loto.hijera.com Open in urlscan Pro
2606:4700:3035::6815:2b79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://loto.hijera.com/
Effective URL:
https://loto.hijera.com/
Submission: On February 11 via manual (February 11th 2023, 9:22:06 pm UTC) from MA — Scanned from DE

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 105 HTTP transactions. The main IP is 2606:4700:3035::6815:2b79, located in United States and belongs to CLOUDFLARENET, US. The main domain is loto.hijera.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 19th 2022. Valid for: a year.

This is the only time loto.hijera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 50	2606:4700:303... 2606:4700:3035::6815:2b79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.56.91.11 45.56.91.11	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:805::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:400d:805::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:400d:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
105	18

50 2606:4700:3035::6815:2b79 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loto.hijera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.56.91.11 (Fremont, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li893-11.members.linode.com

fontlibrary.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:805::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:808::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	hijera.com 1 redirects loto.hijera.com	2 MB
23	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	400 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	84 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	61 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2460	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	96 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8804	696 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	121 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3434	71 KB
2	fontlibrary.org fontlibrary.org — Cisco Umbrella Rank: 113643	80 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 842	601 B
105	13

	Domain	Requested by
50	loto.hijera.com	1 redirects loto.hijera.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
9	pagead2.googlesyndication.com	loto.hijera.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	loto.hijera.com www.googletagmanager.com
2	cdn.onesignal.com	loto.hijera.com cdn.onesignal.com
2	fontlibrary.org	loto.hijera.com fontlibrary.org
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
105	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-19` - `2023-09-18`	a year	crt.sh
fontlibrary.org R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://loto.hijera.com/
Frame ID: C0ACE060CBA4E9FF7943D357AE9D08F6
Requests: 69 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: D87922515970FA46A840C49062860E89
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&adk=1812271804&adf=3025194257&lmt=1664012409&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Floto.hijera.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520361&bpp=2&bdt=1355&idt=73&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6027464753753&frm=20&pv=2&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95
Frame ID: ED2D88043567B890D401CDC77DBAA2FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520477&bpp=2&bdt=1471&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6027464753753&frm=20&pv=1&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=84AzBTVBBL&p=https%3A//loto.hijera.com&dtd=6
Frame ID: B523FB619EC3478AEC65E5464E3133A4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 97CD44F84A9C1D063B05D92524D255B3
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 75ED337FB09A31F971A5D09712801EB2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FBB9AFCC13CC6DDC6A789A0E18849750
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 6535891B7F3448D7A36506747A2588EF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 44F6D1CCB493C9610426449CF3093789
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9935353FB862AEC32AE7E0F17DC8DB26
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 28AEF6C53D7A3EF240DD1C1D72932B9E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

أكبر مسابقة في تاريخ الوطو 5 مليون الى جا فيك رقم 7

Page URL History Show full URLs

http://loto.hijera.com/ HTTP 301
https://loto.hijera.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

105
Requests

100 %
HTTPS

94 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

3053 kB
Transfer

4959 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://loto.hijera.com/ HTTP 301
https://loto.hijera.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
loto.hijera.com/
Redirect Chain

http://loto.hijera.com/
https://loto.hijera.com/

17 KB
4 KB

331ms
314ms

Document
text/html

2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fbef4411227fbb182f0dc62de61bc03585b17e5bd1e10ddf2670ffb60e24cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 79802325dc868fce-FRA
content-encoding: br
content-type: text/html
date: Sat, 11 Feb 2023 21:21:59 GMT
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sy8YwxRckNK8lQx%2BdSp2bxjNOvNmcQZSsE7j5%2FFgEfVqNLu%2B5bYf4G3j6rXWW9eWr7PXhM0laKDzMTdiI4KX4SlkWSEH5Xnh%2FnCd8LxZoBJQkzzNwdVDRf0ySn78m2MY1gVKzSYhgqKCs4y5IeM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 7980232598e2bb67-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 11 Feb 2023 21:21:58 GMT
Expires: Sat, 11 Feb 2023 22:21:58 GMT
Location: https://loto.hijera.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ixCzYUYm4gbu1f4a5Rgiav9dK3zEj0Urp4fMU0Hv9%2BGbsH1piQrJlu9XeV3nOzrAqcdCBUzaVJj3ku8lAvpLHjcdbIyb07CbjKhOud5enwwRP6MJQUgqdNYThrFOAt2IxJ3EZHzYzCnyaLTNRKo%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
loto.hijera.com/css/ 713 B
638 B 322ms
320ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/font-awesome.min.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0dc944edac0beac1a2e3ee52021882a0e03c90a4acd81aaf1f1766603c1d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BeB55HHi8EYPaPzpzIxZKvZLZMIs0UA52k0ANBCMu%2BRujMx0Mk2exXUbw2grK61iHC6RBeBtACotGdTN3c7MHuk3Xvj7eTEzLbgYJZgVyXsBU2OXF2ECadALI48qNt8DcoMgwiePMx1fvoC0E4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de668fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 bootstrap.min.css
loto.hijera.com/css/ 10 KB
3 KB 330ms
329ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/bootstrap.min.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c82a3f1273463923e568949e251ce25d179de92b5506ccea347dd89a4a018e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk2Mm5Y9VQrTZ4cDOgdumCMuSt75ZcwLOt3iPCMKkEYyCgbyWKpzd%2BGPMUloEtyGuJuZ7GyHBEU00cOFYNJ9qSm1eZNtjK6uCkKj1NSMn42Na6sDLaLTx3ci0WUGyeo1MivEeJmGaj7V0DmNMu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de678fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 style.css
loto.hijera.com/css/ 6 KB
2 KB 324ms
323ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/style.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee4be88c74b613a534da75a7ab36b894f95dcf4a12d420bca52899a06c458e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MbiXAGrLe92OIncx%2Fnhml0o60ZXjzbmMYj7dxqf0UAsHE3WukxcbPf%2FtmHOCWDMu%2FkbpKTpviE3E1iX%2FXQTzmq4%2FI1Z09CSjG17lssmUNwgIhm8hbL2t%2F5xZWQVqdYagbIx%2FYzftVVs5zqUPxU4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de688fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 sweetalert.css
loto.hijera.com/css/ 18 KB
3 KB 331ms
330ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/sweetalert.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77ad1eab39bd1af3241d5c60009ced8cf09f9a02e7495db9825d5cc91424b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNaWnqjDcFPYIuVQHgZz15gWWrdDgEtL2onrlpz%2BccF5sCTR%2FkEC2xv%2BSId7du0snDKUsHUwjAPQKR5fGctuYgaXsJ6%2BS6spYFmd7MDEeXBlEzcbYwQhDvEFDTbhc4gW1fCdTFUtXl1UJkSt8z0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de698fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 spin.css
loto.hijera.com/css/ 7 KB
2 KB 329ms
328ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/spin.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 764138211823225cdf47afe43b7db68ae158893ad12595be2765008cf14539a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1OFEZcMgwF3NyUAgEUZMMTo2BVcuqRAWssfybKIyMq8rfYJTv%2F8WOpr%2BduLnAQLDXEgwdtJ7%2F9AEKhJ2S7IsgGP7Tr2ovMdg4GOdeFZCGBM2ojXqUqE%2Bg6ulsz7cxNbyC7HWeDGruwnCi1dAL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de6b8fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 animate.css
loto.hijera.com/css/ 69 KB
5 KB 332ms
331ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/animate.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f43aedbc350e90a0daf474f41eec2b0b8cb1728ef1019ac3c9df35aafabc9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfhTHqL6rOwqSGWqUb7qN7sgfCGzS6K2S38YDPOGaj7xn%2Bp7ocGcFNJweVe3ma7pn3zvigOBu5Tfo8WLsDTKntuJnl1gX42NMVWUZG84ie%2F8q4ewWGrNllQYqcghe55RqRr7q4xVo1kyKRJQOLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de6c8fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 jqueryspin.js Show response
loto.hijera.com/js/ 260 KB
80 KB 797ms
796ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/jqueryspin.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39%2BU1pBGrUQBBkelVleBvcidiKmJ3%2BoP2D4WgmgXjqejNHot7mrk5q%2Bp8naPvEh3dilz5dXz9MJDUqNLFKCey7u%2FIgFBpRcTUGgjYLPkzVn4bEL0zJakNSYooJ1PQ1aaHzDTh1a0Pk2F9hw35OI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 79802327de6e8fce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H2 200 droid-arabic-kufi
fontlibrary.org/face/ 1 KB
403 B 499ms
157ms Stylesheet
text/css 45.56.91.11
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/face/droid-arabic-kufi
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: 3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 500ms
19ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3363
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7980232feffb2c43-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Feb 2023 21:22:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 528ms
46ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0c7ce602528ab3de7ae7728f93fc0731d3e38e74bf7cbfd27efaf5d9c85044dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Feb 2023 21:22:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 517ms
37ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ca0f7f374c293b21c3e727da206e763b16c5eb118bf60411675d6a7b9bb53c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: cafe
etag: 539011327336227313
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 21:22:00 GMT

GET
H3 200 gUQ5616.png
loto.hijera.com/images/ 36 KB
37 KB 612ms
606ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/gUQ5616.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3e3c3bb7a10991288a87eae27221917d43a3c5f5f854b3d1b9c5deec899dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OmAHxgtC8b7NxBND9tDCUf0A6jJzsvWmQvCGKetvS4MxngpJVuSW4v56jFHFU%2Fs9NTpSggXBqfKuv%2FxAf0GYGrgDBdNBOIgIl6MirCs72p4Xe1%2FBG4pyfX5QHcmySrD2zSOXO6qz9llIr%2B3uAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfca23826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37090
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 1TkMpmE.png
loto.hijera.com/images/ 1 MB
1 MB 938ms
932ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/1TkMpmE.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1270009c93f733a7e957a7ad3f9814e505304bf1852db3d434b14b2c73ec159c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xDsMqx6yK3OtYg0%2B1BkTjnQaRgphYCtQz0hYX1IV98E7H9hxGxOY65h%2FZsIxlRBeXVUCjXgTL3QSczovfb1lN58joLDKjRfy3EvcNjbVZXTOFJRFL34Je0O%2FgBJ7t6wLBOzpqbtGK3E9jn%2Bc8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfca43826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1488742
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 11.png
loto.hijera.com/images/ 2 KB
2 KB 333ms
327ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/11.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c38d77b0c72edbb224caa228a92958cd58656b51e45e0be1b899901e3af58f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rk44cPglle%2Fx6PtALiam6ABusu8GvRqUeJxIN8KyzLuswvF5Unh9POu0LNfGPXmsQ5ynR4FH573AqZHdZ6%2BWT%2B1mr8cnFvrUdzEwDup3KU2KwVVUdpRHgT6ey1bnSKjK172SqodxJ6x54wP2FkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfca63826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1738
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 Z8r3aKG.png
loto.hijera.com/images/ 85 KB
85 KB 788ms
783ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/Z8r3aKG.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adfc4e127ee0b08c659ac8b67b8487535bb2962f46e79a1cbf7822248e2b2c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nlNg5aBKSVpQODwgS1VjX%2FsucUCiJdUM5Bpcq8%2FiQ3VtETP0%2BSKyOyTkKP9TEZK1yAYkMF8XiAQVxo%2FrLub0R9IaiBhg0cdaCXweAu8xtm2PQSEr3QqTz7Lql5XeWWXDvAIvgpAG9bY0TCEZQTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfca83826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86763
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 1gXBtm4.png
loto.hijera.com/images/ 28 KB
29 KB 471ms
466ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/1gXBtm4.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040392dfdfdb57cfca61af538baf6767db388f6c6ba611ab68435ad701c83253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67knVmLq0RADqu59zw%2FxCUBvkF%2Fzg7TaEwpbmHvnTWq92SY6pfA5hyLMovYQiEs1Nqa9B%2FXWtBHWJmCO1hT4%2FRXtW%2Fo9RNeZUjUHvCFLM0YDR%2B01QbVgd0WZ9EEpn1Fr6w2JJgRzvtZevLe4Jwo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfca93826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29139
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 EMfL2QO.png
loto.hijera.com/images/ 76 KB
76 KB 936ms
930ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/EMfL2QO.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yqHMwKVi2czcOcu6t5ORY5avp7r0787l11DokKfwIJ1qJqqxpkWNVQw1skg6g3gDxBrdzGawYTe93kAc0UCQRuOk7WFpryz6Xvbj5AYm%2BydF2kHwbPKg7WuWos1QRKDegd4vBdFZr0vl5W5V4gk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcaa3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 aRFsXEt.png
loto.hijera.com/images/ 76 KB
76 KB 787ms
781ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/aRFsXEt.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MiD3N%2BITWuddCBOhaQ2youP1vkYeObRfVgDn%2F50elIDXzAFkWFbVJt3FbMdo0vuQFwUbFvBsCTUgnxzbUUcTFT7z%2B8cAu0cRSb2xVl%2Fo0g0Xpsc14ilKhAxMV1IxMwhl1DorkrRKdXNJOeLGLJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcab3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 8PLTqJk.png
loto.hijera.com/images/ 76 KB
76 KB 780ms
775ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/8PLTqJk.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJielCXmFW2gCUOLQnLCJBS43VvNTTFdhKGmfRmIoCP5XRl7ULD8TCbvShd89CO9XbrAnlL5wGEEGp11LVWwKbWpVytMN%2BGrVkT%2Fgfu%2FV92ctaVDzEe0sQdoRGactGsYXx3cKVu5f87VCJwMwU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcac3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img2.jpg
loto.hijera.com/images/ 1 KB
2 KB 333ms
327ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img2.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a37e132ade040f91f52464b40f747fea63bae0dd61a0286b7d850078075733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSLywF3Nku0VgMlIUOImEmvE9UaP4qy5bCJERab1cTAuL2OJm3HWaEii1Vr3qRZIwANNzm1Cj74d90jvcVmIcLwUJzK8oYkBVyJ7%2BfEITC%2BQYbnlCnXoSA%2BBHp%2BW6%2Ba9vZH4Axntlsrs3tHVGgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcad3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1144
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 btn.png
loto.hijera.com/images/ 258 B
785 B 319ms
314ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/btn.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06035e1ce818608c1b28618e4236796d6a7eee24ab8c3fee372126bee1596bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=021Yv4REWCVZGnR%2FcXTKy30BAfWGSDA8f0vD6voaJbIQujIt03zt8DlhNYLJ6WgVxiylvgsIslbg4QjjL%2Bgc4%2F1U%2Bdr5q%2FmAwEnitxSrBzq8N8vCiYIJObqGlw4Nz5vH6BTvXhHgwtCes6Q6bEM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcae3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 258
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img1.jpg
loto.hijera.com/images/ 2 KB
2 KB 324ms
319ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img1.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27abebdc7c5eb879a3100c3cc3695632438b229be6c7156220b3d900bdd64c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DymPrganZfXylnoTANH8d2q7DK6E%2Bwr0Ep6%2BIWogXqSbE1iCgUneCx1TfF9mVtskn8O5gbrCvWNA%2F9Kx%2BkjYMbPgUpQWVRVbuyorCSlT3Wd6UMYp2iKCPfAwKPYRHBf%2FgSGvR6xjHSwEhj%2Fy3DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcaf3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1708
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 love.png
loto.hijera.com/images/ 266 B
789 B 323ms
318ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/love.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e12eb9ba3e585951accc67459078f16eef9213ec6a983710247c8c7924fb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVr%2FRBTuZefrsixGuMzZsf%2BwP3UeAhv7fT1fPwbmf2Lqsn7oBVgISLFmzKdth3j6x7pgFjOFMSOJJDDc0eUiTA1Ln09xgN0I9TLTKsVW0cXXtBXEekRTd5RK07Ynnh1PXctXHM2hzILnEuNkZnk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb03826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 266
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img3.jpg
loto.hijera.com/images/ 1 KB
2 KB 336ms
331ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img3.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94d2fb1737b84ba35ebf0d4f7deb5af5d4de7763d1c6a515ffd9b27876a4099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QjaHpY5SFUjdTdGHRQYNa%2Bi%2FKs5zaIG%2FF2TXjE0MEwbmupYqMCvEOdLL2T8xXZSAn1zbykQnfhtcNNzc9rAtpkF2N6yZhZ34tTNR941OT2MXTSESrf4uoLYHro7dAGiL9ZOuFTI480cf2AfXJjE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb13826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1025
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img4.jpg
loto.hijera.com/images/ 2 KB
2 KB 333ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img4.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e3bf8af0efd6f432a7e869844f0e0c77aa44c00b06069fb46c2be1313ddeafa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fME4IwzxCNhfjjpFhDLXuoBt3k49MAC3ceg5u3Wie32yFfiNEcSqrHBjdq6supXJj82vr7gt%2BTwmPRDhjxZ4RiRF7rId3NmjdqLMjkEWDxCwctUXJKHwF8Mb2vbo6SXfi1EPL1hoaUwi8dsOIq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb23826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img8.jpg
loto.hijera.com/images/ 2 KB
2 KB 331ms
326ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img8.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 595017561ccb711f784b01ec7c62e1b9f12d7fb6e625f8b695f5d75add4da80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VOBiqG%2BvZ5XnXt3kH3wdnmD0Q2jjWhoPoJ0P9If%2FqsKhGGlNR%2FA2qjdicLEeN%2FQ2NGz2gTIyxjcGEMbga%2BppHFN2SzVdwphcf%2BrBudZ38MrebDEiyksqf9Tp4ji%2FoRMksC5g239%2B%2F1ltRhtiM%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb33826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1923
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img9.jpg
loto.hijera.com/images/ 2 KB
2 KB 333ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img9.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3654254eb29dacff7b77fc66b44ee0e7429cb96c3bd5a483859d13fccef5c809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwUtxvz0YYorh4xsYPjZ%2BMAuIDlikkEJhgFDdn8F4S%2FANjVwfK%2FMLnXnUYXRMKe7ZpJMMUSGfTgU1qsBOr6j0r%2FjjFsL1sSztGgQfR8zmg0qX9Z9QFtS%2FRBRlJek7hhXS9dR54pROLgkI3DWkuU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb43826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img5.jpg
loto.hijera.com/images/ 1 KB
2 KB 329ms
324ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img5.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477c7afb0e442b9ba4844ba9a3cec3840f479eb2805bfb3f7de1e6813c623ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6KqfMOaYBhnF9SwhTEnnG6jrLrFC9nMyjqXK0B%2BcgFfPQkOIgQkDnEDekCAL5JyLPRJyGXFeU%2FVK%2FJttcwJxLHQaPYZ8YTxUPaGkyjMyS8uOONl9AxNgth%2BMuCgp9C%2FsiDMrtLwQAKSuR6QbKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb53826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1214
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img7.jpg
loto.hijera.com/images/ 2 KB
2 KB 324ms
319ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img7.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc777c7112d34e1a46accc1ae0164635adc2e0ff2ea0e227d73ff1439d0b9e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zcLGL%2BoqV4v%2BvlDx144btND2NHnCZUwJSt4%2Bmj6vNn0%2BRqI5msHePqq%2BiQpr5AgmFw%2FmFfDqULoWAXy4bQHzQKR1z%2F4e7OG3LtHIo5%2FT81fLr6YZANqmIUpboPv7PuCTi1KdW0jReTwzNZAYeXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb63826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1879
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 img6.jpg
loto.hijera.com/images/ 2 KB
2 KB 335ms
331ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img6.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9c70274eef18d6e3b438c593762a08f6eed46bae848789b6a8285a39d5a5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8n%2FESf%2BQKHN8uJDg5NrgBtp97colC3EAKShJoMFRtRR7%2BzQFywRydhw4g6%2FfM6EihTHMthSvCc%2F1LSf4Rx9bJ5kmpR5TqX7h9bL3208SvokV2s5WVSrz94ubzA0AU%2B9RXErP2nhKHB7yz74E%2FD8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb73826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1864
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 dri11.jpg
loto.hijera.com/images/ 11 KB
11 KB 336ms
331ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri11.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013a35c8ccd65a201eee6860d6020d5aa9718485a40b3969ade69564ce3de724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMEG7WpC76vEoCfpfvU67l0jvf1ktRhYgDn8TWkR2HYpZNq%2FcHMDUZ9XGZWoxKN68EEJAF53lce5Yf%2F20hB5LoSoqKMPEWXN46NXf8Wh5Ki2dqXInEVrqZQpU5pkDmNpZjYvVeXkIyy8j03%2Bs4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb83826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11145
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 2.png
loto.hijera.com/images/ 2 KB
3 KB 324ms
320ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/2.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2663561f9bd4141ad340c6e344edaa435525a64cf59f4350ddd4a716be1a890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyOHS9UzoWo6jSR4snvRYXizFHO%2BZwLxm%2BXjRuIsu%2Fi5uph8LmJ25rBYTFbCWLWv89vRQ1th%2FuME%2F4Kd1b258bj6iMgI7WN2%2Bau4NrNRHPzNkE9%2FypdgpWwAxI18WHhF2lk46LqH9qDA%2Fgm%2F9QY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcb93826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2409
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 3.png
loto.hijera.com/images/ 5 KB
5 KB 329ms
324ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/3.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae95052784ccea40a6138037a0d99cf0cab0541ab4e94574398c99fc9fdb3487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onUTisJj6L%2BsyVlaZtb6Vhvcj%2BNr7g6364M%2BN1lNXdExE5h14yMzzysGLSCAvOCT78p8kB%2BVUbgZzcbZnAv%2FhhdmlQWtGNKoGKkDWvL7Q0ytkHsFFzwcxguLm9hdMc7hbhQRuGLQXAnMFBRUgHI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcbb3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4656
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 4.png
loto.hijera.com/images/ 6 KB
6 KB 333ms
328ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/4.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f684fc01dedcba31762a7a8f36ecc14e77a5af002b02750afdf83863d078b075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0WCnbwjGYiYR86ZUXUw0EQDiKFh1HxR1IZvuGqh6DRax3DTRa%2BVb6FA6QEEsG2ufbm7bmTTclsYcTWKxOZxbrYiU32bQ9Qh0Hh6Ilz7ZnTOCdCnZikYTyqObWzmZlxWZIAoEoDDGfYkik3ddGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcbc3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6041
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 dri3.jpg
loto.hijera.com/images/ 14 KB
15 KB 468ms
464ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri3.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6791953d4848f7ffacdf4c7c43bb7c436c8cb96d37dfbe0ec6214bea3ea0e7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9PN7OHM27CK%2FukezwU%2F2TAbrg9Qs%2FDPBkhPn%2FBKvdscFLY%2FTPx%2B55fORqIwRuOVHH8JJ7pLx8LeN1ZrbCpYXqBKSlO1rnJpXLx48myq7zqb7Y3sGX4BA59Jc1UjkTiOI8mA4e9YaDeCwctKpEs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcbd3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14832
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 dri14.jpg
loto.hijera.com/images/ 9 KB
9 KB 333ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri14.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7040f10ea2784dac767bff8c3bf6518984befc5faaff696c060c50240a4daea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bx85pmUV%2B9sQv5VMijossvbkSvVa%2FOPrFqHvZ%2B9xyfe04eKhFjfRtn5%2B8sPTbGtgfeDkYnqzZK%2BHJTc6%2BxvZqcLsdewjzFCQ5TjiAQj%2BQoE1l0jcmIYRyudEh06TEgQezlSneWRpSx6KUCM%2FPYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcbe3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9096
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 dri19.jpg
loto.hijera.com/images/ 12 KB
12 KB 347ms
342ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri19.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f536382323af52185970048e4dc397a0371f50e8dead0ae3839993e0d97ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGCpCc5jxgttTO28hBb4NEvZNjNY8vHDRAB5ODMHpDPDUbE4sZSaK6%2B8GLrM7%2FhhaDDe%2FnTVFgP48TF5EaoIYbH93zf%2BZ3%2BeLzsWsx48ZvpkRmuNQ1TtGJg6mSPb2ocN%2B%2FXuCwSGGdknA1n2Nxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcbf3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12014
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 dri2.jpg
loto.hijera.com/images/ 9 KB
10 KB 322ms
318ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri2.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33baa62490122e3d60498420f5c46e3deabdbc1c31c5b011156194af8555d27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1h2ShWibVfBpgBzGXmSIWo2dxnfFBjlG91RNFxUPT%2Bw6AzRKijYLGfsHRoo8gZcQtGOSTiH29m7GCE1vq1SJQWpwlSF6D3a2d3c6m2CEyjt8o28cJgqQr2lHprgIo6Zyr%2BPxgQOiR%2BYZjbDBV8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc03826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9559
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 6.png
loto.hijera.com/images/ 3 KB
4 KB 333ms
328ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/6.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571bccfea3505f4e4ebd31ae7af5e67dd7e98ecda2accfe6b80d956cd53f5bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BfHiTGdsQbz3hdznUhUDepL1nQyKF3FC4a4M7d1P1GQaOY%2BO22X1OJvpV7HbumKnR6mYtIm3lfBY%2FoVapiM47BXOsCL6qC4HRYUvMSuE95iOAR3PZePAPCG4i2LOYfMHCqeeX3VGfbydmoZeyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc13826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3159
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 7.png
loto.hijera.com/images/ 3 KB
4 KB 324ms
319ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/7.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6857fab2c1d1e89c6d993692dd1bf6abfaf1f663526010b9ea0fcea0fba3a1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4FZW9%2F0s6XFFFDOVTdhRfg0Q0U5phc0U8Tv2TOFWU2I76l2R8r8FI4VBricDhU%2BoIK1xXpNs3y4g810oK4myXLBSV3f9jx%2FM5IYtk0OCV6NCC6KSWih9nEwUOZfWOGfKvNv4oMHwLKLQ%2B8gJG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc33826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3071
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 8.png
loto.hijera.com/images/ 2 KB
3 KB 337ms
332ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/8.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa12be838e4198d935848abb0af4f2f7c8d997f61999a00e440c6caa6a4e2191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5%2B6Y2rT19FC8keU0aAyWeCchFSTPGWgUo%2BpPWRX%2F47Yx%2FLaLN2PEVenOBXLUkOYxCQL6WF6%2FEmbBglCNjyYqwKlmEG5Tw%2BDRkldbyh98ZbPN4jSMkXUfdeYPVFPdh4ybidp7XA2E6cBjvigaDc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc43826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2287
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 9.png
loto.hijera.com/images/ 3 KB
4 KB 335ms
330ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/9.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0631422a87c9c9801680d15c611b37f2e32086d18db1d6c67a1913c5957904b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Opy%2FO7uVIENmEr%2BDiGltpsTUDCmCcrwvCwkUrvZ61m1gjr9LkKhzqm4Or3vEoMGixr16oft2QKPK209%2B2prM%2FHr0vBYx5AcxA3aEN4IHrmAyMK2TAN4hWjxTq21t75bF8%2BN%2B%2BZy2gQo6i%2BVZ1wY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc53826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3244
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 generic.jpg
loto.hijera.com/images/ 1 KB
2 KB 328ms
324ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/generic.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPROMruwTmYcIABN3zD2IyGoPC56nsMJ6CGbm9OHdLb4TVQ%2BSwHy0weku3to%2Fc7skEXe1mHXPLnkctfoyxJKW8utOQle2S%2FeG1YHgaCmK4%2FrQIJiM0ovNrbnFj7Cb12xc0ftZhRWb9oLFtNtMRw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc63826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1131
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 popper.js Show response
loto.hijera.com/js/ 80 KB
22 KB 461ms
461ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/popper.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cb21545b545e1acd2b4886c5556b321b0a087c8e381e560136b2c9057932e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:21:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsGjIWXTNZuGyLzR%2BAzvGWTMb9tEBx%2Bw9N8SCBaZy9C5JTUQJpKp9Z1l3xeaBQIADOxuITPbFNzKV1VnrHkmZasIaFPGFZO1h7fZa77FYpNLNzCLif8KLPkkNQaEAe3p70Is436NXp5QybNHRUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232af9f53826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:21:59 GMT

GET
H3 200 jquery.js Show response
loto.hijera.com/js/ 85 KB
31 KB 615ms
614ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/jquery.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKTQJQnNFU0LtI%2ByDKYUGZwsZX3FtD6KAGDA%2BarclFG6UDfy2WPzdWzrFzI%2BHqkW2lQSuHayXHGGXg2YkIw8cJ0zhwP5QqbqrrS6bIGnLqPZaA4JLomeXEiUmDs%2BNsMdjI%2BXuz6aqQs59GOgD9I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232cdc893826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 s4.min.js Show response
loto.hijera.com/js/ 451 B
712 B 322ms
321ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/s4.min.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf618eacf329229fdc32975bbd3cf03e2627a180d69b6a4806c49badc1608d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BE8Tx2aDINQh1UbeHiAMoM31EYhN0MNer%2Fzsc60GqfjfEiKa1AkV%2FUokn66GFfw3lI5Qd2odk3Vwu22vmyohn7iWsXAwHAJzlGHYhYb37EFVdfLfGmDLgGm12ViWG5Cu79G04ylgVuAuHAWUTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232cec973826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 bootstrap.min.js Show response
loto.hijera.com/js/ 50 KB
14 KB 465ms
459ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/bootstrap.min.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xxj4AsEndfOfpi1WK4tMEJxZ5gZx%2BTHBN0%2BfNsHxyvE6nxcevhmZBxwsvNDJ0YEagJ7j93kohMyPUO9DFrT0h5VvT1lRHEtNdlhjDNNf8VK4JS7rYNeHzPohfbKC1LKrIuTVyMhoMtmIZP9Crw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232cfc9e3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 script.js Show response
loto.hijera.com/js/ 5 KB
2 KB 331ms
324ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/script.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc5b0b3a8fbf5ef69b2dac141a864474a6e3dbf55380170299e71814a0346ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvvADl1FsKxEwzna1%2F3OeK341BNIuuViF%2BNJSXVgnvTJOu7zL7syKGsBKSn7gYHtMEgTXX6fZfiapmjDPd3OVnKYbuw0m9FpsukhZk8O14SPWKrneoCqLWTkEZDv3kGjRo0MZTKFKjMstIl8WEY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232cfc9f3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 404 cfms.js
loto.hijera.com/js/ 0
0 319ms
312ms Script
text/html 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/cfms.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BnOcf%2BquN7I2ia0AgTCnln%2BDakcSV6hVda4%2B5AOYNTYOgjQ61cVcA%2BG2GADUbgqermSl4FUFDW3QUTD%2BCO7pDARAf%2FUDRAb0WqS3LbxZllmX4IRDyAwkzWScNY%2FGXVF9fTpYFIxHN%2BaqUvtV8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7980232cfca13826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 like.png
loto.hijera.com/images/ 270 B
792 B 322ms
318ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/like.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9343a766e28b630e376b44070c88aacfbdda839602f87b8a56ec9a53b214b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4EL4l63R2DU0uwDsmSMhJJi677kKgcf%2BDBeEZwiACi7YlyCWQUSTPUD3MZ6c2G6a9d8ODtRM61qpUHAFb85FesOmYNJOMQxwBfs5X7Urrq37mU%2Bu42LE7FpprHWunEZA7GtjYUaYE7ej4opet%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc73826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 270
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 bubble.png
loto.hijera.com/images/ 162 B
681 B 324ms
320ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/bubble.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WGUGaRIiS5ziEKoS4lhJ9VolhfvxooQ0m4op0Wv59pNnc24FyN3H5Xs8XOIbSYxNImlJeGtLT9bxMFMGCxPzKQJdQ0pnO3X7E6HS0tRo5DnvTkGIuY8dyJPdA7sAb1haoGyAyXv8DpRfF77C8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcc83826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H3 200 share.png
loto.hijera.com/images/ 279 B
806 B 328ms
324ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/share.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b66526de2d4a7165d7a43534675d222b348e5a7de88253b7c5af8d2435fcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iSF2CYqIXj9JQJoom4LMkgf7IBrPctJhz6kgulOoOimKIEqgRK2U5kHjIg%2FzMSX1BOHyYdmtrti81wx1t8aWd7ZzLz%2B%2Fh%2BRe4T89ECDmQbt0CRhb7VH4XKnbOOR1zosgyEfFOg0Pnjn9VbRcf%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980232cfcca3826-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 279
expires: Sat, 18 Feb 2023 21:22:00 GMT

GET
H2 200 DroidArabicKufiRegular.ttf
fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/ 79 KB
80 KB 474ms
157ms Font
application/font-sfnt 45.56.91.11
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/DroidArabicKufiRegular.ttf
Requested by: Host: fontlibrary.org
URL: https://fontlibrary.org/face/droid-arabic-kufi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0

Request headers

Referer: https://fontlibrary.org/face/droid-arabic-kufi
Origin: https://loto.hijera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
last-modified: Tue, 04 Dec 2012 09:42:08 GMT
server: nginx
etag: "13d48-4d003ade83c00-gzip"
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=290304000, public
accept-ranges: bytes
content-length: 81224

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 22ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 3358
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7980233008252c43-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Feb 2023 21:22:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 362 KB
119 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2942421038636354&plah=loto.hijera.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

923ff900d72cb7a3653d29478fd391d0b4dbe2b8e7c97fe303e2e87a7b37bcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121766
x-xss-protection: 0
server: cafe
etag: 11830944126611355279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 21:22:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame D879 10 KB
5 KB 94ms
19ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 15:23:13 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 15:23:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 49ms
48ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7ME373V6KJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70788e6991b7e709e63fb230841927e8674ed711c113a8e17a90b7b6c14d008e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Feb 2023 21:22:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 93ms
19ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 11 Feb 2023 21:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 594
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 11 Feb 2023 23:12:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 195ms
42ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=loto.hijera.com&callback=_gfp_s_&client=ca-pub-2942421038636354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2942421038636354&plah=loto.hijera.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

170ff22a6adc1ffcd41089e06dac034fc59db434e4f4bf907cee8ef735c24b36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 119ms
43ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 119ms
43ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED2D 154 KB
44 KB 560ms
560ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&adk=1812271804&adf=3025194257&lmt=1664012409&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Floto.hijera.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520361&bpp=2&bdt=1355&idt=73&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6027464753753&frm=20&pv=2&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=95

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eb1d0c0f1181a3b7dbbd915039c3840628a75aefb5fdcb419fe601fb0ff2c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:22:00 GMT
expires: Sat, 11 Feb 2023 21:22:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B523 82 KB
30 KB 1036ms
1036ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520477&bpp=2&bdt=1471&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6027464753753&frm=20&pv=1&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=84AzBTVBBL&p=https%3A//loto.hijera.com&dtd=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a8f9abd308179960f8287cd9be1b1a2ea687b689c4599a4f30404f65f18e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 30956
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:22:01 GMT
expires: Sat, 11 Feb 2023 21:22:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 42ms
41ms XHR
text/plain 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1215332535&t=pageview&_s=1&dl=https%3A%2F%2Floto.hijera.com%2F&ul=en-us&de=UTF-8&dt=%D8%A3%D9%83%D8%A8%D8%B1%20%D9%85%D8%B3%D8%A7%D8%A8%D9%82%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D9%88%D8%B7%D9%88%205%20%D9%85%D9%84%D9%8A%D9%88%D9%86%20%D8%A7%D9%84%D9%89%20%D8%AC%D8%A7%20%D9%81%D9%8A%D9%83%20%D8%B1%D9%82%D9%85%207&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1928012401&gjid=1343284229&cid=1326607963.1676150520&tid=UA-149995183-3&_gid=763696099.1676150521&_r=1&gtm=457e3280&z=1012435062

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://loto.hijera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 21:22:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loto.hijera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 36ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7ME373V6KJ&gtm=45je3280&_p=1215332535&cid=1326607963.1676150520&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676150520&sct=1&seg=0&dl=https%3A%2F%2Floto.hijera.com%2F&dt=%D8%A3%D9%83%D8%A8%D8%B1%20%D9%85%D8%B3%D8%A7%D8%A8%D9%82%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D9%88%D8%B7%D9%88%205%20%D9%85%D9%84%D9%8A%D9%88%D9%86%20%D8%A7%D9%84%D9%89%20%D8%AC%D8%A7%20%D9%81%D9%8A%D9%83%20%D8%B1%D9%82%D9%85%207&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ME373V6KJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 21:22:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loto.hijera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 150 KB
51 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eabeb3570a2ad2e8b80646bd6f73690292bc5480e4135885e335f0c1c59f0e88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52319
x-xss-protection: 0
server: cafe
etag: 13909942572112901069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 44ms
43ms Script
application/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 42ms
42ms Script
application/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 97CD 10 KB
4 KB 20ms
20ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 64047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 03:34:34 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 03:34:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 97CD 4 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 20:35:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 97CD 205 B
294 B 86ms
22ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 20:15:47 GMT
x-content-type-options: nosniff
age: 3974
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Feb 2024 20:15:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 97CD 604 B
1 KB 85ms
21ms Image
image/png 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:57:58 GMT
x-content-type-options: nosniff
age: 5043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Feb 2024 19:57:58 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame 97CD 20 KB
8 KB 102ms
38ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 07:08:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8363
x-xss-protection: 0
server: cafe
etag: 13687106600067785872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 07:08:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 75ED 8 KB
968 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 21:07:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 75ED 2 KB
1 KB 22ms
19ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 75ED 22 KB
9 KB 26ms
24ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 75ED 3 KB
1 KB 38ms
36ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 75ED 18 KB
8 KB 27ms
25ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75ED 156 KB
48 KB 111ms
79ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 75ED 33 KB
14 KB 24ms
23ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 15:23:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FBB9 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:11:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FBB9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
44ms

Document
text/html

2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:22:01 GMT
expires: Sat, 11 Feb 2023 21:22:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:22:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 6535 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B523 4 KB
621 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520477&bpp=2&bdt=1471&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6027464753753&frm=20&pv=1&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=84AzBTVBBL&p=https%3A//loto.hijera.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 19:33:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B523 2 KB
799 B 28ms
24ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame B523 22 KB
9 KB 23ms
20ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B523 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame B523 18 KB
8 KB 25ms
23ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 15:23:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 15:23:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B523 156 KB
48 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame B523 33 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:400d:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 15:23:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B523 0
0 63ms
62ms Fetch
text/html 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CX5XW-AboY6L1H7yX7AO1yb7YAYizhYVt99iNoPkQ1obezuMvEAEgq7iZamCV4pCCoAegAbT6jZUByAEJqQKf-_EO8umxPqgDAcgDywSqBN0BT9CRzvJbvjFfKn3H9Sj9P3AH37B5R6LK9lgG5G8gMbgpSk4l-uHn8KQEotrbX7NogIGG_VJ-4j6LxLUDsms4ALFFWuGqYuVpFzyQry_zU5MUcVB73K0ldAgIz-x_h2MO_txMASg60oxDvH9U5o4PfzosB3_dLdSLx-LjHdWhJiLXbrFOogUWYG9c3dm2aaQaK0GNak_0DwSIJU2lNvoBQsgjp_6d4k6NZ90lWGj_F6teDgRbdgal6bpY1sUZ4dtBczb32qzJvJGus6davqHyJ49HavFbEEmmP0Xqr5rABNmXkeL6A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe0hfLqAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPTzB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0yOTQyNDIxMDM4NjM2MzU0GAA&sigh=068I9c6l2gU&uach_m=[UACH]&cid=CAQSGwDUE5ymGBqc6Eo8oi43qCwwrjWIPx98iPXyWRgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676150520477&bpp=2&bdt=1471&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6027464753753&frm=20&pv=1&ga_vid=1326607963.1676150520&ga_sid=1676150520&ga_hid=1215332535&ga_fc=0&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1476&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071755%2C31072254%2C44779793%2C31071266&oid=2&pvsid=2094791075913930&tmod=828649939&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=84AzBTVBBL&p=https%3A//loto.hijera.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Feb 2023 21:22:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Feb 2023 21:22:01 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/10435673335357094899/ Frame B523 66 KB
66 KB 97ms
95ms Image
image/jpeg 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10435673335357094899/6592766407814317453

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10b90e11d56f67e4ef24053c1adc936139f718ec715997e0c163b5acab89912c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:01 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67396
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 20:51:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Feb 2024 21:22:01 GMT

GET
H2 200 11029449707852898095
tpc.googlesyndication.com/simgad/ Frame B523 5 KB
6 KB 22ms
20ms Image
image/png 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11029449707852898095

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

412f165b11085257ac25608c9085c78eca0fce0997df856e45dd3f4f9adc8a8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 08:11:07 GMT
x-content-type-options: nosniff
age: 47454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5380
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 19:47:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Feb 2024 08:11:07 GMT

GET
DATA 200
OK truncated
/ Frame B523 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3caec5fd5b5494f785279b8c138e3a74ca49e93b83a252466414d3ffad23f416

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B523 15 KB
16 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:15:34 GMT
x-content-type-options: nosniff
age: 194787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 15:15:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame B523 15 KB
15 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 198985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Feb 2024 14:05:36 GMT

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 44F6 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 71ms
54ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5124e2a6b4fba717a82fb6deb3ee8eef806c7ab4587deb5a0161fa4d83669772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11224
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
71ms Script
text/javascript 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 21:22:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9935 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 107008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 15:38:34 GMT
expires: Sat, 10 Feb 2024 15:38:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 28AE 783 B
971 B 45ms
44ms Document
text/html 2a00:1450:400d:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8163fe97bd24da74f3fce5b8d572650f8a871cf307aa9f9929f47f01f7906687

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7npQK3PsnpB80SQEjK33LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-7npQK3PsnpB80SQEjK33LA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:22:02 GMT
expires: Sat, 11 Feb 2023 21:22:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9935 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 28AE 0
0 40ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=2094791075913930&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9935 0
10 B 20ms
20ms Image
text/plain 2a00:1450:400d:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Y-6Tkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:22:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
43ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=2094791075913930&bg=!ZmWlZTHNAAaq5O5FiuQ7ADkAdvg8WqqyvSwvClpkItV4z1B49PUVty7NvD0TQFR1z5t_e_vzUE0lnt6m08A2FwqMTO8Qo8EQ8g0CAAAATlIAAAADaAEHmQKo1zc2X1WbIiTq9BcTFXTXXRG9WAwjQhFWWAoJXy0Ahdl6SV17QMzI5fp0fdfSY2Peaia5WEhLwtOzZpKVyg6J-ugLZNTCSuk4dRbikRtLBUF0f_PmHpJwecLPREEFMJiL6XbbrDIHtIz4eIxbM0NKEuu0VFFZ61GwYwKuDd5iCHZfiLZZFZAf9UC6bmewxzfTIwQdikXjHSk30roTP3wSxCLgVlxwri-hceVBqTT_kks4s9sQuuMfYwN7xI5b7LAjNVISQzmErjWafnbw0ON7hmvg7c3TOaudro8xHnaYSMYMbWNnDX6dqdJHyl0R7XOcsI5VAoVJski51v4J1mPzqZ_nWMyUeBmAXpQe9a8sT9E06-nKDB2yzuNCm_C_2FNSblgTpr8RVXDBb1b6XeUTRw4W5ZQfemmv8OrWamqzjavfBCdpxEh_e_3zBROaI2DmTryEtbIv9G6_ZJtQe8JoT1VOfqh7i4h0pzcXZYAOZ1BhJUwrah4Hz6_tH1ngFmJ8RFLX1g9z0iNec-nuua7jI40es-fQA5-SEfbpdBVHhqz_7m0-aNYo-NEPBSH31Rk7Fs8Tc6HXYpcA1DhpUZWoNPk5bvGY-ZEdF36WvKTWkH52KlDs2AALPJQ-8BVaKyOPFAvoFJRkAfhK58wnQ0UDT0_ZJKDRqzhcW_25iyoh3RjsGUf3MDYMIx-p3sfEu-yYffk9n52vjRnDXwcds2Onr1DVmsCV88Smuab4CdFMqx7oyebHD-6mLnwITkH1B2tjO9Yr-9hQMIG4O9LJPTjQQ8M0Op6EYVajYI2Od6lFzDQjF5fwz_L170qASWfTnYcuC2khqCMPZN4TPxwhrRG9JynAmsw8Dqpg5AB8GJypnu1MD_uT8Ry0yXUf0AmR4Hm-w3OxADO6ZwM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hijera.com/	1970-01-20 09:37:16	Name: _gid Value: GA1.2.763696099.1676150521
.hijera.com/	1970-01-20 09:35:50	Name: _gat_gtag_UA_149995183_3 Value: 1
.hijera.com/	1970-01-20 19:11:50	Name: _ga_7ME373V6KJ Value: GS1.1.1676150520.1.0.1676150520.0.0.0
.hijera.com/	1970-01-20 19:11:50	Name: _ga Value: GA1.1.1326607963.1676150520
.hijera.com/	1970-01-20 18:57:26	Name: __gads Value: ID=eabbc412094ed6e2-22f0d083f8db00d2:T=1676150520:RT=1676150520:S=ALNI_Mby-HzNGrUKIf2ipooifDKVrx1-Gg
.hijera.com/	1970-01-20 18:57:26	Name: __gpi Value: UID=00000bb3d4f5f09c:T=1676150520:RT=1676150520:S=ALNI_MaeF9loLQV4nao2MjjHi-sDNJ63OA
.doubleclick.net/	1970-01-20 09:35:54	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 18:57:26	Name: IDE Value: AHWqTUkz_OHpA9xMIfgyA260qZR82UfXHaA2ZKQe9iNqBsxMAsbrfGwOeb4UnydgxKc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loto.hijera.com/js/cfms.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
fontlibrary.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
loto.hijera.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:32::36
2606:4700:3035::6815:2b79
2606:4700::6812:e234
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:400d:802::2002
2a00:1450:400d:802::200e
2a00:1450:400d:805::2001
2a00:1450:400d:805::2002
2a00:1450:400d:805::2003
2a00:1450:400d:806::2008
2a00:1450:400d:807::2002
2a00:1450:400d:808::2004
2a00:1450:400d:80d::2002
45.56.91.11
013a35c8ccd65a201eee6860d6020d5aa9718485a40b3969ade69564ce3de724
02a37e132ade040f91f52464b40f747fea63bae0dd61a0286b7d850078075733
02e9c70274eef18d6e3b438c593762a08f6eed46bae848789b6a8285a39d5a5a
040392dfdfdb57cfca61af538baf6767db388f6c6ba611ab68435ad701c83253
06035e1ce818608c1b28618e4236796d6a7eee24ab8c3fee372126bee1596bb5
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0c7ce602528ab3de7ae7728f93fc0731d3e38e74bf7cbfd27efaf5d9c85044dc
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
0f43aedbc350e90a0daf474f41eec2b0b8cb1728ef1019ac3c9df35aafabc9ab
10b90e11d56f67e4ef24053c1adc936139f718ec715997e0c163b5acab89912c
1270009c93f733a7e957a7ad3f9814e505304bf1852db3d434b14b2c73ec159c
170ff22a6adc1ffcd41089e06dac034fc59db434e4f4bf907cee8ef735c24b36
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc5b0b3a8fbf5ef69b2dac141a864474a6e3dbf55380170299e71814a0346ac
23c82a3f1273463923e568949e251ce25d179de92b5506ccea347dd89a4a018e
26fbef4411227fbb182f0dc62de61bc03585b17e5bd1e10ddf2670ffb60e24cd
27abebdc7c5eb879a3100c3cc3695632438b229be6c7156220b3d900bdd64c71
2ca0f7f374c293b21c3e727da206e763b16c5eb118bf60411675d6a7b9bb53c9
2eb1d0c0f1181a3b7dbbd915039c3840628a75aefb5fdcb419fe601fb0ff2c03
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33baa62490122e3d60498420f5c46e3deabdbc1c31c5b011156194af8555d27b
3654254eb29dacff7b77fc66b44ee0e7429cb96c3bd5a483859d13fccef5c809
3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc
36f536382323af52185970048e4dc397a0371f50e8dead0ae3839993e0d97ff2
3c9343a766e28b630e376b44070c88aacfbdda839602f87b8a56ec9a53b214b9
3caec5fd5b5494f785279b8c138e3a74ca49e93b83a252466414d3ffad23f416
3e3bf8af0efd6f432a7e869844f0e0c77aa44c00b06069fb46c2be1313ddeafa
412f165b11085257ac25608c9085c78eca0fce0997df856e45dd3f4f9adc8a8b
41cb21545b545e1acd2b4886c5556b321b0a087c8e381e560136b2c9057932e9
477c7afb0e442b9ba4844ba9a3cec3840f479eb2805bfb3f7de1e6813c623ce1
4c0dc944edac0beac1a2e3ee52021882a0e03c90a4acd81aaf1f1766603c1d65
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5124e2a6b4fba717a82fb6deb3ee8eef806c7ab4587deb5a0161fa4d83669772
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571bccfea3505f4e4ebd31ae7af5e67dd7e98ecda2accfe6b80d956cd53f5bc3
595017561ccb711f784b01ec7c62e1b9f12d7fb6e625f8b695f5d75add4da80c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6791953d4848f7ffacdf4c7c43bb7c436c8cb96d37dfbe0ec6214bea3ea0e7f2
6857fab2c1d1e89c6d993692dd1bf6abfaf1f663526010b9ea0fcea0fba3a1fd
699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7040f10ea2784dac767bff8c3bf6518984befc5faaff696c060c50240a4daea0
70788e6991b7e709e63fb230841927e8674ed711c113a8e17a90b7b6c14d008e
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61
764138211823225cdf47afe43b7db68ae158893ad12595be2765008cf14539a0
8163fe97bd24da74f3fce5b8d572650f8a871cf307aa9f9929f47f01f7906687
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6
8b66526de2d4a7165d7a43534675d222b348e5a7de88253b7c5af8d2435fcbd2
923ff900d72cb7a3653d29478fd391d0b4dbe2b8e7c97fe303e2e87a7b37bcd1
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa12be838e4198d935848abb0af4f2f7c8d997f61999a00e440c6caa6a4e2191
aa3e3c3bb7a10991288a87eae27221917d43a3c5f5f854b3d1b9c5deec899dbd
adfc4e127ee0b08c659ac8b67b8487535bb2962f46e79a1cbf7822248e2b2c8a
ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0
ae95052784ccea40a6138037a0d99cf0cab0541ab4e94574398c99fc9fdb3487
b1a8f9abd308179960f8287cd9be1b1a2ea687b689c4599a4f30404f65f18e80
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
bf618eacf329229fdc32975bbd3cf03e2627a180d69b6a4806c49badc1608d9f
c2663561f9bd4141ad340c6e344edaa435525a64cf59f4350ddd4a716be1a890
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cc777c7112d34e1a46accc1ae0164635adc2e0ff2ea0e227d73ff1439d0b9e9f
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d4e12eb9ba3e585951accc67459078f16eef9213ec6a983710247c8c7924fb9c
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829
dee4be88c74b613a534da75a7ab36b894f95dcf4a12d420bca52899a06c458e1
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eabeb3570a2ad2e8b80646bd6f73690292bc5480e4135885e335f0c1c59f0e88
f0631422a87c9c9801680d15c611b37f2e32086d18db1d6c67a1913c5957904b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f684fc01dedcba31762a7a8f36ecc14e77a5af002b02750afdf83863d078b075
f77ad1eab39bd1af3241d5c60009ced8cf09f9a02e7495db9825d5cc91424b5f
f94d2fb1737b84ba35ebf0d4f7deb5af5d4de7763d1c6a515ffd9b27876a4099
f9c38d77b0c72edbb224caa228a92958cd58656b51e45e0be1b899901e3af58f

loto.hijera.com Open in urlscan Pro 2606:4700:3035::6815:2b79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

100 %HTTPS

94 %IPv6

13 Domains

17 Subdomains

18 IPs

3 Countries

3053 kBTransfer

4959 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

loto.hijera.com Open in urlscan Pro
2606:4700:3035::6815:2b79 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

100 %
HTTPS

94 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

3053 kB
Transfer

4959 kB
Size

8
Cookies

105 HTTP transactions
1 data transactions