32525
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Kinsmenclub-logo_silver_150x150.webp"
alt-svc: h3=":443"; ma=86400
content-length: 22836
x-amz-id-2: 0yJhovtTdu3DF4+u7h0kKdOOnEWsrJG7YSX68FEYuuIPqUI7qeLLHpu8oCkncg87Tg4yj2XOehMOqgAtGZT2wBXsUHTYe1mO
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: "5ca197e5de317882afd7e51c3a072997"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivHBz8S%2BY1dtVmlUjUZwHWCiAcsfLw5uv7QgbzamC46G0lyxfp4VXOkLj6t7dFAy80zxQ3S4J3gWHwTxHyfZ4y8M18%2Fs3oRhhSAGO4iqEBc3dXm96WpB5Dcy6JiMrXASLyZEnsC4vY%2F%2F9F2JblwP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5518dd8ab63-YYZ

GET
H2 200 018-Kinsmen-HL-2024.jpg
kin-sask.lbcdn.io/uploads/2024/03/ 528 KB
529 KB 117ms
116ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/03/018-Kinsmen-HL-2024.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cae70990bbbc74ed94ef0e3e98a26f13e926edb0b4080b9990c3bef4fab11200

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PC0453BJDEPHW7QY
age: 8049372
cf-polished: origSize=618625
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 540751
x-amz-id-2: +5AfTYJbAYmbGb8eTp6fVVrOl7eMpL1PlZ9+1pwQ2Zda4h4s9GtIoXL4/H2SXKCU2MnEFn+lJdsQMcc94YYAOvaqHFboP9CI
cf-bgj: imgq:100,h2pri
last-modified: Wed, 27 Mar 2024 16:33:01 GMT
server: cloudflare
etag: "55521aa8da9d92ae7613d74a9a91aa50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WNm%2BVHZMBfmx%2Fn7tve00cumGwv23BlZTR7kJeGhj7YHH1kBtWuD1Qeeh3XxX3Y4HI5UKejhh2iq2gmBVt6ENtEXp5wlV7%2FoWdsve2%2BoE1fxKb9i7sqU9Y0cbVx82xe4%2Fv93Gz%2BqpYWb5rm37QdWe"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5519dedab63-YYZ

GET
H2 200 Mavrik_Logo_Pantone_234.svg
kin-sask.lbcdn.io/uploads/2023/02/ 2 KB
1 KB 113ms
112ms Image
image/svg+xml 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/02/Mavrik_Logo_Pantone_234.svg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1950ba755c2fea6c6462d9861eac5d20d569ccd907d246267e0978361f4c8c4

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2D5MBE4T1B2H4ECD
age: 1285403
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 2tf1huZvl9qpEvGmXN2xyVFeR95WPggRwCuIVOS7I7/XKWMqSogZLOKGg5zPCvY9Z69cOjntpFiAcCKDy5KSALnWOJHXjaz6
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: W/"bb5750856313b4c51b7f8567f1b2af30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2gWAvpjjptMRASRH7DlnDWz%2FwIQfXwx5U7rO%2FX7x00otudmt1XuE%2BGNUtgAbTi5Dk%2FVQmbngaDoh5ywjl56zDyVR92K%2BO6aw6qlIxUr6kdSWtV%2BiJKy3JKo6p5YGatLVZ5IJHoO4bfdEC0B2pIos"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8a8ec551be12ab63-YYZ

GET
H2 200 css
fonts.googleapis.com/ 4 KB
872 B 679ms
209ms Stylesheet
text/css 2607:f8b0:400d:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:300,400,500,600,700

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c1d::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 25 Jul 2024 20:06:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 19:42:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jul 2024 20:06:28 GMT

GET
H2 200 aodbt-logo_white-e1711485019391.png
kin-sask.lbcdn.io/uploads/2024/03/ 4 KB
4 KB 112ms
112ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/03/aodbt-logo_white-e1711485019391.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9d1409a6aca327dd838db9cdbab7d6a5c49424d87423f73ae92f4f357470f22

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 3YQFAF7XZY06JCEX
age: 6041649
cf-polished: origFmt=png, origSize=6000
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="aodbt-logo_white-e1711485019391.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3834
x-amz-id-2: r24+m95r3owEYc5ovD0wLdp6EprBHhjI0bv0eNSrtUJ/RW0A7gXYK/bTM+czpldD2sz4GYPvy4qYh0wFKYMTesXHQj+oMoUR
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Mar 2024 20:30:20 GMT
server: cloudflare
etag: "a95c9e5a375229849a838eb769c0224a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yuboSxbChvuV1kOVk3MoGKv8MhyrHwbu3eXwP%2Fp5ZNJgFegeqqGccLfxyTGG03Lc8a2g6GYpaDesJ5T3N1pzco649tU4kMaEdVkOmULzWil7CGxVHKsZlqURUlAVc6vVMYlzJjJ58M6r1Bacq8J%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec551be14ab63-YYZ

GET
H2 200 EB_1100x1100.jpg
kin-sask.lbcdn.io/uploads/2023/12/ 767 KB
768 KB 116ms
116ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/EB_1100x1100.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6677f982122c3572c48ee15b3509c791f40ff5dba40f833a9ddb1815a94eb9e

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GVX4892BJ7F76HPH
age: 11244671
cf-polished: origSize=844387
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 784949
x-amz-id-2: vm1RuKqi8FFkUVIXF5++LJiuJYlYZDqSooTE+m/CcUZvWweSCbNwzWaysr8+0wtYBVDOuwaULMY=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "c3a8da6731d5dcc2436db8bbfae72ac5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WF3DjMvC2REY8CvvIiwfkQY4q%2BHzj3pWvW9YHxuXBmZsIr2VlD30MZl2ks8kpLDkdNgMZjf6iEEubaFUG6WWzzImBkZtTgQP%2FfOusiU%2BY8tHMkkMrs67p2%2BFcMbZGr542Lk%2Fbd%2FWLlH7JnmudaNF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec551be16ab63-YYZ

GET
H2 200 Bonus_1100x1100_1.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 828 KB
829 KB 127ms
126ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_1.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 942b8c62b588d243ee028c33aeaf1bf99ae61665ecefa87de162c1fd717d081e

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 62BV59KN85GNN37B
age: 6441621
cf-polished: origSize=919091
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 847785
x-amz-id-2: sUf03Dqw0adojjSQNlzGxY6YR2+cdYePkgBibFAZCPc5DGIqv3CYjTHgL5nYxV2aUXt3jq0lHZk=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "19dd0dc8813c589bb07c8bd2eea23943"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vp8sKnq39ScoViiJBMsyN7KeG39CuPjpbrAL8uIj%2FHcz9XvrlQweAcuVMhfLmSdmnOMiwy%2FxFgpkJsQjaRHg5puiqvWnh0TJRAVpl7S7aStVrWciLM6uyd5Wrrs%2Fz%2Bk3ezWACSrhkyPwMh%2F3di%2B3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec551fe47ab63-YYZ

GET
H2 200 pexels-allphoto-bangkok-5279020-1920x1280.jpg
kin-sask.lbcdn.io/uploads/2024/02/ 577 KB
578 KB 139ms
138ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/02/pexels-allphoto-bangkok-5279020-1920x1280.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98f1d5d8ac732e6f478ed3eb43c58e5fbad231dd49b393787dbc1bd9aeaaeda3

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XQZYS32J58FVNWD4
age: 11244667
cf-polished: origSize=625210
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 590799
x-amz-id-2: cDoPxVJ6MTaZZWjGjT3ICbw1Ugj3Cw/bupdjV4HpG/8B0fG8+PEErZk5ZD97uXlCaRXhfsoUEQU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "762fe497a0fbd40678236066eb171a89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cWGIz2wYsKYsU4JIcOAcjZpBzbu%2FXYgDDmtld55j7s1cBzf3jqwaGkLxQsnZjsrtlz1VpgZ3f%2Bkpknf16vclR0VSn3dF6LKSoyK%2B%2BmoTbmMFdtBXZDZMmEbvwsh%2F2jjvrxxXqvg7ursaQWbdnoJK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5522e7aab63-YYZ

GET
H2 200 Bonus_1100x1100_3.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 157ms
157ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_3.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe8676e3b57dedc21c850ed016c4ded24218b6c058bd0e83a7398cfe95df48e8

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GS9MBH63VXWA1XXP
age: 7535096
cf-polished: origSize=1326478
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1228681
x-amz-id-2: HjqMMByLcnntlvv6iDFfGeCWtWKCzIA15fl9BGXt4hRC+o1XmMOVH3lt0F0ysGAIUoeDZ5jUEYk=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "992805daa16060da04767873f21d73fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dtpn3CwiyBwoSqraQxlPVZmpP8LBqCazF%2FcUTRzVAbNki3g6zxCRSa4Tq1fg0YT%2FvwgWMK%2FNXXdkjA8qDRS6ECmgiKejSRAG7oyKzqY7LxpfWpjBCtVc%2FApPcPURMxZ9WlIn6je3cxKaVhU%2F1Bnh"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5524e8aab63-YYZ

GET
H2 200 Bonus_1100x1100_5.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 845 KB
846 KB 183ms
181ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_5.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334c12d789f0977761b887fe46fa1ce708f5c1f743d857f0dbd49c93a9909d60

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CVB309S2TEV9ME01
age: 7812303
cf-polished: origSize=935869
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 864787
x-amz-id-2: kDK8/KISe6m1Xs4beactOPU1JWMoPMbNcBxslzcoepsgkPeVydJ5qdFdNs5TXf+rPybYcP4PJgQ=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "da901034e88451e46244b0ed811e3d1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IOmdyGjKt0PIqxHCgN%2FJXlOZW8ZmRSAKKMoa%2Fl9gaHwKaHJhNxpI21HpS2JrSz6eC82bo6FT27l5EHsmWEIxC6rNQJpg%2F2ojgPR5f86d2EDXtLjcfQ5bHt3MnyLFyFm2OkA0g66rlNuCz093rdJY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5527eaaab63-YYZ

GET
H2 200 Bonus_1100x1100_2.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 233ms
233ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_2.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 079d916eecafa01f34c24e24bedd5f04e87cd0606835cf96570f6e4de371c5ea

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GS9ZXTQ7XDG4XCRQ
age: 7535096
cf-polished: origSize=1410218
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1309765
x-amz-id-2: RZdJJDdS366g7RLHJFdCAqMZCUkz/DfyFnNP7qFXCl0eslbHzx/SXIUt7CcY1FqNlThVYhky+8I=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "8f84da08b9ec5b077328a1c2e4efe3e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dl9UmigKS72SfSYcWlvWf2vJwwzJ5m5%2FcD8%2BEGU2ZAN1dbV9Tmzro4M%2BlrHeYBLZGPjLdIkUEM9NbeXWV%2F4T%2Fq%2FN6cfuEv5gaKjl9l1os52oeDAnsFpueJxpHA0z5Z0nXLP7e2uleB57YvSGQsO%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5528ec5ab63-YYZ

GET
H2 200 Bonus_1100x1100_4.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 211ms
211ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_4.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495cfd8dd949004bfb9bc7c30681437797e179edd732c6721c9b8eab42c373ad

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GS9MSP1JA0EBE671
age: 7535096
cf-polished: origSize=1463127
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1351986
x-amz-id-2: 6p+S5fq3Zfpv+qlb2ldXBzW3baL/SPevO9LTHA+D9q9hkWxcgemgjJMcO2tzsULJR9So7+OD8XA=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "d3f791332b0aa48f574c27dc65079aeb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BT2vaA69qDm5r4uFAcwjpzu1s5fHkmMJYqoLSdS0ut0TpG3kZiHnqH5Z%2Bc59TSlEfv38HP0vEtkVfuqmw09YboVWPG8wciP6ERFwo08CvJ75nBLRKeVSIJskIoF%2BEV2%2BWSgFs8yeUfQAkpusu7e%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5530f48ab63-YYZ

GET
H3 200 Bonus_1100x1100_6.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 107ms
106ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_6.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5fd3a72b827b71665940751ac7359cecba82ce412af174b29674c01478b536

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6TBVEN7B6C8TB81P
age: 8842246
cf-polished: origSize=1563360
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1451005
x-amz-id-2: 1I+CLrCHGrGodZHs4zvb753TxVnnDpdFPBXmb05rcHn8snhX2aQEb5CB8/AGSFWmv/QD5D7byrg=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "b7a836f0cac143eace9189f62e8ccd1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=549062brhcJnenaeGUCYJaQwwtmV354xkn3IdqUa6Z9ULzK8A%2FeVcpp5MZPB%2BFe1S51W6iHre7v56O6kXd4N1JtWQv4QUUhkkZn4dtn0ETwGIsDZ9Z%2Fu2dLY8r%2FPlJLMJaVjxVOHiq%2BZl00As7Wl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5554c32abab-YYZ

GET
H3 200 Bonus_1100x1100_7.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 698 KB
699 KB 205ms
203ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Bonus_1100x1100_7.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daba10de1d120438e30267b1a471fae110450104232d4abea93232ed1c6d4a51

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GDYE5PWXQF6JBNCF
age: 7530919
cf-polished: origSize=770734
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 714844
x-amz-id-2: AMI0HZbdzNfV9+5NOH7HIR6B+7wrm9tVBOdfG2hnoSjf59bI4xdRLc1CQMKw/La1SsPwH7G87sm5dYVD/76yIwPRr3UjtZW+
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "398c9d028d64e0b96e78526752e73de1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FYWtHiU723%2Fo1CCfW2WWbV5%2FAnZ1M%2FuNbR3iCw5IRRxoUybsqCqsUkND3JNXq8q74YwFKNOZU0T0AHET%2BRwKC3laFf6g5XrLZL0YBAGGaMe0cKzudXcTFC8wr664O2P6u7Y7HmRdv3HYglPRMc6p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5554c33abab-YYZ

GET
H3 200 VIP_1100x1100_1.png
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 204ms
203ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_1.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc7147ee34940deddfbe4547b18f5f03603be7606fc152b303788de874dd5683

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: C4CTB1G4EQW7P044
age: 3039112
cf-polished: origFmt=png, origSize=1676081
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="VIP_1100x1100_1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1228030
x-amz-id-2: DZpnGu0doXevunK0v3+IEub3u22qb0KJzs5JQVypZ8vGxAsSnJm8iBQngR2QLHrCdCGmTNaUzO4=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "86583262f1456403deef4e970cb796c9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFcKXwHpmq6e0m8ZtiIXDEB3vn1Txxt%2BzLCMLX5j3BI4Y3admgd1T2Iy60RGge0Ge7SEj28O4pytRhEqG8gGrX3Y6ap2wRZ5mJuPAUkK%2BDtPx%2BHeRW0rH06LWaOmdGi3Z85%2FNqhOGgqM3irxH10U"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5554c36abab-YYZ

GET
H3 200 VIP_1100x1100_2.png
kin-sask.lbcdn.io/uploads/2024/01/ 2 MB
2 MB 195ms
194ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_2.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 005d43f83fc7ae4d9c97c692ae2f5d0a764d36b6695c93fd1755a45d2c9b4170

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MH2XZG6W9F8Q0WYB
age: 1061892
cf-polished: origFmt=png, origSize=2365892
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="VIP_1100x1100_2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1951046
x-amz-id-2: zZHKcTEPIH8J6vah7GMN9OYqJmd9N73ften8K2/D2dzpaqMBw2jfCaWKLvAEQKjThT0cFgwXvPg=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "7f5a407659669a168752bde05ed30482"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aGR3%2FViBIKATVnE%2BZOAfyYv1sTqNQiw0T9KJETqRtaPazXsN6bjrWJiY%2FrZvbNFtqjEQm7Y33l1EfNrgnKAPD5s3R9PzSneWdl60OkcLnX0WmtVPOEGjxQzXQ1hCXAf9fH0qoPbUtC4MKX%2BdPaoI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5555c43abab-YYZ

GET
H3 200 VIP_1100x1100_3.png
kin-sask.lbcdn.io/uploads/2024/01/ 2 MB
2 MB 212ms
211ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_3.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d78761b67265b76888cc8f31309b1b56d13748d0a48076dd9b4ba418abcf697e

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2D5W8D6YFGSC07Q6
age: 1285404
cf-polished: origFmt=png, origSize=2412036
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="VIP_1100x1100_3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1780378
x-amz-id-2: VhouwBxZR1SgVyo+23NcsyHetiYeFkgBbkyLcoGDP46Z5QbAq/iB2fVxg6nbL6xqkSaAGGXo38R/UQlrdTp4hW8S12McqoeKGH0LIKPFK2s=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "9146bd121f890b25603c8362f4da25d0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0C5wLosTqe4i2BcnlToyCzB8FjkS1%2FvzWeOIzZsNqgqmSi%2BN9PKPG6QPwMTGCkZygh6Ti5LiqOpKVDFrf34Tg67wHDKkZpA3rBKx7Ly76s8JnlkFYpniK7gZBOE%2BXPNmIkjowm6hoKLgN6%2BmWUzn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5566d45abab-YYZ

GET
H3 200 VIP_1100x1100_4.png
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 223ms
217ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/VIP_1100x1100_4.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ce7675c8ed7fc58ff63c22533ed8cc5b8c719ceeb3e5ef07e297c9f95f1993d

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 8Q47JEZEFBRQNGVJ
age: 4410041
cf-polished: origFmt=png, origSize=1690509
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="VIP_1100x1100_4.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1241000
x-amz-id-2: peBZm6IBHaniP+++1/bxKuJLMFXQOgeUDWoaCTv9wUEOi61cp2ijA7MtstaKtdGK2Pv4RN1FpNU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "c55fa023146418ed87bc166f07b4db3c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gNPbstzyyXVYg52WG9rVU%2FvOB7f8pb5yhuwHdV5PGXh2q%2B06s3IoGHvoAjSKqWrh8LTTFOwOQ%2F%2Fxe83F33k16uWFdvosJI6BlG6Ko6gNX73sS%2BDN6nxf1Iashug5M6FCnDH00z3LD3hmomD6fXH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec556fdebabab-YYZ

GET
H3 200 el-retiro-park-5048966_1920-e1707773856702.jpg
kin-sask.lbcdn.io/uploads/2024/02/ 235 KB
236 KB 2132ms
2131ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/02/el-retiro-park-5048966_1920-e1707773856702.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3046569356f90123a019ed0fff2c1f3e7df447fb105a84cad1bf4c0709e33f23

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2HCEWZE54WYPY5SX
age: 11244666
cf-polished: origSize=251801
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 240468
x-amz-id-2: 0MeMAK6lTECZX+Ry4pwKNfb9Ch73WZja8/KOpCAVYEvR+2SIz43Wa42FvH1yJOANoVyg8+uSVIY=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "403f4c20fef75089214a726e31e12477"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jmxsjfs5YTpuaQsGsiZpvketCn4L81Vn0QL0R1d0m7wNvRUkm2KN%2BGBXYsg%2BO7jWRPYAX%2BkZo7vnfwg1R5YYv7RxX7gL5NMVX%2BGbU9VfPrcMU1pAWNFUNPAL2Y3aROGj1ncM21kT6IMJUaq4OXeu"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5577e96abab-YYZ

GET
H3 200 AddOn_100Days_1100x1100.jpg
kin-sask.lbcdn.io/uploads/2023/12/ 464 KB
465 KB 2230ms
2229ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/AddOn_100Days_1100x1100.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 741255da0b37252b6f3636daf63bbfbebb3d5f4514f3b5ec300ff0ebb5cd0723

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2HC2FNVB6J27DEZQ
age: 11244666
cf-polished: origSize=514232
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 475266
x-amz-id-2: ueX6dFlSePLEbywimq1G+EEaWxnEi+9bUiMNJzhaZUcUfo/9eLD8JL1oMFR+7T62poezDCz+VGo=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "0a20e9ec89ad9bb5260d84265b81c52a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JJwTu0%2BEbiUsKkPnCyTx0GGXs7qI5vpC23IGadPE9ZjSFcsc%2Bu79Yp0isr%2FNVPMUR%2B1rQbEKXIE%2B7wI6uZUtBIgZ9IzkhbcrkjBzwrfg79vzv367a8aBPmydu29OF00nJ7eN96oCb1fr95NLW0zU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5578ec1abab-YYZ

GET
H3 200 5050_LRG.png
kin-sask.lbcdn.io/uploads/2021/02/ 73 KB
74 KB 1684ms
1683ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2021/02/5050_LRG.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3788b0a961dacabdc7486e838aab2a42d6d1edca3a5ee774310345b643dc1454

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CW0X1AXMSYX92E4J
age: 91812
cf-polished: origFmt=png, origSize=138640
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="5050_LRG.webp"
alt-svc: h3=":443"; ma=86400
content-length: 74810
x-amz-id-2: RRq2VIL3yTBY4w1vMydf7Su/LV/wUJlChw9pZhoPH2WeWD/reesxLe/OU5LMP6LexeQ8stVMM6g=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:10 GMT
server: cloudflare
etag: "9cf1d03504dcc13622ff4f0149eff25d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ULdd4ycOcUmRw3DaJYL2senReH3WTu2jjzeHtl3L9uIG4nF29KT0Zy7dLiIicSTKqHpxDwG10iZZAd6dZP5qvsv%2F9yi4c3P12H%2FAHo5WRFxdAhmwn7F8%2BTeUZG9xTa2BSBR5G8jXNXLZk3fdyjoS"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec55bcaa5abab-YYZ

GET
H3 200 Proceeds_960x600.png
kin-sask.lbcdn.io/uploads/2024/01/ 715 KB
716 KB 1656ms
1656ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Proceeds_960x600.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b44e4dfeba237d1a58dd8c8b726cc819fa4bce3665b63731cd7dcdafdc64b2c

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9HPBWWM2Z1VSRMXK
age: 4829357
cf-polished: origFmt=png, origSize=991433
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Proceeds_960x600.webp"
alt-svc: h3=":443"; ma=86400
content-length: 731984
x-amz-id-2: 9//wU62X9+PuqSJBxBgOpi521eiuTOKrhBZJ+FJP6+AwCd2rIMlJgs8O7unPJALnYEyTVO+9WdE=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "fa2d962a2f6b2f4e00a1f7d4ac32ccc2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JEsgTb9jpa37OojZ1zLuHQmw9wDLCkaJZ9p55E8y7aAleXcwEribT8WOMdyQ9GucZu91KnO4bhPp4xrY4vxIsFfIYoUld2hvxJRti00YN5bwBi5strptKeyoH5e1vtg3KzbRv1Pi1d26kPSgU1FW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec55c5b22abab-YYZ

GET
H3 200 Kinsmenclub-logo_silver-3.png
kin-sask.lbcdn.io/uploads/2022/02/ 19 KB
20 KB 1532ms
1531ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2022/02/Kinsmenclub-logo_silver-3.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ddc51179ebc0c67948a0e9240143f0924a40702d0d6dbdd2727f70e7472b85d

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZKR1A3VK4H9S8W1F
age: 6716104
cf-polished: origFmt=png, origSize=28864
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Kinsmenclub-logo_silver-3.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19806
x-amz-id-2: E5t4y8ZU89IbQe+BkUQYL8Z9p09BGeACtKqWL63iAoweLLjw9UDrdGsQBrxfNfiAqdBKYJ3BagU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:11 GMT
server: cloudflare
etag: "738d0d0fa6af40bcf06c8779eb9bb187"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GRSqHdIPAhLsHQ9WfyPK3FlH7J3mDPv0d0v1Ra4J%2F2qqztavwI%2F6FZryJUM49EHpULJZZFgUTb4fLQoWo1Y7bZyD5UvQAhL7KElXPJJeq7NtPVTsaCMkKmz8IXYomwGL1ov6TwkQwMPCBqappmtT"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec55e7d46abab-YYZ

GET
H2 200 marketing.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/ 3 KB
3 KB 103ms
96ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/marketing.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

63e8e6c2c236f21bf86bdb0ed108e9fca92fff0b59e38e741d16f70d079302bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "c9d-61ba96e01cfa6"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 3229

GET
H2 200 css-vars-ponyfill.min.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/ 22 KB
22 KB 103ms
96ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/css-vars-ponyfill.min.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

cc8fe4bafda198888cee94aaec0b60eba38ba314ad5322edc0ced0eafd1f3d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "5824-61ba96e01cfa6"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 22564

GET
H2 200 url-search-params-polyfill.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/ 10 KB
11 KB 105ms
98ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/lib/url-search-params-polyfill.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

3046a401620fe57641120b7f4f2a48224b8b08cc397d4ab0f7b18b2703629a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "292c-61ba96e01cfa6"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 10540

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
31 KB 941ms
110ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js?ver=6.5.3
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 365729
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-yul1970023-YUL
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1721937990.786344,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 30, 133346

GET
H2 200 select2.min.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/select2/js/ 71 KB
72 KB 89ms
88ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/select2/js/select2.min.js?ver=1719264393

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:28 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:33 GMT
server: nginx/1.21.3
etag: "11dcb-61ba96f75d352"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 73163

GET
H2 200 luxon.min.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/luxon/ 71 KB
71 KB 93ms
92ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/luxon/luxon.min.js?ver=1719264393

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

12a0e76be278fc3380973e6ea34c2b711b203ad47370e2521076dd18085913c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:33 GMT
server: nginx/1.21.3
etag: "11c7f-61ba96f6e516b"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 72831

GET
H2 200 swiper-bundle.min.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/swiper/ 136 KB
137 KB 106ms
104ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/libs/swiper/swiper-bundle.min.js?ver=1719264394

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

35c067e6fac4f78cceb0eafa5df0ea101bb3e4cb417afa110b63679d7100bf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:34 GMT
server: nginx/1.21.3
etag: "221b0-61ba96f7dd239"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 139696

GET
H2 200 main.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/ 112 KB
112 KB 94ms
93ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/main.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

3cd077dd54c699c6d72fd5c5eed15c9ef5212b59edc07144e25b5f2b71169ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "1bedc-61ba96e01cfa6"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 114396

GET
H2 200 map.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/blocks-frontend/ 4 KB
4 KB 85ms
84ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/blocks-frontend/map.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

6e3ba84c452291c0838ca8be9b953fd72db9cf1a374ad2a5327f88a234db2657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "10b6-61ba96e01c006"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 4278

GET
H2 200 daily-winners.js Show response
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/ 7 KB
8 KB 85ms
85ms Script
text/javascript 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/scripts/daily-winners.js?ver=1719264369

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

3bc26695e789f665b5608902eaaeda0f2c0909eb8b48993e51b186d0460ddb54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "1dbc-61ba96e01cfa6"
content-type: text/javascript
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 7612

GET
H2 200 gtm.js Show response
s2s.kinsmenhomelottery.com/ 304 KB
94 KB 1915ms
1309ms Script
application/javascript 2600:1901:0:7cd2::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7cd2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx /

Resource Hash

5a06abfbdad932e08546db4457876e06e411312e80bc37cd585f86fdb8d2ec94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
x-xss-protection: 0
expires: Thu, 25 Jul 2024 20:06:32 GMT

GET
H3 206 Kinsmen-S24-Hero-Video-1.mp4
kin-sask.lbcdn.io/uploads/2024/04/ 38 KB
0 768ms
767ms Media
video/mp4 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T7RZ7XWV1TV434M6
age: 2901942
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-18923690/18923691
alt-svc: h3=":443"; ma=86400
Content-Length: 18923691
x-amz-id-2: t54XTIzzHyLRUSv3pvs7W8RPVTuXvvvfqaBMJ05ERURxA6IslKvZjWc1XrjufYQtgAVnp2KLazw=
last-modified: Thu, 25 Apr 2024 00:42:15 GMT
server: cloudflare
etag: "0eb28d8713fc1f60bd2377ea15142ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2g7VbXt3w334U37v9lD1wsG%2BxMxoI2L0Kd7IHmKq5p57b6Z%2B7yrmFI9U5UTR20DvM1g7Kt5rVnQWT1Zye8zxS6SoELW%2FVZgEgo4%2Fuyu1ykuFIF3RzZFg3SxXPHdMVLS%2BnFqolEIMo4QVHur811rV"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8a8ec56349b7abab-YYZ

GET
H2 200 Proceeds_CityView_95439633-SJP-20140608-0181-Saskatoon_RGB_960x600.jpg
kin-sask.lbcdn.io/uploads/2023/02/ 488 KB
489 KB 258ms
256ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/02/Proceeds_CityView_95439633-SJP-20140608-0181-Saskatoon_RGB_960x600.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3dd1e5d929d2d345fb9531efdc4b7aaa285628a0448664a31bd3dbe1f5893a5

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F2RNT5A46GDN1P3G
age: 1392634
cf-polished: origSize=534845
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 499311
x-amz-id-2: gzqhs06vfUvQJjp5AbRT1gsfDsWUKBjQN+l/txtJV4bUlovnyCPyUac7kLmCPydWv+pqm+obiJodbFTx3tVZsw/JzS79Sj6z
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:16 GMT
server: cloudflare
etag: "e2801c2c0af54a7344bc2559cce8b255"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUr4mYilbgV71WNu6FWVcwae%2BnaVk%2FHtf9P5ktyHBo2RKES2SWYrFVrK6mEkHgHwgG2NjKU8szerdcBcfJ6uylkhWX0hP28FK7lTb4eaJ3sdwr%2FoO9jJ%2FJdtKYP19IHnYuwXCdYXO5kUp97vwrAN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec54fac3eab63-YYZ

GET
H3 200 Vacation_NiagaraFalls.png
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 629ms
628ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_NiagaraFalls.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7655af0c14008fc0322880daf1db0cb7b7a6163a43033976e54cc9af6db16911

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QFW3979B0CKZ3F5Q
age: 3035143
cf-polished: origFmt=png, origSize=2005399
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Vacation_NiagaraFalls.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1330850
x-amz-id-2: 3A154EQ3WMPPoXY0RNx+Mwa+Ym+Oq638a0ic1D70jt1XmZn9Mj6saTjK9z1pMIbt88U8329wvj8=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "6ef8eb596871e209c74fbc77fe43dcb1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R8u5L9zlRJYMAy9nqGRCaMAMgqVL69ZDT0HTqFO1t2Z%2FBzmAni7s29WRym3%2BZwLUdb8iVB9M%2B1UVNSRckh0KcWaJk4pEDnbEy7d8tbepiBob46GQn7cnyloVVJvUMyOobxbs7yZaOE2aIXVNZGlm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec564cb06abab-YYZ

GET
H3 200 Vacation_BeverlyHills.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 2 MB
2 MB 545ms
545ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_BeverlyHills.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 794baedb0d3bd55c72457a7c1323b92f3ad9ff1d57f14872046341d188dbca7d

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CPXEZJDKSK5ESQ1E
age: 6585489
cf-polished: origSize=1779359
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1659974
x-amz-id-2: XJ6aRDKFoFRwRcZIJqlctS6DlHQc1+0uAg3QBA/fzHNoIKqmvElzJ4xKth4BSJaz+uzBqhOhm24=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "8838f65f1ed94930be914f3039e23e60"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6HgW818%2B7%2BXrzXpvaMLGc%2FxuIk3Mqr6c2uU%2B4f%2FU2ClphKdLDw8G%2BUAgPp%2FhjAOAXvg73nuMGllyjO1iUFHPyn2dduRbTL0m%2Bz7BuHv%2Bk6SzrohvUyAX%2Fprf8r2f88AEOvXqRHdqnJagKIdPmm3p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5658ba9abab-YYZ

GET
H3 200 Vacation_Arizona.jpg
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 418ms
418ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Vacation_Arizona.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53a16afd6a5492b619c71a6e679bbcb8dac2e97b3028fc5e684740993dde0eac

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GDYD1CY389HFXP31
age: 7530922
cf-polished: origSize=1491054
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1372713
x-amz-id-2: zl76+mSCoIvX45xrieM53I283hiLRhpJvpMb6FlTqy1tj1e3wEEjfyLCE9mw8sUH8iKGXiy5gHI=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "baae158d977de26528487c5bc82130a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=06hJreXmYt69xBZY2bHSvWem3prwR4F1dGphgmSu8dXvhbP7TFqlBeZ2iMh8GJYFFGcvE850dFcWjF6D%2BWXMvmvT1Np%2FBlShaCZ4%2BD337huVIA1oSPN%2FvlcWR9djTnOu8t%2BoW3luWsmT7DCYV0MK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5664c65abab-YYZ

GET
H3 200 4500CASH.jpg
kin-sask.lbcdn.io/uploads/2021/02/ 591 KB
592 KB 1604ms
1603ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2021/02/4500CASH.jpg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29d379e13f61611b8b4d177e6a4b49eab8b5917376aff3a11914d1c8359ef95

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: GS9J76NGN6N2BCJM
age: 7535099
cf-polished: origSize=681141
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 605068
x-amz-id-2: COjJGR/rgHxlgobmo9mBzjfG4CdGL2PrgXjargwg2wjUTqQhM/bIDEQUr1r2gZXXhqGh1wy71VU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:10 GMT
server: cloudflare
etag: "59146be61051a9064c09520b835d857a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yE9gO%2Ba9j%2F71xwTyaAlkAOjYuAgmSmZuAoclYsJO4EfVuJnZkjzSKfziNexPgMUTuPq65o6a7fOmsIvn%2BWFTc8i3QNNfYT6b1QgcEhFOLxmNxNRZ%2BL1QQvlpI%2B9W9B7V8DHjwu%2FurbVZXdloZ01"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec566acb3abab-YYZ

GET
H3 200 Leisure_TV.png
kin-sask.lbcdn.io/uploads/2023/12/ 765 KB
766 KB 1504ms
1504ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_TV.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bce42d30dcf7c75d87934700a9ade3982c23fce0b055ed7d55b1222e2d6d6ed9

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: XZZ89RZ20WJEN6EQ
age: 1147881
cf-polished: origFmt=png, origSize=1297528
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_TV.webp"
alt-svc: h3=":443"; ma=86400
content-length: 783440
x-amz-id-2: 43gqCI/IdzmVlIBZ4dN/F0SPV3H2cFt3AXIJNWF/Qu2QmAKGTQYFbAAVHhFvlnf02PTYgzayp6Nv1ETSXzVO44YeEcLBWiNo
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "fdd3d52840a7f9a9ea02210e907d6938"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk0sL%2B5BTtBceIWScnHoH%2FSQnb52CXUkeU6Bl4kyo4ZpfIM%2F99QWtz%2Fw7sMJr1AyZK8JOlMHDQIFgwe6gvGGVu7to8QPitwNVuricrfEYB7SdpDEPL5ElUQNalCmSjs0EPB9z6vJYsGiaMkChhUe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5681df6abab-YYZ

GET
H3 200 Leisure_Shell-ride.png
kin-sask.lbcdn.io/uploads/2023/12/ 612 KB
613 KB 1681ms
1681ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Shell-ride.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 251e54c2e34372b93dd77196518b2443a574a1990999ee84aadccb14c0a9d7cd

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 6A62V713BASM8XBK
age: 3039788
cf-polished: origFmt=png, origSize=1002973
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_Shell-ride.webp"
alt-svc: h3=":443"; ma=86400
content-length: 627010
x-amz-id-2: RD2Z+ZcW5URjIDjvwGXvmCxTL0TfffASqJ5WJuHxiHKsjjTDYE6GH6b/ZgLK3cqjjpMDRVbSbmkJpAenHJ0OdJNxceow3Kcb
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "7f901f7300c7cfb483aa6836883d7a1c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pv%2FXpRA9gVD8H%2B3P20g2HVNiDSTSdtua5dAm%2Bo5jGMmF1TEpEQCpURUhmtUVJuAxJ02PGNtdmCDz32dnk7s17opZ2S596nfBXKilmyKhjX6damyAS7fetBb5%2F9FGXSxiYPoUHsaFWnhUs9LkT%2Fus"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5681dfbabab-YYZ

GET
H3 200 Leisure_FlatTopGriddle.png
kin-sask.lbcdn.io/uploads/2023/12/ 698 KB
699 KB 1950ms
1950ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_FlatTopGriddle.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8dfabe7629218ae828558b16ea30c7a034f74d8602e21ab05976168bb9cf5fe

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:32 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: F9M59670YP5QPA99
age: 7254071
cf-polished: origFmt=png, origSize=1226408
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_FlatTopGriddle.webp"
alt-svc: h3=":443"; ma=86400
content-length: 714454
x-amz-id-2: tnayxsKcgG5koBBMpUxbZxSaJddAjZ93fqt8jb5mgOVT1gJ5VJof8PQOmTitncbt4qN1arA8sDWBZf+TP70x3jG5smWbd/7l
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "764b9b219cbe60a2e54ff769fb36f507"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EX%2FDnQ%2B%2BX0IRB23017uWY20ymxWeF59FKxjE88nzKy7EyUoxXtwusdG%2FUu4hWz51HuZ8oEI9%2FkCXXARy5XWwEsMyUjBRX4aX2J866JSWLRBo6Fn5QRday94x2pFeHoDbM4iRAL%2FI52LIE2JnZrbW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5682e01abab-YYZ

GET
H3 200 Leisure_YETI-cooler.png
kin-sask.lbcdn.io/uploads/2023/12/ 750 KB
751 KB 1479ms
1479ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_YETI-cooler.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1816bf2eef31eb38cd6af91b6b49e0b91d4ecd39fd02795a82bac87322f7e1ab

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KXSWHC9BWH5JSN04
age: 1283303
cf-polished: origFmt=png, origSize=1278481
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_YETI-cooler.webp"
alt-svc: h3=":443"; ma=86400
content-length: 767780
x-amz-id-2: P0FOg8HbFlIOQTwHU4wvdvd7qq8IOaWb1DV+hzou+6Z4/9/lNJqjbwxz9yLkDt/YsRpc/flLmys=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "3b22a7a6fe7c7e0d553da652a9dc1a79"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s4P2q%2F%2FsjBymBNvN6c%2FemFnTOpQ1khUEJvoDMCf5pxL7L7073aKd%2FTgUGx7uCZNX0lXBBJDty3bei5%2Bx54yloctNkODnExL5uHwlen0K8rlJYYBVe8qTigg79DzPeuDyHnmArMeGgf3EZ%2FtUcasl"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec56b5950abab-YYZ

GET
H3 200 Leisure_BluetoothSpeaker_.png
kin-sask.lbcdn.io/uploads/2023/12/ 398 KB
399 KB 1372ms
1372ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_BluetoothSpeaker_.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e110847e61f439dd67612ee87851b7388d35f5df981364604e91699279b68b73

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2D5V95WX8FX3XXZ3
age: 1285407
cf-polished: origFmt=png, origSize=660444
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_BluetoothSpeaker_.webp"
alt-svc: h3=":443"; ma=86400
content-length: 407924
x-amz-id-2: Zo3j6XTD9kER3rMjB+9/xnjLYs6V7hpSx7EzsFbYEHtqAXyEeB0bq5fUhyVF42/5li3SxV85FL0=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "0079cfbf920ad09492c20639bf78b6f7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nIpZNVjz3lOIbWj%2FPwZ%2FceTSSiUvUjqs%2FfTHl9VIQbj89j9czSymzZTNoPfl50AzJwfmMZTVm4JCnL8WByI81qPVSfanp9GwksD4usgYHMi2yEGGOnZJRI0EGwx43CJz86Gpf4bH%2FmktWbCMHhYb"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec56d3b0eabab-YYZ

GET
H3 200 Leisure_Projector.png
kin-sask.lbcdn.io/uploads/2023/12/ 177 KB
177 KB 1422ms
1421ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Projector.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ec2d9ce959e248aa8ffb0dce0eacc2ea9ea2394278c0c0e264fa677f9153a38

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RQ3TVTYM58C2JNCQ
age: 4238654
cf-polished: origFmt=png, origSize=298142
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_Projector.webp"
alt-svc: h3=":443"; ma=86400
content-length: 180750
x-amz-id-2: uhcHbmB72VZB1uJW6BtVXAdXEVPRK0XZXv1RpVRcfmJSnCgaXCh9cKLpvdOZTKk07oJUsPn+KGxyZx3UL7YKOemVJ8A0qPli
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "e69efcd42de3881bb438e8d85d4361df"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YdFVL7bQbOFxf2Ab8hfPX3XP1aANkHvHftchU6WHsSlCBE2BWnSrD4pryWYAmG3HhO7gw7kdTQcYjn%2BKld%2Bcaqz5sbnPKZBjFbE3efGsGX17eslKaM3SApBay0wZ1SXaNdhIwJzmWyic0dH4GK4S"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec56e8c43abab-YYZ

GET
H3 200 Leisure_Airpods.png
kin-sask.lbcdn.io/uploads/2023/12/ 884 KB
885 KB 952ms
951ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Airpods.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc8a1d8347f191ea3a64c6ff13d96afe5099a35e2806305933677fbf1facf197

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TNZ2DA87E5XS2N55
age: 614229
cf-polished: origFmt=png, origSize=1311322
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_Airpods.webp"
alt-svc: h3=":443"; ma=86400
content-length: 905318
x-amz-id-2: jW03kwY8ZDiHDVEBjIRfzW1cG2A5mqLoI51WOw+jhFDX/iyzZdRwNho0CZOiyAEun74o+VCQktk=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "166b7ac3aacca4bdaa0d3f921a6ddd01"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iqHOL5Xp%2FlD8nQvIOE9ndLUdn4EARxbUxz73LIWo4fGuNoAXsJ8sr3fDHdGX6FNrGa9wcRd%2FFUy8e0aQLkx4gFj5vTSOcoZQAnasWNQfZY9sQaS6cTZ4HYG1jLg86Z0X3evyEKQNs6Ig%2FbNoc76I"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec570cef0abab-YYZ

GET
H3 200 Leisure_EspressoMachine.png
kin-sask.lbcdn.io/uploads/2023/12/ 601 KB
602 KB 1232ms
1232ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_EspressoMachine.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5f50c34be29cb663ac9567c9062ddc313fae93c2f4cf5ee065b0954c17551df

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5N9QDMJ58K88SXMC
age: 1285441
cf-polished: origFmt=png, origSize=1030484
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_EspressoMachine.webp"
alt-svc: h3=":443"; ma=86400
content-length: 615266
x-amz-id-2: TcV6M/m1e5etF85FdjVSbmiRGF+cYh+w8ExEepKpyVx09L5MLHdK14782MdLI76v9AcIUHRQNqLy4rhcbwVMz46WJItKH1xM
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "410111076e6bc379ff34bdef3de95e77"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dr4tnTNIezjXjdIAqGTai%2F70DGL%2BWX0c99s%2B19xrCpvlti5gffHRcrHdiMgy46vj9ZtTY7He2cMZZq8UtYlAfe2CLL1lLHZ0ZctC7X14wW03mQZrR4b8FgVR3oLRsQNSNS%2F60ibhIUtv4k33bGZ3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5718facabab-YYZ

GET
H3 200 Leisure_Blanket.png
kin-sask.lbcdn.io/uploads/2023/12/ 889 KB
890 KB 1266ms
1264ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/12/Leisure_Blanket.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9516a2b3a57a503d0b242672e1ab08cc38f7fb52bf60285e01cb65c7b9b9897d

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TZ09XF82VQ3XWPVB
age: 4829665
cf-polished: origFmt=png, origSize=1455694
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_Blanket.webp"
alt-svc: h3=":443"; ma=86400
content-length: 910526
x-amz-id-2: htwWMPNNka2lGu9dwwNqs667LALmmWVLriUDKOiyJaCo1K11ASPis79pq0gsqM5J0PHca4cBo2HN963nGiFoQ23thSs2D9YG
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:30 GMT
server: cloudflare
etag: "1a382140e2cbfec0bd727d2e90bd2c71"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xLOYOADOI9%2FlqZ1nchog3cUi9s8JY6kB5F7AZwBd%2FuITwF6XbXby5UNak9XL5pR1g47sXB5WNSagGFlMjpua0fhOCj%2FBD5dHR7d%2FNvOoh5DjJQADemtoaDIWi9cHc5RLnYZ31vojlkiuQLWvdLvR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec572c8d6abab-YYZ

GET
H3 200 Leisure_Brainsport_RGB_1100x1100-1.png
kin-sask.lbcdn.io/uploads/2024/01/ 999 KB
1000 KB 1467ms
1466ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_Brainsport_RGB_1100x1100-1.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e55ef771d36e895bc34ffb629d198fe953d1309168bf1ab636a8cde4d6f628f8

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QFWDPTRWXFBAM9EA
age: 3035145
cf-polished: origFmt=png, origSize=1376907
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_Brainsport_RGB_1100x1100-1.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1022956
x-amz-id-2: nORE4hE2sUqIeTjuzlry8ioS7mOWosauEUG0rDTwICluSIkfkVaz4EV6eOY8ufmc3MYBkEPCAR4=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "3cf70ff5f02c7c4c520129d26a0487a1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BHjHnqgAE2GYAbyTyCRyiG8%2FmZ5sYS3bFVDn1NSGfQwg7W07G8wYCZWF4zQbqiMf69bLMVpPO6vbQ3X0EisUr4ttjrC9i5YBZ%2FdHrMxzW6Jf51wfqQPbz%2BoKyqUrU88iq3JKtI8Y7sX7hiaNcaPi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5745a4aabab-YYZ

GET
H3 200 Mega-Menu_Adventure_590x340.png
kin-sask.lbcdn.io/uploads/2024/01/ 309 KB
309 KB 1783ms
1782ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Mega-Menu_Adventure_590x340.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 926b50985a04d07ca2e12a0f427f185d3c01b02735de33be4e1162bfe60a5cfa

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 73NS62TGNMJ5BKKW
age: 95709
cf-polished: origFmt=png, origSize=434159
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Mega-Menu_Adventure_590x340.webp"
alt-svc: h3=":443"; ma=86400
content-length: 316082
x-amz-id-2: ztXdhKEq6/k/t6tQUG3PnP4JG346z7Ews/+C0rqBzj7lnuc1DGL5WQ3y9Aiz37t0jxK/xWBQwlnh1+bVk2Q0t09yqbaPw2Bo
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "ef7009a8aa9678fa48f66b8989b63850"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXLCorEd2bqgHss7kIk3NKpl4JplyKETttrll84bypZi6UZ%2FAiVoPPubD5ouMskWeYouDwKbnG233yWnyHgBHqHDNXxObez%2BvdBIjg4GWRLw8yFxtMQDw1WC1NULidej1q23vV0tvY1cSvFXJsXt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec574fabeabab-YYZ

GET
H3 200 Lady-Reading_iStock-1264573507_CMYK-1920x1281.jpeg
kin-sask.lbcdn.io/uploads/2024/01/ 437 KB
437 KB 1725ms
1725ms Image
image/jpeg 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Lady-Reading_iStock-1264573507_CMYK-1920x1281.jpeg
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fe91a363c537c0062e9a60f57dabd2d042f0db6f1af3dd875d6865210dff198

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2HC77AZCXM1C2CVA
age: 493352
cf-polished: origSize=479634
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 447007
x-amz-id-2: v9gKvoigSPIlMb3STRDGk9wohu2DVicwa5HjwaWfngspDXYRxvhH7JT0Xcjk8jtjEasugv1gmHU=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "824fe82d8cebeea3adb146f24534080f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MK2Be5n%2B3e2V2MW2enUYAWhgiDv8FgvIZUxim49lyvYyrSAx5SzOCOEzzqM2ceKyn0tMCmv6GSXf07F4qomZ%2BSgd6mC%2BdTIg%2FHZh4F7Fjiuy60NKZ4FrC6KygbfV4Adu0LCSi95F81g4lhdxaqQ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5766bdeabab-YYZ

GET
H3 200 Leisure_1100x1100_PrairieProud.png
kin-sask.lbcdn.io/uploads/2024/01/ 956 KB
957 KB 1779ms
1778ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_1100x1100_PrairieProud.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2340664827930253b8afb3494aeb638e66a0c06caccaf31dad4b6843632a5a1c

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SDBJGP2ANF9K1M2S
age: 6749010
cf-polished: origFmt=png, origSize=1321997
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_1100x1100_PrairieProud.webp"
alt-svc: h3=":443"; ma=86400
content-length: 978616
x-amz-id-2: 7T6myh32wORzthbQBW6AbSGbahBQ9FMnBqWaC8P5VvwOe4+XaILjoH9YmMW+CieYVWPSIuRh/IQ=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "1c619ec614481f136da90f402081f5a7"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1NNJAVi12OpwToifb81z3R7o25gOtPV6L%2FSq9OU%2FOIOKi30EYXqkcJ%2BvlPZ%2F5%2F1GuWTFBflUs2b3S7jhgwlWAC0Uwn2UMd1vCQ1RqV2eoq4K17%2BCNOMupLf6p%2BfJM8VZ49XFNum1lPvT%2FomqPmC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5775cc2abab-YYZ

GET
H3 200 Leisure_1100x1100_SaskMade.png
kin-sask.lbcdn.io/uploads/2024/01/ 1 MB
1 MB 2228ms
2228ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/01/Leisure_1100x1100_SaskMade.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49517646ca83f79f248f53f47cc2fc092ddc5b6f14fce2296e0f4af90be31854

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: PW7FJPN7V788XMYE
age: 6737438
cf-polished: origFmt=png, origSize=1774517
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Leisure_1100x1100_SaskMade.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1227368
x-amz-id-2: 4jVXdrUK403ETWYnrsTx99euMrxZ61fP3fmXGTFgaZoGbzpssdrgqXfktUiD2k1WyzYixXp+X66PdqCBx0kvLH2k2u8E5+rb
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:31 GMT
server: cloudflare
etag: "a2f52ce5b8fdfad3ac76019084c9487f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qK8N7opsdxElVH%2BIqFJPgEshhYEGtMvE4%2FKeu9As6A4%2FygeCsR9%2BFrEGEWS%2BrdKjuJYWjwT0YrKkNvQphnusqEy8OfC%2FUINbTClni3RN%2FjSBQHOz1AgjTi4OKK1SHmff27ywm9vhYePuqEZFguR8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5778ce0abab-YYZ

GET
H2 200 loading-white.gif
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/ 3 KB
3 KB 117ms
116ms Image
image/gif 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/loading-white.gif

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "c88-61ba96e01c006"
content-type: image/gif
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 3208

GET
H2 200 AvenirLT-Black.woff2
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/ 14 KB
14 KB 84ms
84ms Font
font/woff2 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Black.woff2

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

a43c95d20a9b8be6b56f2b36be711364160e113c203fe0402e32b5d614d903d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Origin: https://winners--2024-spring--kinsmen.lotteries.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "37e4-61ba96e0171e5"
content-type: font/woff2
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 14308

GET
H2 200 AvenirLT-Roman.woff2
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/ 14 KB
15 KB 86ms
85ms Font
font/woff2 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Roman.woff2

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

27103982c1fab6c6791003a919805cae651fb754d33a4b8e7185b0d933cbaa30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Origin: https://winners--2024-spring--kinsmen.lotteries.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "3930-61ba96e018185"
content-type: font/woff2
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 14640

GET
H2 200 icomoon.ttf
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/icons/ 6 KB
6 KB 96ms
96ms Font
font/ttf 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/icons/icomoon.ttf?fx1gpj

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

e047df003d3769e08b7b841bd647bedd6a0c061930538a407deb58d3ac0fe3e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407
Origin: https://winners--2024-spring--kinsmen.lotteries.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "175c-61ba96e01b066"
content-type: font/ttf
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 5980

GET
H2 200 AvenirLT-Light.woff2
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/ 14 KB
14 KB 97ms
96ms Font
font/woff2 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Light.woff2

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

8a4356b59a2555f82ddb529f638227864f8a30362c9c79fe42341823f07519e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Origin: https://winners--2024-spring--kinsmen.lotteries.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "384c-61ba96e018185"
content-type: font/woff2
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 14412

GET
H3 200 MNP_logoLLP_4c.png
kin-sask.lbcdn.io/uploads/2023/07/ 5 KB
5 KB 2535ms
2534ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/07/MNP_logoLLP_4c.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d2295d9691723b38465315827b0fbfdcb3df187fa9179af0278657880df3d5

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SV71S30HVJ2Z89RQ
age: 1146648
cf-polished: origFmt=png, origSize=10025
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="MNP_logoLLP_4c.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4836
x-amz-id-2: e70lBWvO1iwUHzcCOcDq4GKRiLs3QMziT/7NRMIzj0DvxXz1CVZp9/MDlt9HV8UXRw0tZX2m680=
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:23 GMT
server: cloudflare
etag: "ff316ce8b9c23dc1db46ee745b39d5c3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SLBcMGpFYxndanJUtDyPKlTW4sZLjNcvoRKaKxuGjh2BkS1VlJyCHsu6HCPxhnEepkvBv2dPUvScN9uFnQMByRGvAPk%2Bbhb%2Bgoz5xjnOmEYuJLXB%2BrINx1lS96WLs7sptq9AJnEKH5q10VQPvWRP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec5799ec9abab-YYZ

GET
H3 200 Mavrik_Logo_Pantone_234-960x157.png
kin-sask.lbcdn.io/uploads/2023/01/ 6 KB
7 KB 2135ms
2134ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2023/01/Mavrik_Logo_Pantone_234-960x157.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19df2c7ead41a3a2934dfa61b1b251aec6e5dfb3c122e1fbdcd1b98ad46df4de

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZAWKZE1FEWJRCRRN
age: 1307255
cf-polished: origFmt=png, origSize=14307
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Mavrik_Logo_Pantone_234-960x157.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6188
x-amz-id-2: yROguvZCTIbjiq2Ks7P70A45GXTZ7xFkVUgGSeD8J468DjvNkZTtWSs2+Pwqx0aYLvgSyMM1YBfPBMbaAOlSxqWnoONoPFIt
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:15 GMT
server: cloudflare
etag: "d601bd667a9a995a630d97bfb8409bde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwQMIyvSOpYsSJUX799AtNhkp4JF8JY27ZSNi8VeuG9cuuqx%2BQHYyGW4No2Gek4%2BAFFlL0i9gDr08VTe06SN3txN1LjcS%2B6JHMa38%2FrCp3ksaI9bTJziUxALsIE015sOxGZjXw7syT6ql1xJwLwN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec57c1949abab-YYZ

GET
H3 200 aodbt-logo_white-1-650x144.png
kin-sask.lbcdn.io/uploads/2024/03/ 7 KB
8 KB 1894ms
1889ms Image
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kin-sask.lbcdn.io/uploads/2024/03/aodbt-logo_white-1-650x144.png
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32c9ea8782382ad5d037fcb23554549fa29cc9e76ada41b70038122b833d087a

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZAWZH0ZDZYT3BKVN
age: 1307255
cf-polished: origFmt=png, origSize=11361
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="aodbt-logo_white-1-650x144.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7288
x-amz-id-2: LIzSrKw0ljH3VEFY5DDxHC5DgemSq48EGvFpob0hKbSkKkCX/0Xzb9+Krpe1POYf3mU3kJciiRo=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Mar 2024 20:24:18 GMT
server: cloudflare
etag: "29ed7aa7c3a7541e53e1ae8bf20f3244"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ufxCYAOP7kszp5mpItQ1FLS7lIn9t1oKYGJJTdXhQi%2Fe%2FDnp2kHpY0Uw3MoAVFk8rMCY6XASaZbpCXJAgDt07HqMeivsFoVbSJOTEgJzdEta0gkSOSyHT%2B3tPDHv58q%2Fl%2BhkRgc%2BNDE38NQOhsC5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec57d9aaaabab-YYZ

GET
H2 200 loading-grey.gif
winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/ 3 KB
3 KB 107ms
106ms Image
image/gif 15.157.99.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/images/loading-grey.gif

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

15.157.99.24 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-157-99-24.ca-central-1.compute.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

fb0e5c71debe7ad52b30fb8e0c6b1d6e1316c7ab77e075ee57958aad89e281f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/styles/frontend.css?ver=1719264407
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:29 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jun 2024 21:26:09 GMT
server: nginx/1.21.3
etag: "c88-61ba96e01c006"
content-type: image/gif
access-control-allow-origin: *.lotteries.dev
accept-ranges: bytes
content-length: 3208

GET
H3 206 Kinsmen-S24-Hero-Video-1.mp4
kin-sask.lbcdn.io/uploads/2024/04/ 48 KB
49 KB 1491ms
1490ms Media
video/mp4 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1f09860437a04f6127e80c9a86f1595b50c1b5bed8f8157fc93c37b5376a12

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=18874368-

Response headers

date: Thu, 25 Jul 2024 20:06:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T7RZ7XWV1TV434M6
age: 2901946
x-amz-server-side-encryption: AES256
Content-Range: bytes 18874368-18923690/18923691
alt-svc: h3=":443"; ma=86400
Content-Length: 49323
x-amz-id-2: t54XTIzzHyLRUSv3pvs7W8RPVTuXvvvfqaBMJ05ERURxA6IslKvZjWc1XrjufYQtgAVnp2KLazw=
last-modified: Thu, 25 Apr 2024 00:42:15 GMT
server: cloudflare
etag: "0eb28d8713fc1f60bd2377ea15142ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nyUFMf0M55ISHpZW1asEpYVeuWXBiex7dtX331n7v6DXCyJE9%2BA4Y6rkzaE%2B%2BAvpN16qfQHP7C1CrKSr84RUHQSCNCXer9b4DyiP%2BXqVS%2Bl8UwF%2FW051ky%2FpIbxZK2hxrPq%2B1Ixo%2B%2FYKQtRE94oK"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8a8ec5801ccbabab-YYZ

GET
H2 200 js Show response
s2s.kinsmenhomelottery.com/gtag/ 311 KB
96 KB 2411ms
2410ms Script
application/javascript 2600:1901:0:7cd2::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s2s.kinsmenhomelottery.com/gtag/js?id=G-G2YTJVPJ0P&l=dataLayer&cx=c

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7cd2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx /

Resource Hash

1c09890f1c60f25405e210f63f4717efdf57f75b0f2500c1f77c89f3903304b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
x-robots-tag: noindex
access-control-allow-headers: Cache-Control
x-xss-protection: 0
expires: Thu, 25 Jul 2024 20:06:38 GMT

GET
H2 200 destination Show response
s2s.kinsmenhomelottery.com/gtag/ 226 KB
82 KB 394ms
393ms Script
application/javascript 2600:1901:0:7cd2::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s2s.kinsmenhomelottery.com/gtag/destination?id=AW-1018918876&l=dataLayer&cx=c

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7cd2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

nginx /

Resource Hash

0e177d7f1c1bcbfd518f26c6f40774c0d66f3e8233b8b8404c7918f470db8348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 83313
x-xss-protection: 0
last-modified: Thu, 25 Jul 2024 19:14:06 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
x-robots-tag: noindex
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jul 2024 20:06:37 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 554ms
172ms Script
application/javascript 146.75.80.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.80.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: gzip
last-modified: Fri, 15 Mar 2024 03:07:08 GMT
x-amz-server-side-encryption: AES256
etag: "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15412
x-served-by: cache-iad-kiad7000023-IAD, cache-chi-klot8100129-CHI

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
969 B 830ms
307ms Script
application/javascript 2600:1408:ec00:1e::1735:23ec
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:1e::1735:23ec Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89333b6a52d61646b071d1dec1a49c6a5a734096eb5ec9183ef08b42c9cfbe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:21:40 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25303
accept-ranges: bytes
content-length: 759

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 224 KB
60 KB 522ms
132ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 20:06:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58677
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=15, mss=1392, tbw=2793, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: 4lA6tETS1ydEGSRH1RZUagZKxR7OD1S6oE+7JsgOEHIhy4rXeEFok9kGQLMPdrPXwRUd+EKK+qPivhKecyotBw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ggo7rmzqgt Show response
www.clarity.ms/tag/ 637 B
1000 B 799ms
284ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/ggo7rmzqgt
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 70b33e0ffec416840bba2065df6b5ba2c30d468fe4713e561cbca27135f08f6b

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 25 Jul 2024 20:06:38 GMT
x-azure-ref: 20240725T200638Z-17fd6bb7c96wxttmd3731q72wc00000000u0000000001fnx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 460ms
96ms Script
text/javascript 3.218.44.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.44.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-44-124.compute-1.amazonaws.com
Software: /
Resource Hash: 8eb9e10888718accb1052beaa8357ed4256f396e5ec8f8ab51f59e1e127668ab

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Jul 2024 20:06:38 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 633ms
147ms Script
application/javascript 23.48.203.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNLJVGJC77UDD0LHV4NG&lib=ttq
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9714b78dc72d7d06a6a5c5a67f05096d7a752b42eb4d50198de469ff8745c8e1

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 22cf32cc
date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24072520063861F438F33FD19BACAA92-29C32B38A68C0BC3-00
x-cache: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
content-length: 2035
pragma: no-cache
server: nginx
x-tt-logid: 2024072520063861F438F33FD19BACAA92
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.48.200.133
x-tt-trace-host: 012914904d01cafe382f2969397a240ba1bec25122ba3b24e12a343894c7c115a7dc49ad601088109363239468f664a8fe6ca5cff057298b4e49ce8e6da578c1acd538f3d9061cc3fc37390c203baf245d3e722f3cabf422fe4b4e8d8a92490565
expires: Thu, 25 Jul 2024 20:06:38 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1018918876/ 3 KB
1 KB 554ms
129ms Script
text/javascript 2607:f8b0:400d:c0e::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1018918876/?random=1721937997619&cv=11&fst=1721937997619&bg=ffffff&guid=ON&async=1&gtm=45be47o0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=459064950.1721937994&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtag/destination?id=AW-1018918876&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0e::9d Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

724b323d3f1f852dbf9887ae2ff370119fff75cb893512de4cd82c64e33dfeba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1374
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
376 B 622ms
162ms Image
image/gif 72.21.81.130
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=46bcf07c-ddaf-4d5f-9fc2-d8a6152511eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d4adf662-cc06-408f-b36b-ddf615ad003b&tw_document_href=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tw_iframe_status=0&txn_id=odvyo&type=javascript&version=2.3.30

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.21.81.130 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 25 Jul 2024 20:06:38 GMT
strict-transport-security: max-age=0
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: e08c199ab30d0bfb
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: bba9d5c4ba9abeb88e2759dc790949470710a33d6e0da3f3567597e69f13ed25
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
722 B 576ms
240ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=46bcf07c-ddaf-4d5f-9fc2-d8a6152511eb&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=d4adf662-cc06-408f-b36b-ddf615ad003b&tw_document_href=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tw_iframe_status=0&txn_id=odvyo&type=javascript&version=2.3.30

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-response-time: 6
date: Thu, 25 Jul 2024 20:06:38 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 32bf071fc076fca5
cache-control: no-cache, no-store, max-age=0
perf: 7402827104
x-connection-hash: 2102c7e3ca8d09cf1f1cbffd5538956bd3d74710c501eb434a184ae8a088dda8
content-length: 43

GET
H3 206 Kinsmen-S24-Hero-Video-1.mp4
kin-sask.lbcdn.io/uploads/2024/04/ 6 MB
0 104ms
104ms Media
video/mp4 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T7RZ7XWV1TV434M6
age: 2901948
x-amz-server-side-encryption: AES256
Content-Range: bytes 32768-18923690/18923691
alt-svc: h3=":443"; ma=86400
Content-Length: 18890923
x-amz-id-2: t54XTIzzHyLRUSv3pvs7W8RPVTuXvvvfqaBMJ05ERURxA6IslKvZjWc1XrjufYQtgAVnp2KLazw=
last-modified: Thu, 25 Apr 2024 00:42:15 GMT
server: cloudflare
etag: "0eb28d8713fc1f60bd2377ea15142ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VqADhFIzVsPn8FJtALe6pCqXqI%2FZxLAhfQbk5jMvbMPHa7%2BbAdAHvWg%2FVFTWFFX4I%2FYmIoerNt4jAsWZ%2BpPLuei9Xvu12H5eeZKTTAdfNzR04MuHMawu5D81cfeC9hLeim2ysShw3F54JSd4y7O9"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8a8ec58c5991abab-YYZ

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 124ms
124ms Script
application/javascript 2600:1408:ec00:1e::1735:23ec
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:1e::1735:23ec Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6c495fdee8fdedea958291002b9090e57e0ce477feae0ac9034f8b78c34ec65c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2024 10:02:06 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=24769
accept-ranges: bytes
content-length: 14597

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
0 0ms
0ms Script
application/javascript 2600:1408:ec00:1e::1735:23ec
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtm.js?id=GTM-MFR9T7

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:ec00:1e::1735:23ec Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

89333b6a52d61646b071d1dec1a49c6a5a734096eb5ec9183ef08b42c9cfbe50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2024 05:21:40 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=25303
accept-ranges: bytes
content-length: 759

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 147ms
147ms Stylesheet
text/css 3.218.44.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.44.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-44-124.compute-1.amazonaws.com
Software: /
Resource Hash: c3a6f95bf267804a518ec7564b944a734acbd6e2679e93d2a37b1f0f8717b495

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Jul 2024 20:06:38 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 424ms
111ms Fetch
image/jpeg 3.218.44.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.44.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-44-124.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Jul 2024 20:06:39 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H2 200 1604745766504903 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 210ms
209ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1604745766504903?v=2.9.162&r=stable&domain=winners--2024-spring--kinsmen.lotteries.dev&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f425065794adcb9c7f206bde2f2ac3a2546bb188b02e406a5756c4cf955497f9

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 25 Jul 2024 20:06:39 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1392, tbw=64184, tp=-1, tpl=-1, uplat=98, ullat=0
pragma: public
x-fb-debug: Sdoag+2UyctteCTVPS1FWq8alqe9yRNx3L6y2ED4exqRE7jJWsLJ7RgrwKaL1qxMdJRSonx94LmUiMD0I5vijw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1018918876/ 42 B
64 B 660ms
129ms Image
image/gif 2607:f8b0:4004:c08::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1018918876/?random=1721937997619&cv=11&fst=1721937600000&bg=ffffff&guid=ON&async=1&gtm=45be47o0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=459064950.1721937994&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLy2ER_5DBaMML9gPt8nZHQdCpgIc-Aw&random=2259849391&rmt_tld=0&ipr=y

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c08::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1018918876/ 42 B
64 B 477ms
132ms Image
image/gif 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1018918876/?random=1721937997619&cv=11&fst=1721937600000&bg=ffffff&guid=ON&async=1&gtm=45be47o0z86481674za201zb6481674&gcd=13l3l3l3l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&hn=www.googleadservices.com&frm=0&tiba=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&npa=0&pscdl=noapi&auid=459064950.1721937994&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLy2ER_5DBaMML9gPt8nZHQdCpgIc-Aw&random=2259849391&rmt_tld=1&ipr=y

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:39 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MWE2Zjk5MjBkMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 343 KB
99 KB 104ms
104ms Script
application/javascript 23.48.203.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNLJVGJC77UDD0LHV4NG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e071cdc99aae4563ad7b2bc75f5b6259b237f8349bb96b4951188184aaaf2827

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 22cf4241
date: Thu, 25 Jul 2024 20:06:39 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202407251155397C1E24CBBB8AD881A139
x-tt-trace-id: 00-2407251155397C1E24CBBB8AD881A139-1A516874DC10F6A4-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017e5bcb9996ff47233a44e210372f87da94d3d9bf1aa993bfccb9ea04c52b575b66b60ba74536b1aa4bcd36ec40c669ccc90ea97df127a2a89fe31197599d33b11890f2a46ba9362dfad88fc5e17e2f8d2ebfd87f0332bac8842d6d021a399302
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 100278

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.41/ 62 KB
26 KB 125ms
124ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.41/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ggo7rmzqgt
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:39 GMT
content-encoding: br
last-modified: Wed, 24 Jul 2024 00:36:01 GMT
etag: W/"0x8DCAB7897E68837"
vary: Accept-Encoding
x-azure-ref: 20240725T200639Z-17fd6bb7c96wxttmd3731q72wc00000000u0000000001fq6
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: cd4d5ec7-201e-0051-5189-deb357000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
720 B 552ms
185ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Jul 2024 20:06:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 453885DEFBCA4C7992FE3E68B9759CBA Ref B: YTO01EDGE0810 Ref C: 2024-07-25T20:06:39Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://winners--2024-spring--kinsmen.lotteries.dev
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYeF+7JqIzbKhY/zNVgdQ==

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
814 B 766ms
291ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=4512244&time=1721937999127&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: *
Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:39 GMT
content-encoding: gzip
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 76EC089CF72A42DB9BFC8599C29FE206 Ref B: YTO01EDGE0516 Ref C: 2024-07-25T20:06:39Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lor1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYeF+7LuGIivqlQKc9Nww==
x-fs-uuid: 00061e17eecbb86222bea95029cf4dc3

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv...

0
267 B

526ms
152ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&e_ipv6=AQLNePdzexDu3AAAAZDrgLhkOpSMo6eP80JQP_5t6OPLA-yQE1BVroCD0dfz1fHHputF0c7Ytt98
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: AA7371CD992F42719B94A3D2E08B2E00 Ref B: YTO01EDGE0512 Ref C: 2024-07-25T20:06:40Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeF+7Y9YWq3WjrWqnOZg==

Redirect headers

date: Thu, 25 Jul 2024 20:06:39 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2B243D0F113C4C3ABA9E7ABC117A14C8 Ref B: YTO01EDGE0810 Ref C: 2024-07-25T20:06:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4512244&time=1721937999127&li_adsId=17213bfd-7fab-4ac0-8fb0-c712886fd6a4&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&tm=gtmv2&e_ipv6=AQLNePdzexDu3AAAAZDrgLhkOpSMo6eP80JQP_5t6OPLA-yQE1BVroCD0dfz1fHHputF0c7Ytt98
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYeF+7QLpL6GITF7rWTRA==

GET
H2 200 conv
tags.srv.stackadapt.com/ 43 B
108 B 159ms
158ms Image
image/gif 3.218.44.124
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.srv.stackadapt.com/conv?cid=g11GLUswIr9EeHDFeBUQEz&url=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&is_js=true&rnd=0.9194925195453354&t=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&tip=155QS7otUs-yccWkZECpmbSKk4lEKMdekQMxSirB3cU&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa_conv_data_css_value=%270-d34d47e8-e0e7-5382-65b5-3241dd878903%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9d34d47e8e0e7538265b53241dd878903a600cd6d&sa-user-id-v3=s%253AAQAKIA5_5j37_8pr2wk0OESHMRB6oHs0GOIhnvpWBp6LfD4vEAEYAyDO4Iq1BjABOgSsj1yIQgQ2zz4Q.15sJ%252Fzg%252BxE962iI%252F9U5eyx4BjawvrDR4kG8iUP6ce%252FU&sa-user-id-v2=s%253A001H6ODnU4JltTJB3YeJA6YAzW0.ZLQQQzHYU9jj%252FPjXednt9HkQ0yUOOVGHiwKmUQ71P4Q&sa-user-id=s%253A0-d34d47e8-e0e7-5382-65b5-3241dd878903.iTx%252Fih%252Bf%252BS8MshnOqU3q%252BNmmdm1U09OIXIYEMKA43FU
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.44.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-44-124.compute-1.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:40 GMT
content-length: 43
content-type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 630ms
233ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1604745766504903&ev=PageView&dl=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&rl=&if=false&ts=1721937999324&cd[eventID]=6b97337f-8137-4b5b-be14-2834a069276d_1721937988885.1&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721937999320.416192269485294817&cs_est=true&ler=empty&cdl=API_unavailable&it=1721937998848&coo=false&rqm=GET

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1392, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 25 Jul 2024 20:06:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 554ms
234ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1604745766504903&ev=PageView&dl=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&rl=&if=false&ts=1721937999324&cd[eventID]=6b97337f-8137-4b5b-be14-2834a069276d_1721937988885.1&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721937999320.416192269485294817&cs_est=true&ler=empty&cdl=API_unavailable&it=1721937998848&coo=false&rqm=FGET

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 25 Jul 2024 20:06:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7395667396768666158", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=10, mss=1392, tbw=3094, tp=-1, tpl=-1, uplat=52, ullat=0
pragma: no-cache
x-fb-debug: sXNKLi9ZSQ64rzApQwbxHmxMFrXDmn+1SCcYM8xBaQCRmvVcRvdqDEI48Ewcw+UDpUIajKWtrrKxxunTIdoRsg==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7395667396768666158"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect Show response
s2s.kinsmenhomelottery.com/g/ 766 B
2 KB 548ms
548ms XHR
text/plain 2600:1901:0:7cd2::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://s2s.kinsmenhomelottery.com/g/collect?v=2&tid=G-G2YTJVPJ0P&gtm=45je47o0v895416529z86481674za200zb6481674&_p=1721937988885&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=887322481.1721937999&ecid=1323942546&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.gse=1&sst.etld=google.ca&sst.gcd=13l3l3l3l1&sst.tft=1721937988885&sst.ude=0&_s=1&sid=1721937999&sct=1&seg=0&dl=https%3A%2F%2Fwinners--2024-spring--kinsmen.lotteries.dev%2F&dt=Kinsmen%20Home%20Lottery%20-%20Kinsmen%20Home%20Lottery&en=page_view&_fv=1&_nsi=1&_ss=1&ep.event_id=6b97337f-8137-4b5b-be14-2834a069276d_1721937988885.1&ep.tiktok_event_name=gtm.js&tfd=13103&richsstsse

Requested by

Host: s2s.kinsmenhomelottery.com
URL: https://s2s.kinsmenhomelottery.com/gtag/js?id=G-G2YTJVPJ0P&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7cd2:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Resource Hash

f3155fe5daee8454f99c71557da21a45484a10175ccff85ce14b0c06daf36f2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:39 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://winners--2024-spring--kinsmen.lotteries.dev
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 identify_59f29ac9.js Show response
analytics.tiktok.com/i18n/pixel/static/ 147 KB
39 KB 148ms
148ms Script
application/javascript 23.48.203.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_59f29ac9.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 22cf483b
date: Thu, 25 Jul 2024 20:06:40 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024072317211222EE479A867E9AB62F74
x-tt-trace-id: 00-24072317211222EE479A867E9AB62F74-130977B77BB84CCF-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01c7f33c8571b286d33613ecf2f06976850c70a8baa97bb7823744b6c00dd370251f3ce327369552a565051566ec00a289f431b7938e537d190c93f4d6c33a9b5d4a61f45a11fabc44d89fddd13615fe23f949d5db865a34869e1ce3397c2447ba
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 39708

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
701 B 143ms
142ms Ping
text/plain 23.48.203.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 22cf507f
date: Thu, 25 Jul 2024 20:06:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240725200640DFE059E9E78AB95F4383-7FD39AE1BBD6AED6-00
x-cache: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=4, origin; dur=34
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240725200640DFE059E9E78AB95F4383
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 34,23.48.200.133
x-tt-trace-host: 012914904d01cafe382f2969397a240ba1bec25122ba3b24e12a343894c7c115a778640e24333ca2448b788761503ad20e25dd5cd5a068f05992ab7df768270de67e2ead94bcee303c7cd4f84d47e5409244ec01f032c964db7aa9aab27f7f117c
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 20:06:40 GMT

GET
H2 204 collect
analytics.google.com/g/s/ 0
210 B 675ms
225ms Image
text/plain 2607:f8b0:400d:c00::66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&gtm=45j91e47o1h2v895416529z86481674z99179575867za200zb6481674&_gsid=G2YTJVPJ0PUM3p1GRAyMeeLjhqMT9E8g
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c00::66 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 184ms
184ms Image
image/gif 2607:f8b0:400d:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&tid=G-G2YTJVPJ0P&cid=Q9mhRrbJblUY%2FFaNcMDmQjLRzUr65lHRo63eXyLfRNs%3D.1721937999&gtm=45j91e47o1h2v895416529z86481674z99179575867za200zb6481674&aip=1&z=829806611

Requested by

Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
210 B 627ms
210ms Image
text/plain 2607:f8b0:400d:c02::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&tid=G-G2YTJVPJ0P&cid=Q9mhRrbJblUY%2FFaNcMDmQjLRzUr65lHRo63eXyLfRNs%3D.1721937999&gtm=45j91e47o1h2v895416529z86481674z99179575867za200zb6481674&aip=1
Requested by: Host: winners--2024-spring--kinsmen.lotteries.dev
URL: https://winners--2024-spring--kinsmen.lotteries.dev/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c02::9c Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 655ms
239ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://winners--2024-spring--kinsmen.lotteries.dev
Date: Thu, 25 Jul 2024 20:06:40 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
702 B 155ms
153ms Ping
text/plain 23.48.203.133
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.203.133 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-203-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 22cf52b9
date: Thu, 25 Jul 2024 20:06:40 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2407252006407EE32B97104CDE10F4C8-37AA1462905D87F3-00
x-cache: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.6.0-57528057) (-)
server-timing: inner; dur=25, cdn-cache; desc=MISS, edge; dur=25, origin; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202407252006407EE32B97104CDE10F4C8
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 28,23.48.200.133
x-tt-trace-host: 012914904d01cafe382f2969397a240ba1bec25122ba3b24e12a343894c7c115a7e1bca99c7ae57f1b7b2db35423d3c8fdc4bdb9cbc783a13225bb7bee42bbe75728075535b88b04d4c9ed56393a68c44d9b364a2174f1684e47234d5b118cd518
access-control-allow-headers: Authorization,*
expires: Thu, 25 Jul 2024 20:06:40 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&RedC=c.clarity.ms&MXFR=049132BCD22667B4213A267BD62669E7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&MUID=3A141E422D6A6FF9355C0A852CC06E72

42 B
464 B

92ms
92ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&MUID=3A141E422D6A6FF9355C0A852CC06E72
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:41 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
server: Microsoft-IIS/10.0
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 25 Jul 2024 20:06:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B13AF46050214E3BA522BE87C5499D2C Ref B: YTO01EDGE0714 Ref C: 2024-07-25T20:06:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D3388BD0B995441BB7DE9270A55CE667&MUID=3A141E422D6A6FF9355C0A852CC06E72
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 cropped-KinsmenFavicon-1-32x32.png
kin-sask.lbcdn.io/uploads/2021/02/ 898 B
2 KB 3793ms
3793ms Other
image/webp 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kin-sask.lbcdn.io/uploads/2021/02/cropped-KinsmenFavicon-1-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3d62ef64ad65eed996af23dd64dc3c354c5989e355aa9ee23d35ce7b41a9bc0

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 25 Jul 2024 20:06:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: MJAA4TQKDM48XSW2
age: 338477
cf-polished: origFmt=png, origSize=1600
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="cropped-KinsmenFavicon-1-32x32.webp"
alt-svc: h3=":443"; ma=86400
content-length: 898
x-amz-id-2: 8T77bw7ItmpESraCIzRvvhXANBpWNeFZWxPxiWzAh+u2XZO5OSfpj1iIy16ypoLke2a6sX/s52M97eF4DYlXcg==
cf-bgj: imgq:100,h2pri
last-modified: Fri, 08 Mar 2024 04:57:10 GMT
server: cloudflare
etag: "34cd664209d7f84c7701b10ec6f664b3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o360G8iL2rknlw0zW8AZ%2B4V68dBjrSK5RsPixjo4Uazh%2BpbOYW4zpG0Zn5hxuTHtVu7HS0a5YfD1%2BLGGc%2BEILqIR2MoZ3HAVBa3G2hJtDoZeph98EKGbNWcI%2BlbEOPf8c0ABL5ndodT8vpNOI36M"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 8a8ec59c094cabab-YYZ

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 110ms
109ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://winners--2024-spring--kinsmen.lotteries.dev
Date: Thu, 25 Jul 2024 20:06:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
307 B 149ms
148ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE2Zjk5MjBkMQ.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://winners--2024-spring--kinsmen.lotteries.dev
Date: Thu, 25 Jul 2024 20:06:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H3 206 Kinsmen-S24-Hero-Video-1.mp4
kin-sask.lbcdn.io/uploads/2024/04/ 1 MB
0 107ms
106ms Media
video/mp4 2606:4700:20::681a:1dc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kin-sask.lbcdn.io/uploads/2024/04/Kinsmen-S24-Hero-Video-1.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:1dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://winners--2024-spring--kinsmen.lotteries.dev/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=6128781-

Response headers

date: Thu, 25 Jul 2024 20:06:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: T7RZ7XWV1TV434M6
age: 2901956
x-amz-server-side-encryption: AES256
Content-Range: bytes 6128781-18923690/18923691
alt-svc: h3=":443"; ma=86400
Content-Length: 12794910
x-amz-id-2: t54XTIzzHyLRUSv3pvs7W8RPVTuXvvvfqaBMJ05ERURxA6IslKvZjWc1XrjufYQtgAVnp2KLazw=
last-modified: Thu, 25 Apr 2024 00:42:15 GMT
server: cloudflare
etag: "0eb28d8713fc1f60bd2377ea15142ea7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7tNtf79qr80%2FPZIQYBk6IaOToyDkZgfRTCBZW4Jo6xsxgfjh7K1L2C4o1j8AnSw936exapiYgHirCVrslvQaqyFNHMmFCM%2Buz0djxXQWiMmWep8g%2B6Y2nwnMv52tAUztPXTwjBYRWQbnqLoxLQT"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8a8ec5bbec83abab-YYZ

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lotteries.dev/	1970-01-21 00:28:33	Name: _gcl_au Value: 1.1.459064950.1721937994
tags.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id Value: s%3A0-d34d47e8-e0e7-5382-65b5-3241dd878903.iTx%2Fih%2Bf%2BS8MshnOqU3q%2BNmmdm1U09OIXIYEMKA43FU
.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id Value: s%3A0-d34d47e8-e0e7-5382-65b5-3241dd878903.iTx%2Fih%2Bf%2BS8MshnOqU3q%2BNmmdm1U09OIXIYEMKA43FU
tags.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id-v2 Value: s%3A001H6ODnU4JltTJB3YeJA6YAzW0.ZLQQQzHYU9jj%2FPjXednt9HkQ0yUOOVGHiwKmUQ71P4Q
.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id-v2 Value: s%3A001H6ODnU4JltTJB3YeJA6YAzW0.ZLQQQzHYU9jj%2FPjXednt9HkQ0yUOOVGHiwKmUQ71P4Q
tags.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id-v3 Value: s%3AAQAKIA5_5j37_8pr2wk0OESHMRB6oHs0GOIhnvpWBp6LfD4vEAEYAyDO4Iq1BjABOgSsj1yIQgQ2zz4Q.15sJ%2Fzg%2BxE962iI%2F9U5eyx4BjawvrDR4kG8iUP6ce%2FU
.srv.stackadapt.com/	1970-01-21 07:04:33	Name: sa-user-id-v3 Value: s%3AAQAKIA5_5j37_8pr2wk0OESHMRB6oHs0GOIhnvpWBp6LfD4vEAEYAyDO4Iq1BjABOgSsj1yIQgQ2zz4Q.15sJ%2Fzg%2BxE962iI%2F9U5eyx4BjawvrDR4kG8iUP6ce%2FU
winners--2024-spring--kinsmen.lotteries.dev/	1970-01-21 07:04:33	Name: sa-user-id Value: s%253A0-d34d47e8-e0e7-5382-65b5-3241dd878903.iTx%252Fih%252Bf%252BS8MshnOqU3q%252BNmmdm1U09OIXIYEMKA43FU
winners--2024-spring--kinsmen.lotteries.dev/	1970-01-21 07:04:33	Name: sa-user-id-v2 Value: s%253A001H6ODnU4JltTJB3YeJA6YAzW0.ZLQQQzHYU9jj%252FPjXednt9HkQ0yUOOVGHiwKmUQ71P4Q
winners--2024-spring--kinsmen.lotteries.dev/	1970-01-21 07:04:33	Name: sa-user-id-v3 Value: s%253AAQAKIA5_5j37_8pr2wk0OESHMRB6oHs0GOIhnvpWBp6LfD4vEAEYAyDO4Iq1BjABOgSsj1yIQgQ2zz4Q.15sJ%252Fzg%252BxE962iI%252F9U5eyx4BjawvrDR4kG8iUP6ce%252FU
.doubleclick.net/	1970-01-20 22:18:58	Name: test_cookie Value: CheckForPermission
.tiktok.com/	1970-01-21 07:40:33	Name: _ttp Value: 2jkjWEAQBxcbAAXWuHGyOryhPd8
.t.co/	1970-01-21 07:54:57	Name: muc_ads Value: 8973b40d-3ac9-4167-a458-7f349cf891d4
.twitter.com/	1970-01-21 07:54:57	Name: guest_id_marketing Value: v1%3A172193799892484538
.twitter.com/	1970-01-21 07:54:57	Name: guest_id_ads Value: v1%3A172193799892484538
.twitter.com/	1970-01-21 07:54:57	Name: personalization_id Value: "v1_Y2pS9fblBIcAx2j98ixcWQ=="
.twitter.com/	1970-01-21 07:54:57	Name: guest_id Value: v1%3A172193799892484538
www.clarity.ms/	1970-01-21 07:04:33	Name: CLID Value: 1a544817027b4e028896baa00da864c6.20240725.20250725
.lotteries.dev/	1970-01-21 00:28:33	Name: _fbp Value: fb.1.1721937999320.416192269485294817
.lotteries.dev/	1970-01-21 07:54:57	Name: _ga_G2YTJVPJ0P Value: GS1.1.1721937999.1.0.1721937999.0.0.1323942546
.lotteries.dev/	1970-01-21 07:54:57	Name: _ga Value: GA1.1.887322481.1721937999
.linkedin.com/	1970-01-21 07:04:33	Name: bcookie Value: "v=2&8de25521-93f0-405e-854c-61359e6ba5b1"
.linkedin.com/	1970-01-21 02:38:09	Name: li_gc Value: MTswOzE3MjE5Mzc5OTk7MjswMjHVUq/vZRiBqxfkXwzcgbCBD0i4TC6dTw8MsZPCNMPkgg==
.linkedin.com/	1970-01-20 22:20:24	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=3257:u=1:x=1:i=1721937999:t=1722024399:v=2:sig=AQEs2lbI2d5segLD8BZlFMyGAh2L6igu"
.lotteries.dev/	1970-01-21 07:40:34	Name: _tt_enable_cookie Value: 1
.lotteries.dev/	1970-01-21 07:40:34	Name: _ttp Value: heXNRncqUbfVyMWJtYCUnuHCAUq
.lotteries.dev/	1970-01-21 07:04:34	Name: _clck Value: 1b80y6w%7C2%7Cfnr%7C0%7C1667
.lotteries.dev/	1970-01-20 22:20:24	Name: _clsk Value: 1tozf0%7C1721938000828%7C1%7C1%7Cw.clarity.ms%2Fcollect
.bing.com/	1970-01-21 07:40:34	Name: MUID Value: 3A141E422D6A6FF9355C0A852CC06E72
.c.bing.com/	1970-01-20 22:29:02	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:40:34	Name: SRM_B Value: 3A141E422D6A6FF9355C0A852CC06E72
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:40:34	Name: MUID Value: 3A141E422D6A6FF9355C0A852CC06E72
.c.clarity.ms/	1970-01-20 22:29:02	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 22:18:58	Name: ANONCHK Value: 0

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
intervention	info	URL: https://winners--2024-spring--kinsmen.lotteries.dev/(Line 2212) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Black.woff2
intervention	info	URL: https://winners--2024-spring--kinsmen.lotteries.dev/(Line 2212) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Roman.woff2
intervention	info	URL: https://winners--2024-spring--kinsmen.lotteries.dev/(Line 2212) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/icons/icomoon.ttf?fx1gpj
intervention	info	URL: https://winners--2024-spring--kinsmen.lotteries.dev/(Line 2212) Message: Slow network is detected. See https://www.chromestatus.com/feature/5636954674692096 for more details. Fallback font will be used while loading: https://winners--2024-spring--kinsmen.lotteries.dev/app/themes/home-lottery-common/fonts/avenir/AvenirLT-Light.woff2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.tiktok.com
analytics.twitter.com
c.bing.com
c.clarity.ms
code.jquery.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
kin-sask.lbcdn.io
px.ads.linkedin.com
px4.ads.linkedin.com
s2s.kinsmenhomelottery.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tags.srv.stackadapt.com
w.clarity.ms
winners--2024-spring--kinsmen.lotteries.dev
www.clarity.ms
www.facebook.com
www.google.ca
www.google.com
104.244.42.195
13.107.42.14
146.75.80.157
15.157.99.24
20.110.205.119
23.48.203.133
23.96.124.156
2600:1408:ec00:1e::1735:23ec
2600:1901:0:7cd2::
2606:4700:20::681a:1dc
2607:f8b0:4004:c08::93
2607:f8b0:400d:c00::66
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c02::9c
2607:f8b0:400d:c0e::9d
2607:f8b0:400d:c1d::5f
2620:1ec:21::14
2620:1ec:bdf::40
2620:1ec:c11::237
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
2a04:4e42:200::649
3.218.44.124
72.21.81.130
005d43f83fc7ae4d9c97c692ae2f5d0a764d36b6695c93fd1755a45d2c9b4170
079d916eecafa01f34c24e24bedd5f04e87cd0606835cf96570f6e4de371c5ea
0af313734cec37dbb158ca2448cad5cfeb36888c39c7e906a555636abe1293fb
0e177d7f1c1bcbfd518f26c6f40774c0d66f3e8233b8b8404c7918f470db8348
12a0e76be278fc3380973e6ea34c2b711b203ad47370e2521076dd18085913c4
1816bf2eef31eb38cd6af91b6b49e0b91d4ecd39fd02795a82bac87322f7e1ab
19df2c7ead41a3a2934dfa61b1b251aec6e5dfb3c122e1fbdcd1b98ad46df4de
1b44e4dfeba237d1a58dd8c8b726cc819fa4bce3665b63731cd7dcdafdc64b2c
1b8520c98ba040004c5fde9ee49bca1ac24587d925ad49a5270d612269065d85
1c09890f1c60f25405e210f63f4717efdf57f75b0f2500c1f77c89f3903304b7
2340664827930253b8afb3494aeb638e66a0c06caccaf31dad4b6843632a5a1c
251e54c2e34372b93dd77196518b2443a574a1990999ee84aadccb14c0a9d7cd
27103982c1fab6c6791003a919805cae651fb754d33a4b8e7185b0d933cbaa30
3046569356f90123a019ed0fff2c1f3e7df447fb105a84cad1bf4c0709e33f23
3046a401620fe57641120b7f4f2a48224b8b08cc397d4ab0f7b18b2703629a7a
32c9ea8782382ad5d037fcb23554549fa29cc9e76ada41b70038122b833d087a
334c12d789f0977761b887fe46fa1ce708f5c1f743d857f0dbd49c93a9909d60
35c067e6fac4f78cceb0eafa5df0ea101bb3e4cb417afa110b63679d7100bf40
3788b0a961dacabdc7486e838aab2a42d6d1edca3a5ee774310345b643dc1454
3947e0f7f76bb6322c20f756c603ff2ef98e4db2a3b0097ae5febcaeb923f6a4
3bc26695e789f665b5608902eaaeda0f2c0909eb8b48993e51b186d0460ddb54
3cd077dd54c699c6d72fd5c5eed15c9ef5212b59edc07144e25b5f2b71169ea9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4783eaccd7a80a58ad310f9cebad6c8c8d3d0f05a19c66c87de2150ddf2b14d0
49517646ca83f79f248f53f47cc2fc092ddc5b6f14fce2296e0f4af90be31854
495cfd8dd949004bfb9bc7c30681437797e179edd732c6721c9b8eab42c373ad
4ce7675c8ed7fc58ff63c22533ed8cc5b8c719ceeb3e5ef07e297c9f95f1993d
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
53a16afd6a5492b619c71a6e679bbcb8dac2e97b3028fc5e684740993dde0eac
576d9e40881c7dfe74894b94e0481756dad5ec70824159f4101e6a0e2265acd6
5a06abfbdad932e08546db4457876e06e411312e80bc37cd585f86fdb8d2ec94
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
63e8e6c2c236f21bf86bdb0ed108e9fca92fff0b59e38e741d16f70d079302bc
6c495fdee8fdedea958291002b9090e57e0ce477feae0ac9034f8b78c34ec65c
6e3ba84c452291c0838ca8be9b953fd72db9cf1a374ad2a5327f88a234db2657
70b33e0ffec416840bba2065df6b5ba2c30d468fe4713e561cbca27135f08f6b
724b323d3f1f852dbf9887ae2ff370119fff75cb893512de4cd82c64e33dfeba
741255da0b37252b6f3636daf63bbfbebb3d5f4514f3b5ec300ff0ebb5cd0723
7655af0c14008fc0322880daf1db0cb7b7a6163a43033976e54cc9af6db16911
794baedb0d3bd55c72457a7c1323b92f3ad9ff1d57f14872046341d188dbca7d
7ec2d9ce959e248aa8ffb0dce0eacc2ea9ea2394278c0c0e264fa677f9153a38
7fe91a363c537c0062e9a60f57dabd2d042f0db6f1af3dd875d6865210dff198
86e6eebbdf495a89aef0a64c368757d101de2d6d892b0984fd9d01f6b2864331
89333b6a52d61646b071d1dec1a49c6a5a734096eb5ec9183ef08b42c9cfbe50
8a4356b59a2555f82ddb529f638227864f8a30362c9c79fe42341823f07519e7
8c962f79dc4ce4bc429ed42f64e36621247e13b80d35705a33a39dbed97a569d
8ddc51179ebc0c67948a0e9240143f0924a40702d0d6dbdd2727f70e7472b85d
8eb9e10888718accb1052beaa8357ed4256f396e5ec8f8ab51f59e1e127668ab
926b50985a04d07ca2e12a0f427f185d3c01b02735de33be4e1162bfe60a5cfa
942b8c62b588d243ee028c33aeaf1bf99ae61665ecefa87de162c1fd717d081e
9516a2b3a57a503d0b242672e1ab08cc38f7fb52bf60285e01cb65c7b9b9897d
9602d6839a8376ec243c77fc3ed269ee321fc95541029d358b267ddc74830a21
9714b78dc72d7d06a6a5c5a67f05096d7a752b42eb4d50198de469ff8745c8e1
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
98f1d5d8ac732e6f478ed3eb43c58e5fbad231dd49b393787dbc1bd9aeaaeda3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1950ba755c2fea6c6462d9861eac5d20d569ccd907d246267e0978361f4c8c4
a2c34a121ed6cbe3441551d02daf013972fb8626bb6c5faec4def09c6689d8b2
a43c95d20a9b8be6b56f2b36be711364160e113c203fe0402e32b5d614d903d9
a6677f982122c3572c48ee15b3509c791f40ff5dba40f833a9ddb1815a94eb9e
a9d1409a6aca327dd838db9cdbab7d6a5c49424d87423f73ae92f4f357470f22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b5f50c34be29cb663ac9567c9062ddc313fae93c2f4cf5ee065b0954c17551df
babed8ddf22ed2e66590a4f75773661304242a4f4167d52e165652fee492933e
bb840e8c0ff6abbd1a8f8caf2cfa8a3c8cdac054b1e2767368da977f475ff0e6
bc8a1d8347f191ea3a64c6ff13d96afe5099a35e2806305933677fbf1facf197
bce42d30dcf7c75d87934700a9ade3982c23fce0b055ed7d55b1222e2d6d6ed9
beb54f2a7594eaa6c2c05c32502368ba036c3f1de2a94a2e62c634e908321b7a
bf1f09860437a04f6127e80c9a86f1595b50c1b5bed8f8157fc93c37b5376a12
c29d379e13f61611b8b4d177e6a4b49eab8b5917376aff3a11914d1c8359ef95
c3a6f95bf267804a518ec7564b944a734acbd6e2679e93d2a37b1f0f8717b495
c62f53db271220ca33087210a3e710f44de1c88231e85c08adc181a482a6b586
c968aaf215c0bdbd44f227ffd2156498680421921bca50b6b3faa645eec030e4
cae70990bbbc74ed94ef0e3e98a26f13e926edb0b4080b9990c3bef4fab11200
cc8fe4bafda198888cee94aaec0b60eba38ba314ad5322edc0ced0eafd1f3d4c
d78761b67265b76888cc8f31309b1b56d13748d0a48076dd9b4ba418abcf697e
d8dfabe7629218ae828558b16ea30c7a034f74d8602e21ab05976168bb9cf5fe
daba10de1d120438e30267b1a471fae110450104232d4abea93232ed1c6d4a51
db5fd3a72b827b71665940751ac7359cecba82ce412af174b29674c01478b536
e047df003d3769e08b7b841bd647bedd6a0c061930538a407deb58d3ac0fe3e6
e071cdc99aae4563ad7b2bc75f5b6259b237f8349bb96b4951188184aaaf2827
e110847e61f439dd67612ee87851b7388d35f5df981364604e91699279b68b73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d62ef64ad65eed996af23dd64dc3c354c5989e355aa9ee23d35ce7b41a9bc0
e3dd1e5d929d2d345fb9531efdc4b7aaa285628a0448664a31bd3dbe1f5893a5
e55ef771d36e895bc34ffb629d198fe953d1309168bf1ab636a8cde4d6f628f8
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ec7eee6e9cf282dd80568bb8413e244a94bcbcb63546069a10cb0ad78fce40aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3155fe5daee8454f99c71557da21a45484a10175ccff85ce14b0c06daf36f2d
f425065794adcb9c7f206bde2f2ac3a2546bb188b02e406a5756c4cf955497f9
f4d2295d9691723b38465315827b0fbfdcb3df187fa9179af0278657880df3d5
f65c5d0f395c2d68015220a7ca64ecd148ce759c4a178dd92b2a3a2efa2911f1
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
fb0e5c71debe7ad52b30fb8e0c6b1d6e1316c7ab77e075ee57958aad89e281f1
fc7147ee34940deddfbe4547b18f5f03603be7606fc152b303788de874dd5683
fe8676e3b57dedc21c850ed016c4ded24218b6c058bd0e83a7398cfe95df48e8
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

winners--2024-spring--kinsmen.lotteries.dev Open in urlscan Pro 15.157.99.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

98 %HTTPS

63 %IPv6

19 Domains

24 Subdomains

23 IPs

2 Countries

35980 kBTransfer

44313 kBSize

35 Cookies

5 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winners--2024-spring--kinsmen.lotteries.dev Open in urlscan Pro
15.157.99.24 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

98 %
HTTPS

63 %
IPv6

19
Domains

24
Subdomains

23
IPs

2
Countries

35980 kB
Transfer

44313 kB
Size

35
Cookies

117 HTTP transactions
0 data transactions