www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.valottery.com/printnplay
Submission: On March 04 via manual (March 4th 2022, 4:44:42 pm UTC) from US — Scanned from DE

Summary HTTP 172 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 49 IPs in 7 countries across 44 domains to perform 172 HTTP transactions. The main IP is 52.168.86.34, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.valottery.com. The Cisco Umbrella rank of the primary domain is 367864.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 17th 2021. Valid for: a year.

This is the only time www.valottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34 82	52.168.86.34 52.168.86.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
5	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	8.43.83.17 8.43.83.17	394729 (NPIASN) (NPIASN)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
3	151.101.66.65 151.101.66.65	54113 (FASTLY) (FASTLY)
1	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.13.251 104.18.13.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
3	2a05:d018:11d... 2a05:d018:11d:9e00:46da:9128:6bdf:45e9	16509 (AMAZON-02) (AMAZON-02)
2 6	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
4	18.66.139.32 18.66.139.32	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1	18.197.184.171 18.197.184.171	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:b4f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
1	13.225.80.62 13.225.80.62	16509 (AMAZON-02) (AMAZON-02)
2	100.24.222.57 100.24.222.57	14618 (AMAZON-AES) (AMAZON-AES)
17 22	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:2bcd:329f:3664:7fb6	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.184.68.205 18.184.68.205	16509 (AMAZON-02) (AMAZON-02)
1 1	18.156.47.94 18.156.47.94	16509 (AMAZON-02) (AMAZON-02)
2	52.222.214.42 52.222.214.42	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	3.210.99.203 3.210.99.203	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
1	63.251.14.14 63.251.14.14	14744 (INTERNAP-...) (INTERNAP-BLOCK-4)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	8.43.83.18 8.43.83.18	() ()
172	49

82 52.168.86.34 (Tappahannock, United States) 34 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.43.83.17 (United States)

ASN394729 (NPIASN, US)

gamesrv1.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-130-11.fra60.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.65 (United States)

ASN54113 (FASTLY, US)

www.zmbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.13.251 (None, )

ASN13335 (CLOUDFLARENET, US)

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:11d:9e00:46da:9128:6bdf:45e9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

content.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-aeui1.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8930728.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6528888.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.139.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-32.fra60.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.197.184.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-184-171.eu-central-1.compute.amazonaws.com

77148.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:b4f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-62.fra2.r.cloudfront.net

tag.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.222.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-222-57.compute-1.amazonaws.com

pixel.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.122.14.34 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:2bcd:329f:3664:7fb6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.68.205 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-68-205.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.156.47.94 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-47-94.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-42.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.99.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-99-203.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.233.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.251.14.14 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.83.18 (None, )

ASN- ()

info.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	valottery.com 34 redirects www.valottery.com — Cisco Umbrella Rank: 367864 cdn.valottery.com — Cisco Umbrella Rank: 482594 gamesrv1.valottery.com — Cisco Umbrella Rank: 439975 info.valottery.com	2 MB
25	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 4540 i.simpli.fi — Cisco Umbrella Rank: 2971 um.simpli.fi — Cisco Umbrella Rank: 707	18 KB
25	gamesrv1.com download.gamesrv1.com — Cisco Umbrella Rank: 195221	1 MB
10	doubleclick.net 5 redirects 8930728.fls.doubleclick.net — Cisco Umbrella Rank: 591065 6528888.fls.doubleclick.net — Cisco Umbrella Rank: 67041 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	5 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	4 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 697 s.tribalfusion.com — Cisco Umbrella Rank: 1995	4 KB
4	google.de 2 redirects www.google.de — Cisco Umbrella Rank: 6433 adservice.google.de — Cisco Umbrella Rank: 8832	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
4	foresee.com gateway.foresee.com — Cisco Umbrella Rank: 3512	82 KB
4	gstatic.com fonts.gstatic.com	107 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
3	samba.tv tag.mtrcs.samba.tv — Cisco Umbrella Rank: 9894 pixel.mtrcs.samba.tv — Cisco Umbrella Rank: 5340	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
3	uplynk.com content.uplynk.com — Cisco Umbrella Rank: 3634 content-aeui1.uplynk.com — Cisco Umbrella Rank: 755325	3 KB
3	zmbl.co www.zmbl.co — Cisco Umbrella Rank: 207559	24 KB
3	listrakbi.com cdn.listrakbi.com — Cisco Umbrella Rank: 9649 s1.listrakbi.com — Cisco Umbrella Rank: 9956	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	209 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 480	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 691	834 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 950	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2308	523 B
2	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1323
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 393 d.agkn.com — Cisco Umbrella Rank: 492	965 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 365	888 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 346	730 B
2	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 567	521 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	114 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	97 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 323	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 289	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 101	629 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 281	66 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 734	348 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 437	603 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1120	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6225	183 B
1	media6degrees.com action.media6degrees.com — Cisco Umbrella Rank: 5778	166 B
1	dstillery.com 1 redirects action.dstillery.com — Cisco Umbrella Rank: 6181	296 B
1	siteimproveanalytics.io 77148.global.siteimproveanalytics.io — Cisco Umbrella Rank: 525297	620 B
1	vimeocdn.com extend.vimeocdn.com — Cisco Umbrella Rank: 8647	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 2855	9 KB
1	listrak.com services.listrak.com — Cisco Umbrella Rank: 14992	3 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 620	7 KB
172	44

	Domain	Requested by
82	www.valottery.com	34 redirects www.valottery.com cdn.valottery.com
25	download.gamesrv1.com	gamesrv1.valottery.com download.gamesrv1.com
22	um.simpli.fi	17 redirects 8930728.fls.doubleclick.net
10	gamesrv1.valottery.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
5	cdn.valottery.com	www.valottery.com
4	ib.adnxs.com	2 redirects 8930728.fls.doubleclick.net
4	gateway.foresee.com	www.valottery.com gateway.foresee.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	www.valottery.com client download.gamesrv1.com
3	6528888.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.google-analytics.com	www.googletagmanager.com www.valottery.com
3	8930728.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.zmbl.co	www.valottery.com www.zmbl.co
3	www.googletagmanager.com	www.valottery.com www.googletagmanager.com download.gamesrv1.com
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	1 redirects 8930728.fls.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects 8930728.fls.doubleclick.net
2	loadm.exelator.com	1 redirects 8930728.fls.doubleclick.net
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	8930728.fls.doubleclick.net
2	pixel.tapad.com	1 redirects 8930728.fls.doubleclick.net
2	eb2.3lift.com	1 redirects 8930728.fls.doubleclick.net
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	pixel.mtrcs.samba.tv	tag.mtrcs.samba.tv 8930728.fls.doubleclick.net
2	tag.simpli.fi	8930728.fls.doubleclick.net
2	insight.adsrvr.org	8930728.fls.doubleclick.net 6528888.fls.doubleclick.net
2	a.tribalfusion.com	1 redirects 8930728.fls.doubleclick.net
2	adservice.google.de	2 redirects
2	adservice.google.com	6528888.fls.doubleclick.net 8930728.fls.doubleclick.net
2	content-aeui1.uplynk.com	cdn.valottery.com
2	www.google.de	www.valottery.com 8930728.fls.doubleclick.net
2	www.google.com	1 redirects www.valottery.com
2	www.facebook.com	www.valottery.com
2	connect.facebook.net	www.valottery.com connect.facebook.net
2	cdn.listrakbi.com	www.valottery.com cdn.listrakbi.com
2	code.jquery.com	www.valottery.com
1	info.valottery.com	download.gamesrv1.com
1	us-u.openx.net	8930728.fls.doubleclick.net
1	pixel.rubiconproject.com	8930728.fls.doubleclick.net
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	8930728.fls.doubleclick.net
1	ce.lijit.com	8930728.fls.doubleclick.net
1	stags.bluekai.com	8930728.fls.doubleclick.net
1	sync.bfmio.com	8930728.fls.doubleclick.net
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	8930728.fls.doubleclick.net
1	i.simpli.fi	tag.simpli.fi
1	tag.mtrcs.samba.tv	8930728.fls.doubleclick.net
1	action.media6degrees.com	8930728.fls.doubleclick.net
1	action.dstillery.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	77148.global.siteimproveanalytics.io	www.valottery.com
1	extend.vimeocdn.com	www.valottery.com
1	siteimproveanalytics.com	www.valottery.com
1	content.uplynk.com	cdn.valottery.com
1	services.listrak.com	cdn.listrakbi.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	maxcdn.bootstrapcdn.com	www.valottery.com
172	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-17` - `2022-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
cdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-30` - `2022-09-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-09` - `2022-11-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.listrakbi.com Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
*.zmbl.co Sectigo RSA Domain Validation Secure Server CA	`2022-02-15` - `2023-02-15`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
listrak.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2021-09-18` - `2022-08-24`	a year	crt.sh
*.uplynk.com Amazon	`2021-08-19` - `2022-09-17`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
foresee.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-12` - `2022-03-12`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.global.r1.siteimproveanalytics.io Amazon	`2021-11-11` - `2022-12-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.samba.tv Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.valottery.com/printnplay
Frame ID: 4C583F885FD4AE7D01445B7790A4E6E2
Requests: 116 HTTP requests in this frame

Frame: https://www.valottery.com/live_draw_show/index.html
Frame ID: 04E1511A9AC039BD9ECF0746B2385694
Requests: 10 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: 302D3506D37ED01E44A2C15C357A77FF
Requests: 1 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: 92E56307B1AFEE374C814492A91A86C2
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: FA96F6AFB49D3E636040856513E0492A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: 28AAC8B85519816FC0F00048DE91400D
Requests: 1 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: F8D0D6E2F11E08E6B99ED32042175379
Requests: 2 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Frame ID: CAE5A50D337190D3F1ABAF23B1CDFB10
Requests: 33 HTTP requests in this frame

Frame: https://download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame/index.html
Frame ID: CD49CFFB96E185D1874DB63EB9012116
Requests: 2 HTTP requests in this frame

Frame: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225
Frame ID: 82161B1867AE3CA087719B3EB80441CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Print 'n Play Bingo Crossword Blackjack | Virginia Lottery

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

172
Requests

67 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

49
IPs

7
Countries

3673 kB
Transfer

11489 kB
Size

44
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/valottery

Search URL Search Domain Scan URL

URL: https://twitter.com/VirginiaLottery

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VirginiaLottery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/virginia-lottery

Search URL Search Domain Scan URL

URL: https://www.instagram.com/virginialottery/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/virginia-lottery-official-app/id1409781643?ls=1&version=App-Version-3.0.7&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.va.lottery&version=App-Version-4.0.0

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

Request Chain 15

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

Request Chain 16

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8

Request Chain 17

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

Request Chain 18

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

Request Chain 19

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

Request Chain 20

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

Request Chain 21

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

Request Chain 22

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

Request Chain 23

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/CashPop_CardLogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cashpop_cardlogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9

Request Chain 24

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295 HTTP 307
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

Request Chain 25

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9 HTTP 307
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

Request Chain 26

https://www.valottery.com/-/media/VAL/Images/Promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356 HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

Request Chain 27

https://www.valottery.com/-/media/VAL/Images/Promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

Request Chain 28

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/dec_2019/PnP_Dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2 HTTP 307
https://www.valottery.com/-/media/val/images/promos/print-n-play/dec_2019/pnp_dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2

Request Chain 29

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001 HTTP 307
https://www.valottery.com/-/media/val/images/promos/holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001

Request Chain 30

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

Request Chain 31

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

Request Chain 32

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

Request Chain 33

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

Request Chain 34

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

Request Chain 35

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C& HTTP 307
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Request Chain 36

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx HTTP 307
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Request Chain 42

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx

Request Chain 65

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/50KBlackjack_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/50kblackjack_pnp_teaser.ashx

Request Chain 66

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/Blackjack_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/blackjack_pnp_teaser.ashx

Request Chain 67

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/BullseyeBingo_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/bullseyebingo_pnp_teaser.ashx

Request Chain 68

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/GoldBarBingo_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/goldbarbingo_pnp_teaser.ashx

Request Chain 69

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/LuckyBingo_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/luckybingo_pnp_teaser.ashx

Request Chain 70

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_3luckyclovercw.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_3luckyclovercw.ashx

Request Chain 71

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_2luckydaycw.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_2luckydaycw.ashx

Request Chain 72

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_5luckyhorseshoecw.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_5luckyhorseshoecw.ashx

Request Chain 73

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_10luckystarcw.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_10luckystarcw.ashx

Request Chain 74

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/RockinBingo_PnP_teaser.ashx HTTP 307
https://www.valottery.com/-/media/val/images/print-n-play-images/rockinbingo_pnp_teaser.ashx

Request Chain 75

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay HTTP 302
https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Request Chain 77

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay HTTP 302
https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Request Chain 103

https://adservice.google.de/ddm/fls/i/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay HTTP 302
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Request Chain 104

https://adservice.google.de/ddm/fls/i/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay HTTP 302
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Request Chain 105

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 115

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 116

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 117

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 118

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=389A7FB1EDC946E39E0BA0C82961E40C HTTP 302
https://d.agkn.com/pixel/10751/?che=1646412278&ip=185.213.155.162&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164990404080000410306 HTTP 302
https://um.simpli.fi/aa_px?sk=164990404080000410306

Request Chain 119

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 122

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=389A7FB1EDC946E39E0BA0C82961E40C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=389A7FB1EDC946E39E0BA0C82961E40C;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2060711289735890200

Request Chain 123

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0&xl8blockcheck=1

Request Chain 125

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 126

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 127

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 128

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 129

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 130

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1646412278839&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=9kEiYp6hOsPKx_APmdGMsAE&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9kEiYp6hOsPKx_APmdGMsAE&cid=CAQSKQCNIrLMzRi5sNPlrJlGp0j7fdHhyfKo4rrVC31lzvcntuyNbw_GfWDq&random=4222829368 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9kEiYp6hOsPKx_APmdGMsAE&cid=CAQSKQCNIrLMzRi5sNPlrJlGp0j7fdHhyfKo4rrVC31lzvcntuyNbw_GfWDq&random=4222829368&ipr=y&prhg=0

Request Chain 131

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C&__user_check__=1&sync_id=61f8cc76-9bda-11ec-a415-191344880406

Request Chain 132

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=389A7FB1EDC946E39E0BA0C82961E40C HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 133

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=389A7FB1EDC946E39E0BA0C82961E40C&expires=365

Request Chain 134

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=389A7FB1EDC946E39E0BA0C82961E40C

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEK3EUSJZUJPck6cAuCY9OEQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=389A7FB1EDC946E39E0BA0C82961E40C HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 136

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223225111915%22%2C%22th%22%3A7986631924%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aomneMWPjm3GU50F3ZcUAmmR9QSPWs9Gf%22%2C%22url%22%3A%22https%3A%2F%2Fadservice.google.com%2F%22%2C%22clientName%22%3A%22Virginia%2520Lottery%22%2C%22clientID%22%3A769933%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22VALotto%22%7D HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=4274990490468413699&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662291904319484

172 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request printnplay Show response
www.valottery.com/ 103 KB
20 KB 848ms
661ms Document
text/html 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2aa889fd55a4b4d2d13404b7573784dc95d232ee1f39043c0d1bf88e931a459d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
content-length: 20115

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1649aae3a6a1f5d196575cb8f82ef80f4f4e6337cef3a77bb2acbc321a241f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 16:44:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 16:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 16:44:36 GMT

GET
H2 200 bootstrap.min.css
www.valottery.com/dist/vendor/bootstrap/css/ 119 KB
19 KB 97ms
94ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 17:23:17 GMT
server
x-frame-options: SAMEORIGIN
etag: "8070b894b7fbd51:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19689
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-datepicker.standalone.min.css
www.valottery.com/dist/vendor/bootstrap-datepicker/css/ 16 KB
2 KB 95ms
93ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2214
x-xss-protection: 1; mode=block

GET
H2 200 video-js.min.css
www.valottery.com/dist/vendor/videojs/ 45 KB
13 KB 95ms
93ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/videojs/video-js.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 13687
x-xss-protection: 1; mode=block

GET
H2 200 styles.bundle.css
cdn.valottery.com/css/ 423 KB
33 KB 206ms
12ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/css/styles.bundle.css?cachebuster=20220216
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b59d15951f11d25d4e602553d1d229028c78e6aa16a8e0a95db0002c2476d95f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Mar 2022 16:44:35 GMT
content-encoding: br
x-azure-ref-originshield: 0TqYfYgAAAAA3IHDFTH+DRKq9ILgnrPPzQU1TMDRFREdFMTkxMwA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: KVb4hkuyDl4aCNkorIEluw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 16 Feb 2022 20:51:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9F18E0E313D15
x-azure-ref: 09EEiYgAAAAAax2iyZzH5T7dUQNDnjlp2RlJBRURHRTEwMTkANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 6f4a0d39-f01e-003a-46de-2d7971000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 33ms
15ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632
age: 1329026
cdn-cachedat: 12/13/2021 21:25:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cf-ray: 6e6c13d76a855b7a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 common.css
www.valottery.com/neo/web/_webportal/css/ 1 KB
747 B 95ms
93ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/common.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "a748f4b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 662
x-xss-protection: 1; mode=block

GET
H2 200 top-bar.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 184ms
182ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/top-bar.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "e7bf5b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 968
x-xss-protection: 1; mode=block

GET
H2 200 cart-preview.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 184ms
182ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/cart-preview.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "2bcbf7b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 986
x-xss-protection: 1; mode=block

GET
H2 200 instant-game.css
www.valottery.com/neo/web/_webportal/css/ 3 KB
984 B 183ms
181ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/instant-game.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 19:28:43 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a7f07f4b4ed61:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 898
x-xss-protection: 1; mode=block

GET
H2 200 webportal.js Show response
www.valottery.com/neo/web/_webportal/ 20 KB
4 KB 96ms
95ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/webportal.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 09 Aug 2020 12:28:23 GMT
server
x-frame-options: SAMEORIGIN
etag: "80cd9592486ed61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4386
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mwc-app.js Show response
gamesrv1.valottery.com/MWC/ 67 KB
19 KB 771ms
104ms Script
application/javascript 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/MWC/mwc-app.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

98855111c9280dbc161f079e0f489e43c69d2e834701e03cf0fdeb26be413e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Tue, 08 Feb 2022 12:42:29 GMT
X-Powered-By: ASP.NET
ETag: "80283655e91cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Fri, 04 Mar 2022 16:44:36 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 19066

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 53ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1646412276.dop152.am5.t,1646412276.cds233.am5.hn,1646412276.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 67ms
31ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-3dee4"
vary: Accept-Encoding
x-hw: 1646412276.dop152.am5.t,1646412276.cds233.am5.hn,1646412276.cds263.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

12 KB
12 KB

105ms
105ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 17:47:22 GMT
server
date: Fri, 04 Mar 2022 16:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12351
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:36 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=8A8C832B39246A2CF9068AEDF8A3EB5BF80904E3
date: Fri, 04 Mar 2022 16:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_pb_homepage_dropdown.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

3 KB
4 KB

103ms
103ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 05:39:59 GMT
server
date: Fri, 04 Mar 2022 16:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_PB_homepage_Dropdown.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3474
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=A347FD6B6CA883227159FC9FDC3D2B8FFA03A026
date: Fri, 04 Mar 2022 16:44:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 289
x-xss-protection: 1; mode=block

GET
H2

200

c4l_winningnumbers_logosm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8
https://www.valottery.com/-/media/val/images/winning-numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8

5 KB
5 KB

101ms
101ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6227810f3f848327f682c41a77bbf66998210067a5c1324b78f85b204422ff9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 25 Jan 2022 19:20:40 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="c4l_winningnumbers_logosm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4962
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/c4l_winningnumbers_logosm.ashx?h=38&w=63&la=en&hash=FDD6FF379B569CB68E30AA621FF451032F8E2CC8
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 288
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p3fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

7 KB
8 KB

128ms
128ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:17:56 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P3Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=73254558BAA2D1B0CBED3B375CBF491D5FACE647
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p4fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

8 KB
8 KB

139ms
139ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:18:48 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P4Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7864
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=08B56D603D9FDDBC9170A796D85FDDB684C77E3D
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo-numberscards_c5-ezmatch.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

9 KB
9 KB

144ms
143ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:47 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo-numbersCards_C5-EZMatch.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9088
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=A3702EB19F5AC8D2C051DDEA28082AB7A93B91CB
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 292
x-xss-protection: 1; mode=block

GET
H2

200

bankamillion_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

11 KB
12 KB

140ms
139ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:23 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BankAMillion_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11716
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=2B0E5F082D27488E5DFC4B2312ABBAA2A8AB84BC
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_keno_winningnumbers_midpage.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

4 KB
4 KB

139ms
139ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 05:19:23 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_keno_winningNumbers_midPage.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3787
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=B76FCC8BCDFFC364874A71D4008D0D1ADD2A450B
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 296
x-xss-protection: 1; mode=block

GET
H2

200

logo_rollingjackpot_winningnumbers.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

9 KB
9 KB

139ms
139ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 26 May 2019 08:51:06 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_rollingjackpot_winningnumbers.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9574
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=E3D519D4068EFC5F802A86AF2C1AF7D9BD2F5C39
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 298
x-xss-protection: 1; mode=block

GET
H2

200

cashpop_cardlogo.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/CashPop_CardLogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9
https://www.valottery.com/-/media/val/images/winning-numbers/cashpop_cardlogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9

4 KB
5 KB

141ms
141ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cashpop_cardlogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f489673218d6683f0731021c0be3e1a28c3c3b1b94bf7b7e18a55b450ce8c605

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 16:07:17 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="CashPop_CardLogo.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4504
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cashpop_cardlogo.ashx?h=57&w=83&la=en&hash=9E3B2F3D9F49C91576C003EAA44BD5FE91698EB9
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

enter-tickets.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

321 B
418 B

141ms
140ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:31 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="enter tickets.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 321
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=CADA6A93F3200D883372F7E605A52D8A4A016295
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

online-play.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

292 B
388 B

145ms
145ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:14 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="online-play.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 292
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=193AF33F9BB4EE683D1FB6F635E085DC86FA36B9
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 265
x-xss-protection: 1; mode=block

GET
H2

200

desktoptopnavlogo202110121.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356
https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

6 KB
6 KB

144ms
144ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1b120b16074e4bdf34ac5c84bd56800f0106d1362ae39b340902774698410c1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 21:03:49 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="desktoptopnavlogo202110121.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6016
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/desktoptopnavlogo202110121.ashx?h=60&w=226&la=en&hash=2AD2D472EF08887A3C8DCCD9735A2490545BA356
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 286
x-xss-protection: 1; mode=block

GET
H2

200

footerlogo202110121.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D
https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

4 KB
5 KB

184ms
184ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

892a36bc18f47d47c7b086dcf1eed969fafe1792fff326604af4bb9911b65d2e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 04 Oct 2021 21:04:19 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="footerlogo202110121.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4599
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/footerlogo202110121.ashx?h=60&w=67&la=en&hash=C2E43536E33ACEE639924B04A5262D2E694DDC4D
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 278
x-xss-protection: 1; mode=block

GET
H2

200

pnp_dec2019_logo.ashx
www.valottery.com/-/media/val/images/promos/print-n-play/dec_2019/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/dec_2019/PnP_Dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2
https://www.valottery.com/-/media/val/images/promos/print-n-play/dec_2019/pnp_dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2

7 KB
7 KB

255ms
254ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/print-n-play/dec_2019/pnp_dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c86cba4a13fb54e4f9d79d2b25b7061f2e8a52fb39ccbb09d3276a629c2e0cae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 25 Nov 2019 12:48:17 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="PnP_Dec2019_logo.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7239
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/print-n-play/dec_2019/pnp_dec2019_logo.ashx?h=76&w=265&la=en&hash=3CE917B91F0D55E4F6659281B3BE1870AD75B1A2
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 293
x-xss-protection: 1; mode=block

GET
H2

200

interstitial_holiday2021_2ndchance.ashx
www.valottery.com/-/media/val/images/promos/holiday/2021/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001
https://www.valottery.com/-/media/val/images/promos/holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001

94 KB
94 KB

104ms
104ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aa07fe82ff35dac2be6012244bda34cd585524a030bec906230a3b857796a88f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 19 Nov 2021 17:39:43 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="interstitial_holiday2021_2ndchance.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 96007
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/holiday/2021/interstitial_holiday2021_2ndchance.ashx?la=en&hash=B85AF6BD6A1C3804C06C69999F37B5BFD6334001
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 283
x-xss-protection: 1; mode=block

GET
H2

200

facebook.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

3 KB
3 KB

103ms
102ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:11 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="facebook.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2935
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=F51B21A943929C35C4B0267C5B094902392BDAE4
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 268
x-xss-protection: 1; mode=block

GET
H2

200

twitter.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

3 KB
3 KB

185ms
185ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:00 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="twitter.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3034
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=F839C30B117C05867E3A631D5ABF86DC16BE8529
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

youtube.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

3 KB
3 KB

185ms
185ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:50 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="youtube.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2927
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=504FD9CD26684D54B1BB7A302C12C5F6A8E7F2CC
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

linkedin_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

240 B
339 B

184ms
184ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2017 16:40:16 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="linkedin_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=E1B8DBE8C4D76F42F0D358C769A02557B0A41057
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

instagram_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

341 B
441 B

185ms
185ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:36 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="instagram_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 341
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=C4AD64DBB9A578C85979DC54F2A7D81912E13903
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

53d8198ebdfc429a8260c2f200fe4fe7.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

3 KB
3 KB

185ms
185ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2019 15:32:43 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="apple_app.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2602
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 255
x-xss-protection: 1; mode=block

GET
H2

200

c646eb7c858a499db091d338bb81a3f3.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

4 KB
4 KB

183ms
183ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 12:43:52 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="google-play-badge.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3795
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 app.bundle.js Show response
cdn.valottery.com/jscript/ 1 MB
240 KB 77ms
77ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20220301
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9f9b4f945aa2e9a97845471340600fdc1552192119d4c66ad5b0fffc4546f782

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Mar 2022 16:44:35 GMT
content-encoding: br
x-azure-ref-originshield: 09EEiYgAAAABdCXZ0xrElQpGIIHH9PdAtQU1TMDRFREdFMTkxOAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: TZbt6IuwJ6aGapzd4kLMOg==
x-cache: TCP_REMOTE_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 01 Mar 2022 16:34:36 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9FBA15FEB699F
x-azure-ref: 09EEiYgAAAACqsqUL2klLT6gkAWcDxA5wRlJBRURHRTEwMTkANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 89d845f4-901e-00c4-17b7-2f4514000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 pulltorefresh.js Show response
www.valottery.com/assets/ 10 KB
3 KB 92ms
92ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/assets/pulltorefresh.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 16:56:35 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a3b9d0fd17d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:36 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2652
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 13 KB
6 KB 191ms
190ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&CurrencyCode=USD&IUA=neow&LNG=ENU&IP=&AR=&AFI=&GameVerticalID=&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225&cm=PLI&rst=j&uniqueNoCache=1646412277384

Requested by

Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d5d5182786234308d492706dd6656a8cfa54e2c49a4323a070df0a7244b8542e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 5280
Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:37 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
74 KB 163ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

284c0e02db33d5f6a366901dab047d6afbd144009e5b5d93bfed5be2b210ff56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74877
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Mar 2022 16:44:37 GMT

GET
H2 200 index.html Show response
www.valottery.com/live_draw_show/ Frame 04E1 959 B
755 B 161ms
159ms Document
text/html 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/live_draw_show/index.html

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 14:28:49 GMT
accept-ranges: bytes
etag: "a3b9bc156fe3d61:0"
vary: Accept-Encoding
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:37 GMT
content-length: 645

GET
H2

200

curvedbannerprintnplay122021permanent.ashx
www.valottery.com/-/media/val/images/promos/print-n-play/2021/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx
https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx

98 KB
98 KB

223ms
223ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4b3c6d666b093e103e0042fceff5bd06bdee1d2de204636ff39b83a5b5207aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 17 Nov 2021 14:52:21 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="curvedbannerprintnplay122021permanent.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 100229
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:37 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/curvedbannerprintnplay122021permanent.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 235
x-xss-protection: 1; mode=block

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 44 KB
44 KB 136ms
47ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 162639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:33:58 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 46 KB
46 KB 184ms
96ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:33:58 GMT
x-content-type-options: nosniff
age: 162639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:33:58 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:33:39 GMT
x-content-type-options: nosniff
age: 162658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:33:39 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 8 KB
8 KB 177ms
89ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:44 GMT
x-content-type-options: nosniff
age: 162773
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:17:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:44 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.valottery.com/dist/vendor/bootstrap/fonts/ 18 KB
18 KB 154ms
154ms Font
application/font-woff2 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
etag: "2ff67cb9a2c0d31:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:37 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 330 KB
64 KB 29ms
12ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: f000378c6db049d3149c1241d02ed22fffd3837337828980b3006f25f7c72907

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 16:40:03 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
Age: 274
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 65037
Last-Modified: Fri, 04 Mar 2022 11:12:33 GMT
Server: cloudflare
X-ltk: 3/4/2022 11:19:35 AM
ETag: "+Jnc/Y1T2Z8Je5lloBqKKg=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 6e6bef31d8f4996e-FRA
X-Amz-Cf-Id: FP4Y_FAYmeJz_Y-7dpxxJ-RBHNCP9FiLf1q4gqvY69XzhCa19ex43w==
Expires: Fri, 04 Mar 2022 17:40:03 GMT

GET
H2 200 zmbl.js Show response
www.zmbl.co/build/ 79 KB
23 KB 97ms
24ms Script
application/javascript 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/build/zmbl.js?v=3.1.0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

86fba08a5da51229089cd9b4309d1c48de5ef6f7ac5e03ccffe92b394a10ad61

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
age: 1591
x-cache: HIT
content-encoding: gzip
content-length: 23087
x-served-by: cache-hhn4041-HHN
last-modified: Tue, 01 Mar 2022 02:46:30 GMT
server: Cowboy
x-timer: S1646412278.598835,VS0,VE0
date: Fri, 04 Mar 2022 16:44:37 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

POST
H2 200 printnplay Show response
www.valottery.com/api/v1/ 3 KB
3 KB 210ms
210ms XHR
application/json 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/printnplay

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20220301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8dc85c136722cbb3de6613482af2320d895fbc67d9c1e5cd30d73c1b841a375d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.valottery.com/printnplay
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 2762
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 getIds Show response
s1.listrakbi.com/hDU7VeqGarZm/session/ 175 B
1 KB 538ms
504ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/hDU7VeqGarZm/session/getIds?callback=ltkCallback4039&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19c7d1d69f8dd1b14ff9581603cf4e27d5374e788960363c985dacd691c547fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 6e6c13df0bc75c0e-FRA
expires: -1

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 476ms
403ms Script
text/javascript 104.18.13.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
cf-ray: 6e6c13df6f9b696a-FRA
x-aspnet-version: 4.0.30319
content-length: 2729

GET
H2 200 455.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/ 344 KB
150 KB 119ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) / ASP.NET
Resource Hash: 0733fbe49ba9b5270d3cc568bda8723fa6cd5f563720408bfd76f679c94a03ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "7c7c4b56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8FA5)
age: 2010509
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 153500

GET
H2 200 456.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/ 63 KB
27 KB 138ms
30ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/456.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F7A) / ASP.NET
Resource Hash: 9ec97f41c752ddfed05af92b7a626a4d6c9fa711c34b808478733a5b707469c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "ba184c56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8F7A)
age: 2010509
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 27291

GET
H2 200 video-js.css
cdn.valottery.com/live-draw-show/ Frame 04E1 44 KB
10 KB 13ms
12ms Stylesheet
text/css 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video-js.css
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: br
x-azure-ref-originshield: 0+3MhYgAAAABnisDIgLRTQJZB1IjzWxveQU1TMDRFREdFMTkwOAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: nSwg8y0lCcUL3Lkjn7m2Lg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F43953E7
x-azure-ref: 09UEiYgAAAADRrgF+HUvvQ5vintqAn1BkRlJBRURHRTEwMTkANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6b61bd59-a01e-00aa-1044-2eec3d000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 video.js Show response
cdn.valottery.com/live-draw-show/ Frame 04E1 2 MB
335 KB 15ms
14ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: br
x-azure-ref-originshield: 0N6EhYgAAAADLBrF+V3bmQJvt1LJeyo6WQU1TMDRFREdFMTgxNwA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: TRBMje7ARKMlSRoICa/OUw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F470C1CB
x-azure-ref: 09UEiYgAAAABNengZbNQAT7QKhVsYXQ/MRlJBRURHRTEwMTkANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 08cfb8c2-801e-0131-7e03-2f2750000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 videojs-http-streaming.js Show response
cdn.valottery.com/live-draw-show/ Frame 04E1 937 KB
185 KB 27ms
26ms Script
application/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/videojs-http-streaming.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Mar 2022 16:44:36 GMT
content-encoding: br
x-azure-ref-originshield: 0oY8fYgAAAAAq0DJxWO7sS6nxcrxkX2m1QU1TMDRFREdFMTkwOQA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: ALiRz1YETu9PeIDWre8EIA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F4551E67
x-azure-ref: 09UEiYgAAAAAnIszdvZl3RYyPAaP+IW2uRlJBRURHRTEwMTkANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 50afdd33-501e-00b4-50e1-2d36d0000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json Show response
www.zmbl.co/targets/ 1 KB
1 KB 9ms
8ms XHR
application/json 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Requested by

Host: www.zmbl.co
URL: https://www.zmbl.co/build/zmbl.js?v=3.1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json
Referer: https://www.valottery.com/
X-Zembula-Enabled: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
etag: W/"47eeb1a8196720b83ec6c2f7e6df39ab"
age: 307054
x-cache: HIT
access-control-max-age: 600
content-length: 542
via: 1.1 vegur, 1.1 varnish
x-request-id: 210cd608-8f9b-4c87-9584-7847f4f1f281
x-served-by: cache-hhn4041-HHN
x-runtime: 0.147322
x-content-digest: fc1a9ec1fb7a2d96b14a46f4bfbec0f26a46ebad
server: Cowboy
x-timer: S1646412278.051457,VS0,VE1
x-frame-options: ALLOWALL
date: Fri, 04 Mar 2022 16:44:38 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valottery.com
access-control-expose-headers
cache-control: public, no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
x-rack-cache: stale, valid, store
x-cache-hits: 1

OPTIONS
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json
www.zmbl.co/targets/ Frame 0
0 424ms
368ms Preflight 151.101.66.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-zembula-enabled
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Cowboy
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers
access-control-max-age: 600
strict-transport-security: max-age=63072000; includeSubDomains
content-encoding: gzip
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Fri, 04 Mar 2022 16:44:38 GMT
age: 0
x-served-by: cache-hhn4081-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1646412278.681569,VS0,VE361
vary: Accept-Encoding, Fastly-Orig-Host
access-control-allow-origin: https://www.valottery.com
access-control-allow-credentials: true
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
content-length: 20

GET
BLOB 200
OK 17d35a83-3cf1-46a8-a618-f7a88e0b62af
https://www.valottery.com/ Frame 04E1 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/17d35a83-3cf1-46a8-a618-f7a88e0b62af
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
2 KB 10ms
8ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-130-11.fra60.r.cloudfront.net
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 03 Mar 2022 18:05:22 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 81555
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jul 2021 14:43:11 GMT
Server: cloudflare
ETag: W/"f064b7ba3e7ed71:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type: text/css
Via: 1.1 5ddb18e15e6b0ed6114111e515bddc66.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
CF-RAY: 6e5592baae069225-FRA
X-Amz-Cf-Id: umhYABYAlltxZm_oXGJlgUID7rFLrjhGq6BMh2BvvigBZzMwrcIiKg==

GET
BLOB 200
OK 86a93ad8-8df0-43df-a540-464ae9c9084a
https://www.valottery.com/ Frame 04E1 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/86a93ad8-8df0-43df-a540-464ae9c9084a
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 7a5dbb27be9e4845b902647b334625da.m3u8 Show response
content.uplynk.com/channel/ Frame 04E1 2 KB
888 B 421ms
228ms XHR
application/vnd.apple.mpegurl 2a05:d018:11d:9e00:46da:9128:6bdf:45e9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da.m3u8

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:11d:9e00:46da:9128:6bdf:45e9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

68fa945ee99282e0899c99dd01fa82a5596283638a56cfa215e3517637acb0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 54b1907f5f7c4259a64133fe28be6b8c
content-length: 570
x-content-type-options: nosniff

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 169 KB
62 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

df125a910c290b45d3401bef8b03d360729727eadb6d5d215c558f8a062b31ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63502
x-xss-protection: 0
expires: Fri, 04 Mar 2022 16:44:37 GMT

GET
H2

200

50kblackjack_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/50KBlackjack_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/50kblackjack_pnp_teaser.ashx

45 KB
45 KB

176ms
175ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/50kblackjack_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7e4c85fef48c00ec27d7cce954afd2c0f49e9ee47bf25631cdcb3b3eb2cc6fe2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 23:48:08 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="50KBlackjack_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 45646
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/50kblackjack_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 216
x-xss-protection: 1; mode=block

GET
H2

200

blackjack_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/Blackjack_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/blackjack_pnp_teaser.ashx

41 KB
41 KB

158ms
158ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/blackjack_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9a1808eed8808b7625404cc0ef260b1ec62ea5cf336af6b58cb92077e932d259

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 08 May 2018 17:51:36 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Blackjack_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 41820
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/blackjack_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 213
x-xss-protection: 1; mode=block

GET
H2

200

bullseyebingo_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/BullseyeBingo_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/bullseyebingo_pnp_teaser.ashx

47 KB
47 KB

186ms
185ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/bullseyebingo_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

efe443f7d9e4bcfdcb09a1789af20a5c1327bc5878589c7314cdc9e7aed2b83c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2017 15:30:37 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BullseyeBingo_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 48126
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/bullseyebingo_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 217
x-xss-protection: 1; mode=block

GET
H2

200

goldbarbingo_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/GoldBarBingo_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/goldbarbingo_pnp_teaser.ashx

49 KB
49 KB

172ms
171ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/goldbarbingo_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

898fbb7cb5036b501280d6ff2e2bc3fea5468058e1706393f5e9959183e5a4a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2017 15:30:38 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="GoldBarBingo_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 50387
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/goldbarbingo_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 216
x-xss-protection: 1; mode=block

GET
H2

200

luckybingo_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/LuckyBingo_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/luckybingo_pnp_teaser.ashx

44 KB
44 KB

160ms
159ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/luckybingo_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

80c34d86e11753772f995dbe91da531f63b7bbcb2bc77353f76cca6297a3bb99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2017 15:30:38 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="LuckyBingo_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 45283
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/luckybingo_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 214
x-xss-protection: 1; mode=block

GET
H2

200

pnp_thumbnail_3luckyclovercw.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_3luckyclovercw.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_3luckyclovercw.ashx

14 KB
14 KB

167ms
167ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_3luckyclovercw.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e166be0c8725f6616499a81bbec4bf0990b2c61d1445b7c73e43b6220f8a4758

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:54:22 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="pnp_thumbnail_3luckyclovercw.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14393
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_3luckyclovercw.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 221
x-xss-protection: 1; mode=block

GET
H2

200

pnp_thumbnail_2luckydaycw.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_2luckydaycw.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_2luckydaycw.ashx

14 KB
14 KB

181ms
180ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_2luckydaycw.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f46604c0a8397050070dbe4b21ac7ad0558abba076839c44cd8dba4fd4eb9593

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:53:50 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="pnp_thumbnail_2luckydaycw.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14273
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_2luckydaycw.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 218
x-xss-protection: 1; mode=block

GET
H2

200

pnp_thumbnail_5luckyhorseshoecw.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_5luckyhorseshoecw.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_5luckyhorseshoecw.ashx

14 KB
14 KB

168ms
168ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_5luckyhorseshoecw.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f141008653c5c5c21a29d1568e2434a5eb5631e3eeae2e3b4c0f905d3f14ffbf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:55:24 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="pnp_thumbnail_5luckyhorseshoecw.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 13859
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_5luckyhorseshoecw.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 224
x-xss-protection: 1; mode=block

GET
H2

200

pnp_thumbnail_10luckystarcw.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/pnp_thumbnail_10luckystarcw.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_10luckystarcw.ashx

14 KB
14 KB

180ms
179ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_10luckystarcw.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1c8b07cc40591474d7b7bd6b1119c8c2a55cf6bddb39da08cb8356a4b8bafc4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:54:51 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="pnp_thumbnail_10luckystarcw.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 14622
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/pnp_thumbnail_10luckystarcw.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 220
x-xss-protection: 1; mode=block

GET
H2

200

rockinbingo_pnp_teaser.ashx
www.valottery.com/-/media/val/images/print-n-play-images/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Print-N-Play-Images/RockinBingo_PnP_teaser.ashx
https://www.valottery.com/-/media/val/images/print-n-play-images/rockinbingo_pnp_teaser.ashx

46 KB
46 KB

167ms
166ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/print-n-play-images/rockinbingo_pnp_teaser.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

263055737fd1e299504dfa9bfddc888d2a3c8ebafeef1f5445339651dcd9179a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/printnplay
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 31 Jan 2018 23:59:06 GMT
server
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="RockinBingo_PnP_teaser.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 47175
x-xss-protection: 1; mode=block
expires: Fri, 11 Mar 2022 16:44:38 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/print-n-play-images/rockinbingo_pnp_teaser.ashx
date: Fri, 04 Mar 2022 16:44:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 215
x-xss-protection: 1; mode=block

GET
H3

200

activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
8930728.fls.doubleclick.net/ Frame 302D
Redirect Chain

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?
https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.va...

490 B
412 B

108ms
61ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

f0610af23a430aba94aa59d905efeccfd4b7f64d59b560a5c97c5ddb62dd0f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 144ms
41ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2385
date: Fri, 04 Mar 2022 16:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 18:04:52 GMT

GET
H3

200

activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
6528888.fls.doubleclick.net/ Frame 92E5
Redirect Chain

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?
https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F...

499 B
419 B

116ms
64ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

281560f09537b5913fa1aab92030968a3505a947dc3792a958b9d1af8b724985

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:37 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/virginialottery/production/ 110 KB
24 KB 127ms
50ms Script
application/javascript 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 1fdd61841febd62e9d7add2cbfc22f6a61df1df1edb0e84712838b917c0faa27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
age: 8594
x-cache: Hit from cloudfront
status: 200
content-length: 23933
access-control-allow-origin: *
last-modified: Tue, 01 Mar 2022 16:22:57 GMT
server: nginx/1.18.0
etag: W/"be46c66928bc9ddb16b9963ab1ffa80c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 4b_fOwvC6xMKoPrH5bILfuC_Tsqj50LHQkqFP58HtXbTzZeiJpJcZA==
expires: Fri, 04 Mar 2022 18:21:23 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: 9MCq8k8eKZR/aw/ehRUgB9iTq7ynHE3TLV54yNvnc0tUrUdWW4p/Y4fmPfT+PHn/ASWwhZHO7KxxE8JS40PvUg==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 04 Mar 2022 16:44:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_77148.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 110ms
66ms Script
application/javascript 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_77148.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4886
cf-ray: 6e6c13e0cbe76945-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8089
x-amz-id-2: xo1JQJkxuA2FIv7xaW6aIHfByeDa7tJZKI5KwHEzyTgmw3WGa717uGoK++86h+EBHmF7t/5vQb0=
last-modified: Tue, 22 Jun 2021 14:44:58 GMT
server: cloudflare
etag: "338e574f139b53e598851d6c150d2e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c08R4eWCMDZfNe%2FIHJlsu%2B8oQLl8cqCRnU%2F0xYCmH4rMkoJaf8VmQzxbR3SwJP50n9wua9JRJu7rET98JTVRZs2W8CQHIzgxJzKJ1WcWOXTrILDCpCLaTBgKiJYl4KeKpuCCrSieTp3R6QwpAaN7V2ILiEzuzOI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 0NJM7WNMESAGRCDF
cache-control: max-age=86400, no-transform
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 27249216.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 57ms
7ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/27249216.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
age: 52758521
x-cache: HIT
x-cache-hits: 1977
content-length: 5672
x-served-by: cache-fra19136-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1646412278.884571,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
BLOB 200
OK 3a653bc7-f652-4068-946f-b40ba98a04c1
https://www.valottery.com/ Frame 04E1 23 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/3a653bc7-f652-4068-946f-b40ba98a04c1
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 23533
Content-Type: application/javascript

GET
H2 200 app-bundle~widgets-sport.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~appBl/ 42 KB
17 KB 10ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~appBl/app-bundle~widgets-sport.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2B) / ASP.NET
Resource Hash: 9329e147ca7ed493d13ebbc9f37e30d5671005749a1dc224219fd896eb817ea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "e5f6ca57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F2B)
age: 2010509
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 16954

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~appBl/ 512 KB
208 KB 36ms
35ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~appBl/app-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8D) / ASP.NET
Resource Hash: 71e4e4e66ce5a64b0ccbe189ef39cab5de0a33927649a6769c94d0f38746b20d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "5ccfca57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8E8D)
age: 2010509
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 213182

GET
H2 200 55.css
download.gamesrv1.com/secure/MWC/2022.01_506823/ 145 KB
33 KB 66ms
65ms Stylesheet
text/css 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/55.css
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBB) / ASP.NET
Resource Hash: ae654571ad0da6b6e5ed28f16ca8cedefe245dcc4af3ebf583a82b0719366c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "3495d56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8FBB)
age: 2014396
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 33923

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/appBl/ 863 KB
245 KB 11ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/appBl/app-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E98) / ASP.NET
Resource Hash: 400b28227b088106346a7a2dfb0079fa5cf6998b65580ef61c8f67edc7a4d6f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
content-encoding: gzip
etag: "93a55d56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8E98)
age: 2014396
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 250815

GET
H3 200 509692809681502 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 110ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509692809681502?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

478d8705022f85e3cf6f1050379ea852fa0c457e47ed5aef356f4f60807580e3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: cxRG9IoQmCYdjy4oqa/R9HBY26mB+E7Kg5P327SB0gKJ/0QOSIXgd2i8ktuJi/u82VMQ3awZ2dfTzWGCid9NUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 04 Mar 2022 16:44:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
173 B 61ms
60ms Ping
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J0YJNS3PS0&gtm=2oe320&_p=1635421914&_z=ccd.B&cid=1780578969.1646412278&ul=en-us&sr=1600x1200&_s=1&sid=1646412277&sct=1&seg=0&dl=https%3A%2F%2Fwww.valottery.com%2Fprintnplay&dt=Print%20%27n%20Play%20Bingo%20Crossword%20Blackjack%20%7C%20Virginia%20Lottery&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 glyphicons-halflings-regular.woff
download.gamesrv1.com/secure/MWC/2022.01_506823/assets/base/fonts/ 23 KB
23 KB 34ms
10ms Font
font/x-woff 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/55.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F9C) / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://download.gamesrv1.com/secure/MWC/2022.01_506823/55.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:37 GMT
etag: "374f6156e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8F9C)
age: 2014396
x-powered-by: ASP.NET
x-cache: HIT
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 23320

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.1.2-mp/ 81 KB
27 KB 27ms
11ms Script
application/javascript 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.1.2-mp/mpathy-modern.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 19:13:38 GMT
content-encoding: gzip
age: 1546259
x-cache: Hit from cloudfront
status: 200
content-length: 26751
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 15:05:31 GMT
server: nginx/1.18.0
etag: W/"809a12b3d845af05b552212f8a272cee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 13QjSY-9yngWmKp1Mxryes63EdY3NuWSF1RYMs9R2hNa16WV6aMCaw==
expires: Mon, 14 Mar 2022 19:13:38 GMT

GET
H3 200 css2
fonts.googleapis.com/ 739 B
381 B 98ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titan+One&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5382d3b5d6d6695c71f85a10d1241517f648993754326497f17b5ff550a6e76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:58:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 16:44:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 16:44:38 GMT

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.14.5-fs/ 58 KB
19 KB 19ms
19ms Script
application/javascript 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.utils.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 04:26:19 GMT
content-encoding: gzip
age: 1858699
x-cache: Hit from cloudfront
status: 200
content-length: 19338
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.18.0
etag: W/"20da4972d4302e2944463977d82cdf65"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: oDVrPS3ai0r_SV8110MGzY3YBBLdbpJZq6XmRXw1hNpgqAVFz2zNtw==
expires: Fri, 11 Mar 2022 04:26:19 GMT

GET
H2 200 fs.compress.js Show response
gateway.foresee.com/code/19.14.5-fs/ 31 KB
12 KB 26ms
26ms Script
application/javascript 18.66.139.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.compress.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.139.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-139-32.fra60.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 08:57:16 GMT
content-encoding: gzip
age: 200843
x-cache: Hit from cloudfront
status: 200
content-length: 11641
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.18.0
etag: W/"6f6ff76e4273c8dcc527c14eb8b24744"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: X-Requested-With
x-amz-cf-id: J1rCwDSLCrTSJx4PXoRuYPXJisJGn3Cv74f5imsBAEb3iLy6lFxGFg==
expires: Wed, 30 Mar 2022 08:57:15 GMT

GET
H/1.1 200
OK image.aspx
77148.global.siteimproveanalytics.io/ 34 B
620 B 89ms
11ms Image
image/gif 18.197.184.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://77148.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.valottery.com%2Fprintnplay&title=Print%20%27n%20Play%20Bingo%20Crossword%20Blackjack%20%7C%20Virginia%20Lottery&res=1600x1200&accountid=77148&rt=2539&prev=1802b721-85c0-dc31-6b43-47ee17d563ad&luid=57359c48-4559-9fba-b8d5-fded08f0b392&rnd=29278
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/printnplay
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.184.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-184-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 16:44:38 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Fri, 04 Mar 2022 16:44:38 UTC
Connection: keep-alive
Content-Length: 34
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 63ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1732052-1&cid=1780578969.1646412278&jid=145023287&gjid=1421354066&_gid=2073475959.1646412278&_u=YCDAiEABBAAAAE~&z=578725884

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 04 Mar 2022 16:44:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 101ms
53ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1635421914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2Fprintnplay&ul=en-us&de=UTF-8&dt=Print%20%27n%20Play%20Bingo%20Crossword%20Blackjack%20%7C%20Virginia%20Lottery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABB~&jid=145023287&gjid=1421354066&cid=1780578969.1646412278&tid=UA-1732052-1&_gid=2073475959.1646412278&gtm=2wg320T3WQN9J&z=434184699

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Mar 2022 23:20:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62652
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 27ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=PageView&dl=https%3A%2F%2Fwww.valottery.com%2Fprintnplay&rl=&if=false&ts=1646412278073&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646412278072.1440615404&it=1646412277897&coo=false&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 04 Mar 2022 16:44:38 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 152ms
63ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1732052-1&cid=1780578969.1646412278&jid=145023287&_u=YCDAiEABBAAAAE~&z=843630985

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 153ms
62ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1732052-1&cid=1780578969.1646412278&jid=145023287&_u=YCDAiEABBAAAAE~&z=843630985

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/printnplay

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame 04E1 11 KB
849 B 636ms
607ms XHR
application/vnd.apple.mpegurl 2a05:d018:11d:9e00:46da:9128:6bdf:45e9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=1d82e159a7c048858303d30029fc63fd

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:11d:9e00:46da:9128:6bdf:45e9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

30d00c6a611486e10d8fc0024c28194455d41cbb72830ba6bf3ff61c2f348574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 5bb5a8e8ea1245e3b34bd21a122bde83
content-length: 532
x-content-type-options: nosniff

GET
H2 200 dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
adservice.google.com/ddm/fls/i/ Frame FA96 498 B
864 B 161ms
74ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Requested by

Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/activityi;dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adcfb310cf5255bfb5e31e3b701a4a4a1860fa56064a3a0dae59affc28de55ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 395
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
adservice.google.com/ddm/fls/i/ Frame 28AA 489 B
458 B 162ms
75ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc773ae924ccc39bed1de135f1499f3fd7f423b640298634ea36b37c633ef8ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
6528888.fls.doubleclick.net/ddm/fls/r/ Frame F8D0
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.v...
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F...

330 B
294 B

55ms
55ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3

200

dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay Show response
8930728.fls.doubleclick.net/ddm/fls/r/ Frame CAE5
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery....
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.va...

2 KB
1 KB

54ms
54ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
expires: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1059
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 04 Mar 2022 16:44:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2

200

nspix
action.media6degrees.com/orbserv/ Frame CAE5
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

43 B
166 B

137ms
136ms

Image
image/gif

2606:4700::6812:b4f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 2606:4700::6812:b4f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e6c13e88fa39944-FRA
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 43

Redirect headers

date: Fri, 04 Mar 2022 16:44:39 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
content-type: text/html; charset=iso-8859-1
access-control-allow-origin: *
cf-ray: 6e6c13e62aec9944-FRA

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/ Frame CAE5 8 KB
2 KB 187ms
168ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b9c55bf736a204d8d2f461c9d99413cc5b09dcefdf10a74f55d0d4a9e84922

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2002
x-function: 151
last-modified: Fri, 13 Aug 2021 06:35:37 GMT
server: cloudflare
x-reuse-index: 287
etag: 15931214585575860902
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 6e6c13e5aaf49b8f-FRA
expires: Fri, 04 Mar 2022 17:44:38 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame CAE5 70 B
260 B 101ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=k5obd07&ct=0:e9md8kf&fmt=3
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame CAE5 3 KB
4 KB 155ms
106ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Ftk7PpbPclTkT6QJcVMk
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame CAE5 3 KB
4 KB 155ms
107ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Ftk7PpcA62iZ4rQBXDWn
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame F8D0 70 B
261 B 101ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=d7dwi9z&ct=0:s2xb1ei&fmt=3
Requested by: Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CL_47tfzrPYCFSFDHQkdfEQB9g;src=6528888;type=count0;cat=sitev03v;ord=1;num=4334489642542;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK sambaTag.js Show response
tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame CAE5 3 KB
3 KB 63ms
15ms Script
application/javascript 13.225.80.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-62.fra2.r.cloudfront.net
Software: /
Resource Hash: 6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 15:40:00 GMT
Via: 1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
Age: 3878
Transfer-Encoding: chunked
Access-Control-Allow-Methods: HEAD,OPTIONS,GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C2
Access-Control-Allow-Headers: Content-Type, Authorization
X-Amz-Cf-Id: KVclDoxRdj7BOxBPDsX8DZIiy-N8JtdYIpnpQsG6U6iIjTl6T0mr7Q==

GET
H2 200 load Show response
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame CAE5 729 B
979 B 323ms
97ms XHR
application/json 100.24.222.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/load?sa_referrer=https%3A%2F%2Fadservice.google.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLzI79fzrPYCFaZEHQkdnWkNpg%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D673017821216%3Bgtm%3D2wg320%3Bauiddc%3D185396228.1646412278%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252Fprintnplay&c=1646412278706
Requested by: Host: tag.mtrcs.samba.tv
URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.222.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-222-57.compute-1.amazonaws.com
Software: /
Resource Hash: 57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:38 GMT
access-control-allow-headers: Content-Type, Authorization
content-length: 729
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: application/json

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame CAE5 678 B
714 B 172ms
171ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7986631924
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f3600c6f4c6522e99739189546f042b38284a9c2a39f97719cb4867be14d98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 84
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 6e6c13e6bdb09b8f-FRA
expires: Thu, 02 Jun 2022 16:44:38 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame CAE5 756 B
1 KB 15ms
15ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=87665&cb=sifi_att_17963502272._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

f20c0645501fa034f9c5e952fd434fd50faa29f709f29a913940dfbc6f87907b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

10ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=389A7FB1EDC946E39E0BA0C82961E40C&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 04 Mar 2022 16:44:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=389A7FB1EDC946E39E0BA0C82961E40C

43 B
183 B

326ms
101ms

Image
image/gif

2600:1f18:612b:4232:2bcd:329f:3664:7fb6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 2600:1f18:612b:4232:2bcd:329f:3664:7fb6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame CAE5
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C

95 B
426 B

20ms
20ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=389A7FB1EDC946E39E0BA0C82961E40C
date: Fri, 04 Mar 2022 16:44:38 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/ Frame CAE5
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=389A7FB1EDC946E39E0BA0C82961E40C
https://d.agkn.com/pixel/10751/?che=1646412278&ip=185.213.155.162&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164990404080000410306
https://um.simpli.fi/aa_px?sk=164990404080000410306

43 B
361 B

13ms
13ms

Image
image/gif

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164990404080000410306

Requested by

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:38 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164990404080000410306
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame CAE5
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=389A7FB1EDC946E39E0BA0C82961E40C

0
0

43ms
7ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame CAE5 43 B
409 B 56ms
14ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame CAE5 43 B
409 B 17ms
14ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame CAE5
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=389A7FB1EDC946E39E0BA0C82961E40C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=389A7FB1EDC946E39E0BA0C82961E40C;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2060711289735890200

0
0

8ms
8ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2060711289735890200
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2060711289735890200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame CAE5
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0&xl8blockcheck=1

0
755 B

32ms
31ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0&xl8blockcheck=1
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 04 Mar 2022 16:44:39 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=389A7FB1EDC946E39E0BA0C82961E40C&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame CAE5 43 B
409 B 18ms
15ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=389A7FB1EDC946E39E0BA0C82961E40C

0
421 B

446ms
100ms

Image
text/plain

3.210.99.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Server: 3.210.99.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-99-203.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 04 Mar 2022 16:44:39 GMT

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/ Frame CAE5
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=389A7FB1EDC946E39E0BA0C82961E40C

62 B
603 B

193ms
145ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 16:44:39 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

200

tpid=389A7FB1EDC946E39E0BA0C82961E40C
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame CAE5
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C

49 B
543 B

53ms
53ms

Image
image/gif

54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.81
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=389A7FB1EDC946E39E0BA0C82961E40C
cache-control: no-cache
x-server: 10.45.14.137
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=389A7FB1EDC946E39E0BA0C82961E40C

0
348 B

423ms
139ms

Image
text/plain

63.251.14.14
INTERNAP-BLOCK-4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Server: 63.251.14.14 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:39 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap1sea1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=389A7FB1EDC946E39E0BA0C82961E40C

0
66 B

62ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:38 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame CAE5
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1646412278839&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
64 B

105ms
56ms

Image
image/gif

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9kEiYp6hOsPKx_APmdGMsAE&cid=CAQSKQCNIrLMzRi5sNPlrJlGp0j7fdHhyfKo4rrVC31lzvcntuyNbw_GfWDq&random=4222829368&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=518844720&cv=7&fst=1646412278839&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=9kEiYp6hOsPKx_APmdGMsAE&cid=CAQSKQCNIrLMzRi5sNPlrJlGp0j7fdHhyfKo4rrVC31lzvcntuyNbw_GfWDq&random=4222829368&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C&__user_check__=1&sync_id=61f8cc76-9bda-11ec-a415-191344880406

43 B
548 B

18ms
18ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C&__user_check__=1&sync_id=61f8cc76-9bda-11ec-a415-191344880406
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 16:44:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 04 Mar 2022 16:44:39 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=389A7FB1EDC946E39E0BA0C82961E40C&__user_check__=1&sync_id=61f8cc76-9bda-11ec-a415-191344880406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=389A7FB1EDC946E39E0BA0C82961E40C
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D389A7FB1EDC946E39E0BA0C82961E40C

43 B
1 KB

18ms
17ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D389A7FB1EDC946E39E0BA0C82961E40C

Requested by

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:39 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 959208fd-822a-4a13-8d2a-3a4f61a3e609
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:39 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f4c779a-0047-47ac-b769-db287babb503
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D389A7FB1EDC946E39E0BA0C82961E40C
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame CAE5
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=389A7FB1EDC946E39E0BA0C82961E40C&expires=365

0
239 B

31ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=389A7FB1EDC946E39E0BA0C82961E40C&expires=365
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=389A7FB1EDC946E39E0BA0C82961E40C&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CAE5
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=389A7FB1EDC946E39E0BA0C82961E40C

43 B
274 B

58ms
26ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=389A7FB1EDC946E39E0BA0C82961E40C
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:38 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 04 Mar 2022 16:44:38 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=389A7FB1EDC946E39E0BA0C82961E40C
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 03 Mar 2022 16:44:38 GMT

GET
H2

204

g_match
um.simpli.fi/ Frame CAE5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEK3EUSJZUJPck6cAuCY9OEQ&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=389A7FB1EDC946E39E0BA0C82961E40C
https://um.simpli.fi/g_match?id=

0
320 B

14ms
14ms

Image
text/plain

159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 03 Mar 2022 16:44:39 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CAE5
Redirect Chain

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223225111915%22%2C%22th%22%3A7986631924%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aomneMWPjm3GU50F3ZcUAmmR9QSPWs9Gf%22%2C%22url%22%3A%22htt...
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=4274990490468413699&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662291904319484

43 B
1 KB

28ms
28ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662291904319484

Requested by

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:39 GMT
X-Proxy-Origin: 185.213.155.162; 185.213.155.162; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b2e55f01-0b55-4213-b24c-1486a3e6b3fc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 16:44:39 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6e6c13e94a328fe0-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662291904319484
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 impression
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame CAE5 0
214 B 292ms
97ms Image
text/plain 100.24.222.57
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/impression?sa_referrer=https%3A%2F%2Fadservice.google.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCLzI79fzrPYCFaZEHQkdnWkNpg%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D673017821216%3Bgtm%3D2wg320%3Bauiddc%3D185396228.1646412278%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252Fprintnplay&c=1646412278706&
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CLzI79fzrPYCFaZEHQkdnWkNpg;src=8930728;type=pagev0;cat=valot0;ord=673017821216;gtm=2wg320;auiddc=185396228.1646412278;~oref=https%3A%2F%2Fwww.valottery.com%2Fprintnplay
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.222.57 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-222-57.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Mar 2022 16:44:39 GMT
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: HEAD,OPTIONS,GET

GET
H2 200 index.html Show response
download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame/ Frame CD49 172 B
341 B 8ms
8ms Document
text/html 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame/index.html
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F49) / ASP.NET
Resource Hash: 8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 2014397
cache-control: public,max-age=31536000
content-type: text/html
date: Fri, 04 Mar 2022 16:44:39 GMT
etag: "5bfbd157e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F49)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
x-robots-tag: noindex, nofollow
content-length: 234

GET
H2 200 xd-local-storage-shared-frame-loader.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823// Frame CD49 2 KB
1 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame-loader.js
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F18) / ASP.NET
Resource Hash: e67a7d4b0914d95c578128b351971a60fad34989ebdeba18567dd83b75bf3396

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://download.gamesrv1.com/secure/MWC/2022.01_506823//xd-local-storage-shared-frame/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "ba23d257e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F18)
age: 2014397
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1230

GET
H2 200 branding.css.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/ 47 KB
11 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/branding.css.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F21) / ASP.NET
Resource Hash: 4081f23f7872bc1378bbdbe7dd1e6e47a6c9a368c26c2c092671d1b163621d9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "a35f8856e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:31 GMT
server: ECAcc (frc/8F21)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11654

GET
H2 200 icons.css.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/ 16 KB
3 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/icons.css.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F26) / ASP.NET
Resource Hash: 2637919451798ced0509dac3aafa8299aef9c2287c9d531b0ece651755c6c6b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "7ef88a56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:31 GMT
server: ECAcc (frc/8F26)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3094

GET
H2 200 regulation-va.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/regulationCustomization/regulation/ 7 KB
3 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/regulationCustomization/regulation/regulation-va.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF8) / ASP.NET
Resource Hash: ef7fb10ebb4fcafccc57341ac90ec67336d2f166e7573a9066cff62b061d37e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "e4fac857e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8FF8)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3298

GET
H3 200 css Show response
fonts.googleapis.com/ 10 KB
752 B 103ms
50ms XHR
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 16:44:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 16:44:39 GMT

GET
H3 200 css
fonts.googleapis.com/ 10 KB
752 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/appBl/app-bundle.js?v=2022.01_506823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 16:34:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 16:44:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 16:44:39 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 216 KB
73 KB 71ms
71ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~appBl/app-bundle.js?v=2022.01_506823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d809227eba0fd85a850ab1e97b4f14f76fe9815bd68a0648f81ee34347b6faab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74877
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Mar 2022 16:44:39 GMT

GET
H2 200 login-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/login/ 33 KB
11 KB 11ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/login/login-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E8B) / ASP.NET
Resource Hash: 8aebe5f99e6bcd033c5e1120a09392b66060c62e46e6c2f3856b232a2b2ef8ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "239a657e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8E8B)
age: 2014397
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11453

GET
H2 200 base-bundle-uxt-3~6be9331b.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 161 KB
83 KB 12ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3~6be9331b.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F29) / ASP.NET
Resource Hash: 903d89278590ef98b21e28d5b7174f3e3a3ac9608521b99096db355132dedbec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "a19cd57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F29)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 84681

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 292 KB
105 KB 20ms
19ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F27) / ASP.NET
Resource Hash: d782a913920f881387e1358fc2437c2c2d60cc54a9b6a29288570032efc58d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "e87ccc57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F27)
age: 2014397
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 107822

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 157 KB
50 KB 29ms
28ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8D) / ASP.NET
Resource Hash: 80f55572ecaa042bcc72896cf4bd881c1f8f51668a8e1693a8f7dd50ee27995b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "ce6f9a57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F8D)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 51409

GET
H2 200 base-bundle-uxt-1.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/base/ 2 KB
915 B 9ms
8ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/base/base-bundle-uxt-1.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBA) / ASP.NET
Resource Hash: bb9b2954b0d5279e948fa01467e67eaa61da289ba26a22a3e4948dc26e6bf0a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
content-encoding: gzip
etag: "6fb9957e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8FBA)
age: 2014397
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 839

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
818 B 106ms
105ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENG&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=c98jowuei450clkm&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

63c7533e1bd8f0a6242f579c4bdf05133877243c079be168dfbf7864c2ced1e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 357
Date: Fri, 04 Mar 2022 16:44:39 GMT
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 668ms
119ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Mar 2022 16:44:39 GMT
Content-Length: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 30ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=Microdata&dl=https%3A%2F%2Fwww.valottery.com%2Fprintnplay&rl=&if=false&ts=1646412279576&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Print%20%27n%20Play%20Bingo%20Crossword%20Blackjack%20%7C%20Virginia%20Lottery%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Print%20%E2%80%98n%20Play%20offers%20you%20a%20chance%20to%20win%20great%20cash%20prizes%20instantly%E2%80%A6no%20numbers%20to%20pick%2C%20no%20playslip%20to%20fill%20out%2C%20and%20no%20waiting%20for%20a%20draw.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646412278072.1440615404&it=1646412277897&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 04 Mar 2022 16:44:39 GMT

GET
H2 200 Lang_ENU.json Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/assets/lang/124/ 284 KB
81 KB 11ms
10ms XHR
application/json 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/assets/lang/124/Lang_ENU.json?bid=506823
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/appBl/app-bundle.js?v=2022.01_506823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF6) / ASP.NET
Resource Hash: 8547ef474c08fdc4876a83992eb36f3249a66a1e33edda51130f3808e3583c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "4a1c8a57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:32 GMT
server: ECAcc (frc/8FF6)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 82899

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/cart/ 73 KB
27 KB 13ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/vendors~modules/cart/cart-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FB3) / ASP.NET
Resource Hash: 63c3a289abe0cae61370c17f3e3503457b49e75c6048560a25688a175cf602bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "8a8ecd57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8FB3)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 27217

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/cart/ 204 KB
64 KB 15ms
15ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/cart/cart-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F31) / ASP.NET
Resource Hash: 5976093398e7bcdd5c1d4e017d7bbc66f0ca51bcc70716c53c5b6f0d73637221

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "66cf9b57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F31)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 65238

GET
H2 200 dbg-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/dbg/ 61 KB
21 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/dbg/dbg-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC3) / ASP.NET
Resource Hash: d5adda8cf5ebfb9be4678e5e1bc0a4134e64d9c5af56b801282c5f191866823d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "2849f57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8FC3)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 21532

GET
H2 200 bonuses-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/bonuses/ 61 KB
20 KB 11ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/bonuses/bonuses-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F0F) / ASP.NET
Resource Hash: 917b746a81bd96a3e64cb8ea0b278b62e380f1789f9f787f0af561dcb7657c62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "29819b57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8F0F)
age: 2010501
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 20384

GET
H2 200 53.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/ 47 KB
15 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/53.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC4) / ASP.NET
Resource Hash: b237a7f9b1c7a551c46a0f6915b98c14f9cb06efcb121c878c33c130893cbdd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "42945c56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:30 GMT
server: ECAcc (frc/8FC4)
age: 2014396
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 15099

GET
H2 200 dbg-game-bundle.js Show response
download.gamesrv1.com/secure/MWC/2022.01_506823/modules/dbg-game/ 241 KB
71 KB 12ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/modules/dbg-game/dbg-game-bundle.js?v=2022.01_506823
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA8) / ASP.NET
Resource Hash: 8c9615c0afa69004bbf7eb589e050eb0141cf1db3b56714164bdfcfc0a3e8b16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:40 GMT
content-encoding: gzip
etag: "66a09f57e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:33 GMT
server: ECAcc (frc/8EA8)
age: 2014396
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 72600

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 77 KB
14 KB 137ms
137ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225&cm=GGL&rst=j&uniqueNoCache=1646412280487

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

3676afb609f0a6d60ff55c86cdb39e9aadc1aa45a3063d04f702299233be917e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 13025
Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:40 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 112ms
112ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=6hmxrpyzgh9pk8ux&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Mar 2022 16:44:40 GMT
Content-Length: 0

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
817 B 731ms
730ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

0dc8cd14c8491035aaead1af1f55365c90e1eb29370517bedcca36381c59a4b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 356
Date: Fri, 04 Mar 2022 16:44:41 GMT
Expires: -1

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame 04E1 11 KB
857 B 372ms
372ms XHR
application/vnd.apple.mpegurl 2a05:d018:11d:9e00:46da:9128:6bdf:45e9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=1d82e159a7c048858303d30029fc63fd

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:11d:9e00:46da:9128:6bdf:45e9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

36825ede67f531e47e9332ee4bd7c95ddd26d7567cad11ceeb72c8b10dbe9a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:41 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 92d7c262ac1744c3adf0b82c6478c4ca
content-length: 540
x-content-type-options: nosniff

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 115ms
115ms Preflight 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=G&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=q1bs5hqs1tpviwpq&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Mar 2022 16:44:41 GMT
Content-Length: 0

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 25 KB
5 KB 111ms
110ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

b81be540931afd6454789db55a2d5b1faf0294c3bcd70a64ed93a8b6d5830ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 4400
Date: Fri, 04 Mar 2022 16:44:41 GMT
Expires: -1

GET
H2 200 preloader.gif
download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/ 49 KB
49 KB 14ms
14ms Image
image/gif 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/assets/branded/124/preloader.gif?bid=506823
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FF0) / ASP.NET
Resource Hash: f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 16:44:41 GMT
etag: "cbcc8c56e91cd81:0"
last-modified: Tue, 08 Feb 2022 12:42:31 GMT
server: ECAcc (frc/8FF0)
age: 2010500
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 50456

POST
H2 200 updatesessionuser Show response
www.valottery.com/api/v1/ 85 B
324 B 108ms
107ms XHR
application/json 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/updatesessionuser

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20220301

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.valottery.com/printnplay
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Fri, 04 Mar 2022 16:44:41 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 85
x-xss-protection: 1; mode=block
expires: -1

POST
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 4 KB
3 KB 126ms
125ms XHR
application/json 8.43.83.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225&cm=GCL&rst=j

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/455.js?v=2022.01_506823

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.83.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 2563
Pragma: no-cache
Date: Fri, 04 Mar 2022 16:44:41 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET,OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Net-Token,Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Use-Net-Token,Net-Token,X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H/1.1 200
OK visit.aspx Show response
info.valottery.com/ Frame 8216 247 B
374 B 683ms
102ms Document
text/html 8.43.83.18

General

Check archive.org

Show headers Download Go to

Full URL: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=e3db6ebc-f855-427e-85c5-1ace9ddc4225
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2022.01_506823/appBl/app-bundle.js?v=2022.01_506823
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.43.83.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e478a472154b18889f517cae476788457eca6b3802463d1b362ca7a8d2946911

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

Cache-Control: no-cache
Connection: close
Content-Type: text/html
Pragma: no-cache
Content-Length: 247

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage	1970-01-20 10:50:26	Name: sambapxid Value: f02ae0a7a15d9cb3
.listrakbi.com/hDU7VeqGarZm	1970-01-23 17:00:31	Name: gsid Value: MZDrDMnOkxTcktaBE%2bo%2bCj7oIz1HHx2L9nCMT76tXyrMnw27Z89NZDz00nD4%2bbugPvZVtdMFSak%3d
www.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: aa3xb1wfibyvhom0r5d2hfiw
www.valottery.com/	1970-01-23 16:56:12	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: 515f586cb5fc47119d35e04f7654f809\|False
.valottery.com/	1970-01-20 10:05:48	Name: UniqueDeviceId Value: e3db6ebc-f855-427e-85c5-1ace9ddc4225
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ygzj4ql5bse1l4bq2xufqm4s
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: TS01f5bd3b Value: 0141e9310e6cdc0a4f2289c8a4000c1fe4e7f2c7764f2fdbedbbc255bef11057c78a6278263c9d1fde669c399b751fc87cb50e9fb6fed73bfb6756981df3eaf8fb36a3c4f3
.valottery.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.valottery.com/	1970-01-20 03:29:48	Name: _gcl_au Value: 1.1.185396228.1646412278
.valottery.com/	1970-01-20 18:51:24	Name: _ga_J0YJNS3PS0 Value: GS1.1.1646412277.1.0.1646412277.0
.valottery.com/	1970-01-21 01:20:12	Name: nmstat Value: 1802b721-85c0-dc31-6b43-47ee17d563ad
.valottery.com/	1970-01-20 18:51:24	Name: _ga Value: GA1.2.1780578969.1646412278
.valottery.com/	1970-01-20 01:21:38	Name: _gid Value: GA1.2.2073475959.1646412278
.valottery.com/	1970-01-20 01:20:12	Name: _dc_gtm_UA-1732052-1 Value: 1
.valottery.com/	1970-01-20 03:29:48	Name: _fbp Value: fb.1.1646412278072.1440615404
s1.listrakbi.com/	1970-01-20 01:30:17	Name: AWSALBCORS Value: S8iiYXwdcKmIZtI/LmpObAOFrvf6lwdD7At6JKORwBsP5utpRk9AtmP1mu2pOrhvzvd2VAIpjeJbnUSA3Ot0Xs2rjk6P6QH3Q/Ivv+PRpZZ8NO9rKZzg2nH0rJbq
.listrakbi.com/	1970-01-20 03:29:48	Name: usid Value: 317e4a6769354d22b0c829bda94bcf9a
.valottery.com/	1970-01-23 17:00:31	Name: GSIDhDU7VeqGarZm Value: 47fcdaa8-ccbc-442c-a782-2a5b5491aa0d
77148.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: C9B1F577120E440C5BC6CF2BEEAD5A6600C7A9F91DD6756BBB69D51B559910AB86E8D42ED68684BB84EB76E327E5990820D48536EA535980683E0565B95D0FB17CA405FC1E
.doubleclick.net/	1970-01-20 10:41:48	Name: IDE Value: AHWqTUnS2iUoWpLJx-ZAGRY5_qGeDdYoGHKk0PMkB1xxj0jgHqgiaLKwaKOGjDVKWx8
.simpli.fi/	1970-01-20 10:07:14	Name: suid Value: 389A7FB1EDC946E39E0BA0C82961E40C
.simpli.fi/	1970-01-20 01:30:17	Name: uid_syncd_secure Value: true
.3lift.com/	1970-01-20 03:29:48	Name: tluid Value: 2232271029407148861432
.agkn.com/	1970-01-20 10:05:48	Name: ab Value: 0001%3AAC4EYbj%2B6ifkaVAAOa%2FheFT9UW5boa15
.tapad.com/	1970-01-20 02:46:36	Name: TapAd_TS Value: 1646412278953
.tapad.com/	1970-01-20 02:46:36	Name: TapAd_DID Value: 20d17499-d104-4e50-b7ed-084626505be3
.tapad.com/	1970-01-20 02:46:36	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-20 10:05:48	Name: u Value: C\|0AAAAAAAAKbT-dgAAAAAA
.pro-market.net/	1970-01-20 05:39:24	Name: anProfile Value: "fnml6pgvycyg+1+1f=1+1g=1+1j=41+rs=s+rt=2A031B200006F011000000000000002E+s2=(r88bue)+vm=24-389A7FB1EDC946E39E0BA0C82961E40C"
.pro-market.net/	1970-01-20 02:03:24	Name: anHistory Value: "fnml6pgvycyg+2+!#7')!c#.X="
.exelator.com/	1970-01-20 04:13:00	Name: EE Value: "ea8007dfd85e33a0dcb4415a1dbf12c1"
.adnxs.com/	1970-01-20 03:29:48	Name: uuid2 Value: 4274990490468413699
.exelator.com/	1970-01-20 04:13:00	Name: ud Value: "eJxrXxzq6XKLQSE10cLAwDwlLcXCNNXYONEgJTnJxMTQNNEwJSnN0CjZcHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJySX5RZvoiF9fFRSlpDItKik8F71%252F1EgCo1Cs4"
.spotxchange.com/	1970-01-20 10:05:52	Name: audience Value: 61f8cc3b-9bda-11ec-a415-191344880406
.crwdcntrl.net/	1970-01-20 07:48:58	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 07:48:58	Name: _cc_id Value: d1e38b35d17de107d9463c017be0ff1e
.bfmio.com/	1970-01-20 10:05:48	Name: __141_cid Value: 389A7FB1EDC946E39E0BA0C82961E40C
.bfmio.com/	1970-01-20 10:05:48	Name: __io_cid Value: 38dee489468c817435da83461c4bc5ba08b33dc2
.tribalfusion.com/	1970-01-20 03:29:48	Name: ANON_ID Value: alntIZdtZdPu9m7SpBnE8nh0OpJoM7ZcYeZdoUZdqvqWbyUfBH4yAATWhNZdZcrfPrp1WYLEowJHtnl8CxpfR6KJPZdtl2AsHMmiSAhJ
.adnxs.com/	1970-01-20 03:29:48	Name: anj Value: dTM7k!M4.gDunaTF']wIg2ImUMJ=?a!@wnfH8KW.dG5<#Z0s.Nq#OQMEIeA@Gm`EDG5I0Pn<jW3GllolF)@zAn'7F5aX<xf#K?xuf!5CO6E*s5%RpKu4Kc:$=4+BW)7]G().8NDY(btVP-HC_#typp-.b-Q
.valottery.com/	1970-01-20 01:30:17	Name: mpt_rate_comparator_50033 Value: 23.335193713704804\|1649004279495
.valottery.com/	1970-01-20 01:30:17	Name: mpt_vid Value: 164641227949648696\|1709484279496
www.valottery.com/	1970-01-20 01:20:13	Name: _dd_s Value: logs=1&id=03e60d17-b0e9-465c-a072-28bfda2053ee&created=1646412279540&expire=1646413179543
.valottery.com/	1970-01-20 18:50:24	Name: _4c_ Value: %7B%22_4c_s_%22%3A%22lVJNj9owEP0rls8E2WAShxtl1apVWW1pq%2B6ekOMMxCLEkeOSUsR%2F3zE4pd1bc8nM%2Bxi%2FOHOmfQUNnfNUpIJPJpKxPB%2FRPZw6Oj9TZ8rwOtI5nQouc5BFwnLOEiEYJIVSkEheZqkEOWUl0BH9FWbNUCsnmeScXUZUt3HGmWqLojnl%2BZiL8SzZdujwvxFhWLTOlj%2B13%2FhTG0Q9FKQr90iUcDQaNr0pfRXcKWN3tAKzq3yAJze4daHBqjdNafu3toi%2BtRXO9h0E67Jy9gAkzxG1eAv0x9URojrYgnNXFXad8SHnUdXWe3CnsbaHCOP9Bca4nWnMwCO3gp1ambo2tgmTHxF6sj24QtV17Jeqq2YDZ%2FRe%2FFVPY%2F1VO%2BV1BW4Y8n7xZSjX4JWprxlD%2B%2BBUTz6oAww8PH9bL8iyUo3%2BgwWerC3Gv2cggnw2W4jIO9XsyYLE7EMkZxr%2F%2BFSr8LEv4WyLdLMjn5Tet9ZH2coWGIgs2vZfIBoD0h7jP6utVnU4FJcScy023z8%2BBCqTbJbJPMXFiZuaSXqJ64ZALtMs5zzDdfJ4kzIVLDyX2%2Bjr9vG7mgsWllNENZeD%2BLYFCTT%2F4bpcXgE%3D%22%7D

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 49) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J(Line 49) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=389A7FB1EDC946E39E0BA0C82961E40C Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=389A7FB1EDC946E39E0BA0C82961E40C Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=2060711289735890200 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6528888.fls.doubleclick.net
77148.global.siteimproveanalytics.io
8930728.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
cdn.listrakbi.com
cdn.valottery.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
content-aeui1.uplynk.com
content.uplynk.com
d.agkn.com
download.gamesrv1.com
eb2.3lift.com
extend.vimeocdn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gamesrv1.valottery.com
gateway.foresee.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
info.valottery.com
insight.adsrvr.org
loadm.exelator.com
maxcdn.bootstrapcdn.com
pixel.mtrcs.samba.tv
pixel.rubiconproject.com
pixel.tapad.com
s.tribalfusion.com
s1.listrakbi.com
services.listrak.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.mtrcs.samba.tv
tag.simpli.fi
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.valottery.com
www.zmbl.co
100.24.222.57
104.111.215.191
104.18.13.251
104.18.7.244
13.225.80.62
142.250.185.230
142.250.185.66
151.101.14.109
151.101.66.65
159.122.14.34
169.50.137.179
172.217.16.130
18.156.47.94
18.184.68.205
18.197.184.171
18.66.130.11
18.66.139.32
185.33.220.145
185.94.180.126
2001:4de0:ac18::1:a:2b
2600:1901:0:8eee::
2600:1f18:612b:4232:2bcd:329f:3664:7fb6
2606:4700::6812:acf
2606:4700::6812:b4f
2606:4700::6812:d05
2620:1ec:bdf::44
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:11d:9e00:46da:9128:6bdf:45e9
2a06:98c1:3120::7
3.210.99.203
34.254.143.3
34.98.64.218
35.227.248.159
35.244.174.68
35.71.131.137
52.168.86.34
52.222.214.42
54.229.233.249
63.251.14.14
69.173.144.165
76.223.111.18
8.43.83.17
8.43.83.18
93.184.221.168
001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f
04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25
0733fbe49ba9b5270d3cc568bda8723fa6cd5f563720408bfd76f679c94a03ca
08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201
0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2
0dc8cd14c8491035aaead1af1f55365c90e1eb29370517bedcca36381c59a4b9
0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c
10b9c55bf736a204d8d2f461c9d99413cc5b09dcefdf10a74f55d0d4a9e84922
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8
11f3600c6f4c6522e99739189546f042b38284a9c2a39f97719cb4867be14d98
1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789
14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b
14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be
18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d
18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce
19c7d1d69f8dd1b14ff9581603cf4e27d5374e788960363c985dacd691c547fc
1b120b16074e4bdf34ac5c84bd56800f0106d1362ae39b340902774698410c1c
1c8b07cc40591474d7b7bd6b1119c8c2a55cf6bddb39da08cb8356a4b8bafc4e
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1fdd61841febd62e9d7add2cbfc22f6a61df1df1edb0e84712838b917c0faa27
2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190
232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42
263055737fd1e299504dfa9bfddc888d2a3c8ebafeef1f5445339651dcd9179a
2637919451798ced0509dac3aafa8299aef9c2287c9d531b0ece651755c6c6b9
2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267
281560f09537b5913fa1aab92030968a3505a947dc3792a958b9d1af8b724985
284c0e02db33d5f6a366901dab047d6afbd144009e5b5d93bfed5be2b210ff56
2aa889fd55a4b4d2d13404b7573784dc95d232ee1f39043c0d1bf88e931a459d
2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3
2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d00c6a611486e10d8fc0024c28194455d41cbb72830ba6bf3ff61c2f348574
346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10
3676afb609f0a6d60ff55c86cdb39e9aadc1aa45a3063d04f702299233be917e
36825ede67f531e47e9332ee4bd7c95ddd26d7567cad11ceeb72c8b10dbe9a2c
37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5
3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9
3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
400b28227b088106346a7a2dfb0079fa5cf6998b65580ef61c8f67edc7a4d6f4
4081f23f7872bc1378bbdbe7dd1e6e47a6c9a368c26c2c092671d1b163621d9d
478d8705022f85e3cf6f1050379ea852fa0c457e47ed5aef356f4f60807580e3
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a
5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945
52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa
5382d3b5d6d6695c71f85a10d1241517f648993754326497f17b5ff550a6e76b
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13
5976093398e7bcdd5c1d4e017d7bbc66f0ca51bcc70716c53c5b6f0d73637221
5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7
6227810f3f848327f682c41a77bbf66998210067a5c1324b78f85b204422ff9b
6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3
63c3a289abe0cae61370c17f3e3503457b49e75c6048560a25688a175cf602bb
63c7533e1bd8f0a6242f579c4bdf05133877243c079be168dfbf7864c2ced1e5
63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16
68fa945ee99282e0899c99dd01fa82a5596283638a56cfa215e3517637acb0c7
71e4e4e66ce5a64b0ccbe189ef39cab5de0a33927649a6769c94d0f38746b20d
75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726
767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231
76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde
79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e4c85fef48c00ec27d7cce954afd2c0f49e9ee47bf25631cdcb3b3eb2cc6fe2
80c34d86e11753772f995dbe91da531f63b7bbcb2bc77353f76cca6297a3bb99
80f55572ecaa042bcc72896cf4bd881c1f8f51668a8e1693a8f7dd50ee27995b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8547ef474c08fdc4876a83992eb36f3249a66a1e33edda51130f3808e3583c9b
85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c
86fba08a5da51229089cd9b4309d1c48de5ef6f7ac5e03ccffe92b394a10ad61
892a36bc18f47d47c7b086dcf1eed969fafe1792fff326604af4bb9911b65d2e
898fbb7cb5036b501280d6ff2e2bc3fea5468058e1706393f5e9959183e5a4a2
89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6
8aebe5f99e6bcd033c5e1120a09392b66060c62e46e6c2f3856b232a2b2ef8ff
8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0
8c9615c0afa69004bbf7eb589e050eb0141cf1db3b56714164bdfcfc0a3e8b16
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc85c136722cbb3de6613482af2320d895fbc67d9c1e5cd30d73c1b841a375d
903d89278590ef98b21e28d5b7174f3e3a3ac9608521b99096db355132dedbec
917b746a81bd96a3e64cb8ea0b278b62e380f1789f9f787f0af561dcb7657c62
92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03
9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298
9329e147ca7ed493d13ebbc9f37e30d5671005749a1dc224219fd896eb817ea4
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
98855111c9280dbc161f079e0f489e43c69d2e834701e03cf0fdeb26be413e4c
9a1808eed8808b7625404cc0ef260b1ec62ea5cf336af6b58cb92077e932d259
9ec97f41c752ddfed05af92b7a626a4d6c9fa711c34b808478733a5b707469c7
9f9b4f945aa2e9a97845471340600fdc1552192119d4c66ad5b0fffc4546f782
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa07fe82ff35dac2be6012244bda34cd585524a030bec906230a3b857796a88f
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
adcfb310cf5255bfb5e31e3b701a4a4a1860fa56064a3a0dae59affc28de55ca
ae654571ad0da6b6e5ed28f16ca8cedefe245dcc4af3ebf583a82b0719366c3e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237a7f9b1c7a551c46a0f6915b98c14f9cb06efcb121c878c33c130893cbdd1
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b4b3c6d666b093e103e0042fceff5bd06bdee1d2de204636ff39b83a5b5207aa
b59d15951f11d25d4e602553d1d229028c78e6aa16a8e0a95db0002c2476d95f
b81be540931afd6454789db55a2d5b1faf0294c3bcd70a64ed93a8b6d5830ff8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bb9b2954b0d5279e948fa01467e67eaa61da289ba26a22a3e4948dc26e6bf0a9
bc773ae924ccc39bed1de135f1499f3fd7f423b640298634ea36b37c633ef8ec
c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f
c86cba4a13fb54e4f9d79d2b25b7061f2e8a52fb39ccbb09d3276a629c2e0cae
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5adda8cf5ebfb9be4678e5e1bc0a4134e64d9c5af56b801282c5f191866823d
d5d5182786234308d492706dd6656a8cfa54e2c49a4323a070df0a7244b8542e
d69c01432ebe21bfd72cba936738c1ab831ce461de00e229dea799e6f932d510
d782a913920f881387e1358fc2437c2c2d60cc54a9b6a29288570032efc58d6e
d809227eba0fd85a850ab1e97b4f14f76fe9815bd68a0648f81ee34347b6faab
df125a910c290b45d3401bef8b03d360729727eadb6d5d215c558f8a062b31ce
e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e166be0c8725f6616499a81bbec4bf0990b2c61d1445b7c73e43b6220f8a4758
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972
e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f
e478a472154b18889f517cae476788457eca6b3802463d1b362ca7a8d2946911
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67a7d4b0914d95c578128b351971a60fad34989ebdeba18567dd83b75bf3396
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7fb10ebb4fcafccc57341ac90ec67336d2f166e7573a9066cff62b061d37e2
efe443f7d9e4bcfdcb09a1789af20a5c1327bc5878589c7314cdc9e7aed2b83c
f000378c6db049d3149c1241d02ed22fffd3837337828980b3006f25f7c72907
f0610af23a430aba94aa59d905efeccfd4b7f64d59b560a5c97c5ddb62dd0f1a
f141008653c5c5c21a29d1568e2434a5eb5631e3eeae2e3b4c0f905d3f14ffbf
f1649aae3a6a1f5d196575cb8f82ef80f4f4e6337cef3a77bb2acbc321a241f8
f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458
f20c0645501fa034f9c5e952fd434fd50faa29f709f29a913940dfbc6f87907b
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f46604c0a8397050070dbe4b21ac7ad0558abba076839c44cd8dba4fd4eb9593
f489673218d6683f0731021c0be3e1a28c3c3b1b94bf7b7e18a55b450ce8c605
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.valottery.com Open in urlscan Pro 52.168.86.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

172 Requests

67 %HTTPS

38 %IPv6

44 Domains

60 Subdomains

49 IPs

7 Countries

3673 kBTransfer

11489 kBSize

44 Cookies

7 Outgoing links

Redirected requests

172 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Screenshot
Live screenshot

Full Image

172
Requests

67 %
HTTPS

38 %
IPv6

44
Domains

60
Subdomains

49
IPs

7
Countries

3673 kB
Transfer

11489 kB
Size

44
Cookies

172 HTTP transactions
0 data transactions