urlscan.io logo urlscan.io
SecurityTrails logo

winthelotterycorp.com Open in urlscan Pro
209.17.116.160  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://winthelotterycorp.com/
Effective URL: https://winthelotterycorp.com/
Submission: On March 06 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 209.17.116.160, located in United States and belongs to NETWORK-SOLUTIONS-HOSTING, US. The main domain is winthelotterycorp.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 31st 2022. Valid for: a year.
This is the only time winthelotterycorp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 209.17.116.160 19871 (NETWORK-S...)
1 2a00:1450:400... 15169 (GOOGLE)
8 3.67.22.251 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 13.224.194.46 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
1 34.236.246.67 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 192.229.221.25 15133 (EDGECAST)
1 151.101.65.21 54113 (FASTLY)
1 151.101.129.35 54113 (FASTLY)
3 18.66.15.78 16509 (AMAZON-02)
41 14
16    209.17.116.160 (United States)

ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
winthelotterycorp.com
1    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    3.67.22.251 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
app.shopsettings.com
2    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    13.224.194.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-46.fra2.r.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
1    2600:9000:21f3:2e00:1f:f560:8d00:21 (United States)

ASN16509 (AMAZON-02, US)
d3dq8sxcny4hg.cloudfront.net
1    34.236.246.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-246-67.compute-1.amazonaws.com
ecomm.events
2    2606:4700:10::6816:28ad (United States)

ASN13335 (CLOUDFLARENET, US)
static-cdn.edit.site
rest.edit.site
1    2600:9000:20eb:2800:1c:b536:2c40:21 (United States)

ASN16509 (AMAZON-02, US)
d1oxsl77a1kjht.cloudfront.net
1    192.229.221.25 (United States)

ASN15133 (EDGECAST, US)
www.paypalobjects.com
1    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    151.101.129.35 (United States)

ASN54113 (FASTLY, US)
t.paypal.com
3    18.66.15.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-78.vie50.r.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
Apex Domain
Subdomains		 Transfer
16 winthelotterycorp.com
winthelotterycorp.com
2 MB
9 cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
d1oxsl77a1kjht.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
1 MB
8 shopsettings.com
app.shopsettings.com — Cisco Umbrella Rank: 222681
30 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2411
t.paypal.com — Cisco Umbrella Rank: 3199
6 KB
2 edit.site
static-cdn.edit.site — Cisco Umbrella Rank: 211140
rest.edit.site — Cisco Umbrella Rank: 179893
2 KB
2 gstatic.com
fonts.gstatic.com
59 KB
1 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2235
189 KB
1 ecomm.events
ecomm.events — Cisco Umbrella Rank: 37815
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
41 9
Domain Requested by
16 winthelotterycorp.com 1 redirects winthelotterycorp.com
8 app.shopsettings.com winthelotterycorp.com
app.shopsettings.com
4 d3cy3u1txmkqs3.cloudfront.net app.shopsettings.com
3 d2j6dbq0eux0bg.cloudfront.net winthelotterycorp.com
2 fonts.gstatic.com fonts.googleapis.com
1 t.paypal.com winthelotterycorp.com
1 www.paypal.com www.paypalobjects.com
1 www.paypalobjects.com
1 d1oxsl77a1kjht.cloudfront.net app.shopsettings.com
1 rest.edit.site winthelotterycorp.com
1 static-cdn.edit.site winthelotterycorp.com
1 ecomm.events app.shopsettings.com
1 d3dq8sxcny4hg.cloudfront.net app.shopsettings.com
1 fonts.googleapis.com winthelotterycorp.com
41 14
Subject Issuer Validity Valid
winthelotterycorp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-31 -
2023-04-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.shopsettings.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-03-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-08 -
2023-05-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.ecomm.events
R3		 2023-01-08 -
2023-04-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-26 -
2023-05-26		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-11-09 -
2023-12-10		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh

This page contains 2 frames:

Primary Page: https://winthelotterycorp.com/
Frame ID: F56EBC1850907D448074A8B0D1DCFA95
Requests: 40 HTTP requests in this frame

Frame: https://d3cy3u1txmkqs3.cloudfront.net/static/br/2023-10002-g14c58ac0b29b01/5DF6FB449ECC16CBDDD72960429863EE.cache.js
Frame ID: C7EA02F4F33AEF3A898E2699EA7C07B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lottery Number Lists | W.T.L.C.

Page URL History Show full URLs

  1. http://winthelotterycorp.com/ HTTP 301
    https://winthelotterycorp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

41
Requests

100 %
HTTPS

38 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

3076 kB
Transfer

9290 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://winthelotterycorp.com/ HTTP 301
    https://winthelotterycorp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
winthelotterycorp.com/
Redirect Chain
  • http://winthelotterycorp.com/
  • https://winthelotterycorp.com/
82 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
25685c0de4fdeb07e6a8d7238466f4328b7e18063448a42be6f2a89122c97b97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Mon, 06 Mar 2023 23:00:43 GMT
etag
W/"14737-5e3a45a84422b"
last-modified
Tue, 12 Jul 2022 23:51:56 GMT
referrer-policy
no-referrer-when-downgrade
server
openresty/1.19.9.1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-webcom-cache-status
BYPASS
x-xss-protection
"1; mode=block"

Redirect headers

Connection
keep-alive
Content-Length
175
Content-Type
text/html
Date
Mon, 06 Mar 2023 23:00:42 GMT
Location
https://winthelotterycorp.com/
Server
openresty/1.19.9.1
publish.css
winthelotterycorp.com/bundle/publish/0.4.641/ 		480 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/publish.css
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
f3e324afc2d965696e19bb684c34f54f4022d3df24df2d9933a549ef5b1c590a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:51 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
content-encoding
gzip
etag
W/"78162-5e3a45a37627d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
"1; mode=block"
168311fe-a8b5-4dc7-b682-aa42f6f6a6ac.css
winthelotterycorp.com/styles/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/styles/168311fe-a8b5-4dc7-b682-aa42f6f6a6ac.css?v=1657666139000
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
80239c7b530ad7b3b681bed792f56cb742ddc86d3172e859cc64c420baf488d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:55 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
content-encoding
gzip
etag
W/"3fce-5e3a45a78d82d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
"1; mode=block"
ecommerce.css
winthelotterycorp.com/bundle/publish/0.4.641/ 		304 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/ecommerce.css
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
a6a41dce7dbc788846c83c5b65365499b560e0bf15f8ec83d2b6d47ce3360982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:54 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
content-encoding
gzip
etag
W/"4be49-5e3a45a629cd8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
"1; mode=block"
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500,600,700%7COswald:300,400,500,600,700%7CPT+Sans:300,400,500,600,700%7Cvar(--font_secondary):400,600%7Cdisplay=swap
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff69b4345df132652c8bab7bb63c1cc4cc07bea4569a48887f1abd00babf0085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 Mar 2023 23:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 Mar 2023 23:00:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 Mar 2023 23:00:43 GMT
logo_in-5016(8).png
winthelotterycorp.com/__static/6d5eccfc2deec547eb13fce2c3c61c8f/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winthelotterycorp.com/__static/6d5eccfc2deec547eb13fce2c3c61c8f/logo_in-5016(8).png
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
b8c92ffac1c3dbb8c3dffeb8dd12c5aaca7802cc517034cf7272e17b3de67463
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:52:32 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"265f-5e3a45cb0000e"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
9823
x-xss-protection
"1; mode=block"
image_desktop
winthelotterycorp.com/__static/ce1081c3-d21c-40cb-ae29-83400d7072e8/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winthelotterycorp.com/__static/ce1081c3-d21c-40cb-ae29-83400d7072e8/image_desktop
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
0813d7a0063b4c30f1863072477c12d612530832d51b8bd8ed9df0c56063e4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:52:46 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"5a49-5e3a45d893552"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
23113
x-xss-protection
"1; mode=block"
image_desktop
winthelotterycorp.com/__static/74c1016cc4e0df1d/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winthelotterycorp.com/__static/74c1016cc4e0df1d/image_desktop
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
ad8c982d6657b03e13a51c5ccb29c111c870abe20ddad4f9c80f22c8372d8392
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:52:36 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"704e-5e3a45cee68c3"
x-frame-options
SAMEORIGIN
content-type
image/png
accept-ranges
bytes
content-length
28750
x-xss-protection
"1; mode=block"
script.js
app.shopsettings.com/ 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/script.js?72137502
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bb6b9ab8bc91864cfc3651af5ace6203375c40d4a01e019a87657d2c39be4e29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 23:00:44 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"-2062147255"
Transfer-Encoding
chunked
Access-Control-Max-Age
600
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private,must-revalidate,max-age:3
Vary
Accept-Encoding
Connection
keep-alive
Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
vendors.js
winthelotterycorp.com/bundle/publish/0.4.641/ 		519 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/vendors.js
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
6da0a62838e5e86b4861eca78cef05a1b9e0b3e746b9acd9233ff85c2b7bc670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:52 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
content-encoding
gzip
etag
W/"81d27-5e3a45a46a895"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
"1; mode=block"
bundle.js
winthelotterycorp.com/bundle/publish/0.4.641/ 		493 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
4dd17f1edcd84f8bd4e94b3226a272525bcb9e963b872f0e62257c22ea3b45be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:43 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:53 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
content-encoding
gzip
etag
W/"7b374-5e3a45a55a0c0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
"1; mode=block"
truncated
/ 		424 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dc2fb27d0ca4f68c2f27c138a07614b8a98fcf45df6acecc40033e8c8fd4d39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v23/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,600,700%7COswald:300,400,500,600,700%7CPT+Sans:300,400,500,600,700%7Cvar(--font_secondary):400,600%7Cdisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winthelotterycorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:41:24 GMT
x-content-type-options
nosniff
age
479960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34112
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:11:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:41:24 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500,600,700%7COswald:300,400,500,600,700%7CPT+Sans:300,400,500,600,700%7Cvar(--font_secondary):400,600%7Cdisplay=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://winthelotterycorp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Wed, 01 Mar 2023 09:20:13 GMT
x-content-type-options
nosniff
age
481231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Feb 2024 09:20:13 GMT
new-frontend.en.-2107557822.js
d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/ 		252 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/rosetta/translations2022/new-frontend/files/new-frontend.en.-2107557822.js
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
731665e6f77413518414f0045f0e9d03947970d2c2c3f502f13485ac6e05bb7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 12:09:00 GMT
content-encoding
gzip
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-version-id
nH6aw.EKJbL.DjpfyDuIiBoiJAfitAmF
last-modified
Tue, 21 Feb 2023 12:04:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1162304
etag
W/"59549adf13f90bab5953ed87df59af33"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
x-amz-cf-id
bhlw1aj3P5ZMvvk-jEgyXwtnLetHi5cbGE3nFnnGYNXFkoyLnHx2vQ==
ecwid-storefront.bf3958cc7b0ca2447c1bad2ee97138c3.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 		1 MB
234 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-storefront.bf3958cc7b0ca2447c1bad2ee97138c3.min.js
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-46.fra2.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
ef7c05f54d6fb7f4de07f2ebbf9f9090cea220d1452cfa55b41827099ffb0cae
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:17:16 GMT
content-encoding
gzip
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
server
nginx/1.19.0
x-amz-cf-pop
FRA2-C1
age
53008
etag
bf3958cc7b0ca2447c1bad2ee97138c3
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
R-lzGQTvIVvnjYpl0KkswsveUZWiTRay5ztnZzR1NE999e8c8Dg94Q==
states.js
d3dq8sxcny4hg.cloudfront.net/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3dq8sxcny4hg.cloudfront.net/states.js?version=2023-10002-g14c58ac0b29b01&callback=window.ecwid_states_data.loaded
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:1f:f560:8d00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3cd9f72f2f51b5991d4bab2a4c1ecf75f4fb610879cc5340dbdd09872530bc30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 09:08:14 GMT
content-encoding
gzip
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA2-C2
age
49949
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=2592000
content-length
22849
x-amz-cf-id
yUG2L88saMqdvvs4NherZnOJGXFXTFDEtRXpoVPK5mrQumMdJcRkqg==
data.js
app.shopsettings.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/data.js?ownerid=72137502&lang=en&token=c924b48908cbc0de71d7f319653813a94d1f75ce&callback=window.ecwid_initial_data.data.doInit
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
04c04e65e789a022ea477187dc2438923959390ad3afe1bcb66559379a05d1ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 23:00:45 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Content-Length
6117
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
i.js
ecomm.events/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecomm.events/i.js
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.246.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-246-67.compute-1.amazonaws.com
Software
nginx/1.19.0 /
Resource Hash
c648bc3960d36813170173b7a3d8ab456e4bfd21e534ceda639faf84ed59693a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
server
nginx/1.19.0
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
mkv_f-4309-qc-update.jpg
winthelotterycorp.com/__static/625fae741163cc83ad91593d571e2678/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winthelotterycorp.com/__static/625fae741163cc83ad91593d571e2678/mkv_f-4309-qc-update.jpg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
a62eecf557e84d4eec099ad190835c7bd6b56a8294e4505924aad7ba240951e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:52:42 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"1ff29-5e3a45d4bc6ee"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
130857
x-xss-protection
"1; mode=block"
shutterstock_263344688(2).jpg
winthelotterycorp.com/__static/5ee70ace0c79476888b9d72f5f56cb5f/ 		726 KB
728 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://winthelotterycorp.com/__static/5ee70ace0c79476888b9d72f5f56cb5f/shutterstock_263344688(2).jpg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
4a68979cf4e31f0d369fc89f919ee8cd6cbb519748e71c84fd0622d3f9d2ba60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:53:04 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"b59e3-5e3a45e93a87a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
content-length
743907
x-xss-protection
"1; mode=block"
global.svg
winthelotterycorp.com/bundle/publish/0.4.641/svg/ 		65 KB
65 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/svg/global.svg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
5a514b7e4f182ad5d27520623de23ab86519c70700964405e3899a7ab7d54755
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:48 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"102d0-5e3a45a0ed3e1"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
66256
x-xss-protection
"1; mode=block"
templates.svg
winthelotterycorp.com/bundle/publish/0.4.641/svg/ 		92 KB
93 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/svg/templates.svg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
0b29465d75cc1d3e0a2b79873e66caad7d2fd4486c23e2d789d211b92c889fc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:49 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"170b2-5e3a45a1b00e1"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
94386
x-xss-protection
"1; mode=block"
publish.svg
winthelotterycorp.com/bundle/publish/0.4.641/svg/ 		22 KB
22 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/bundle/publish/0.4.641/svg/publish.svg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
5085396d0d1d26ddbfb420f47958cb5d37e11d0558fb01dd10c50ddd265cf81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:51:50 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"56bf-5e3a45a2706ff"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
22207
x-xss-protection
"1; mode=block"
icons.svg
winthelotterycorp.com/__static/ 		992 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://winthelotterycorp.com/__static/icons.svg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.17.116.160 , United States, ASN19871 (NETWORK-SOLUTIONS-HOSTING, US),
Reverse DNS
Software
openresty/1.19.9.1 /
Resource Hash
175d02176e20774b70856d891dbd35cd39f89495705a3b42cf52cf85eb283bde
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Jul 2022 23:54:17 GMT
server
openresty/1.19.9.1
x-webcom-cache-status
BYPASS
etag
"3e0-5e3a462e8a291"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
accept-ranges
bytes
content-length
992
x-xss-protection
"1; mode=block"
969.json
static-cdn.edit.site/resellers-settings/ 		456 B
1017 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.edit.site/resellers-settings/969.json
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4856e0dec33026cfa9c040c56dada72450186453f78c629c06954ab1b5f8064f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
age
1950
x-guploader-uploadid
ADPycdvtwOGrQfHn8f3p-bJI5XCYB81swxs-zvoAKf_pJtIFF9Sx3DriSii2bq8uDJRsccKvRVmCg-Dyb-c3TfemM1pvL2lx-PcC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Oct 2022 06:43:58 GMT
server
cloudflare
etag
W/"c38d1b43c70f873ea3ec8171fde57c00"
x-goog-hash
crc32c=MDsX9w==, md5=w40bQ8cPhz6j7IFx/eV8AA==
x-goog-generation
1666680238073368
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600, no-cache, no-store, must-revalidate
x-goog-stored-content-length
456
cf-ray
7a3e37738ec3365d-FRA
expires
Mon, 06 Mar 2023 23:28:14 GMT
geoip
rest.edit.site/geoip-service/ 		326 B
632 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rest.edit.site/geoip-service/geoip
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:28ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14cf33c8650b5c60ddc5f30ee5d2f7f5c3ec851ca96c56a66ca0366e34a8bb5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
strict-transport-security
max-age=2592000; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7a3e37738f143723-FRA
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
5DF6FB449ECC16CBDDD72960429863EE.cache.js
d3cy3u1txmkqs3.cloudfront.net/static/br/2023-10002-g14c58ac0b29b01/ Frame C7EA 		2 MB
478 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/static/br/2023-10002-g14c58ac0b29b01/5DF6FB449ECC16CBDDD72960429863EE.cache.js
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-46.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
627d8df9384d19b6a78b77cfb61a65c2f3892eeea9dee8702964628787923eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 09:08:15 GMT
content-encoding
br
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-version-id
jNdWkoPslJGNty1yNbXvnlJKWMFJ58UO
x-amz-cf-pop
FRA2-C1
age
49950
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
488890
last-modified
Mon, 06 Mar 2023 08:52:48 GMT
server
AmazonS3
etag
"545d91ddc7ad1d705dcb5f89ae053591"
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BLKWp8alcDkX1nEX79EK1xuLrxpwnxEa95NPpgy7amZ6dRsUpfQ7bA==
new
d1oxsl77a1kjht.cloudfront.net/css/ 		820 KB
102 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1oxsl77a1kjht.cloudfront.net/css/new?hc=-1545290838&ownerid=72137502&withoutLegacyCss=true&frontendV2&color-background=rgba(255%2C%20255%2C%20255%2C%200)&useExactGalleryColors=false
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:1c:b536:2c40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5d27fa6c92bb6f0037a238a2bf5e94f4201519215c0c2a96c6efbe2237c943f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:44 GMT
content-encoding
gzip
via
1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
etag
"-1545290838"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css;charset=utf-8
cache-control
public, max-age=31536000
x-amz-cf-id
TCMROI-ku9EjOuZk0MUR-GLfCjCLufirrh3FFjqqJRYFzGHD2HlVlQ==
rpc
app.shopsettings.com/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/rpc?ownerid=72137502&customerlang=en&version=2023-10002-g14c58ac0b29b01
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d3cy3u1txmkqs3.cloudfront.net/static/br/2023-10002-g14c58ac0b29b01/
X-GWT-Permutation
5DF6FB449ECC16CBDDD72960429863EE
Referer
https://winthelotterycorp.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1600;1200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 23:00:46 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
rpc
app.shopsettings.com/ 		12 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/rpc?ownerid=72137502&customerlang=en&version=2023-10002-g14c58ac0b29b01
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6

Request headers

X-GWT-Module-Base
https://d3cy3u1txmkqs3.cloudfront.net/static/br/2023-10002-g14c58ac0b29b01/
X-GWT-Permutation
5DF6FB449ECC16CBDDD72960429863EE
Referer
https://winthelotterycorp.com/
X-Ecwid-Device-Measurement
WEB_DESKTOP;1600;1200;96;1600;1200
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 06 Mar 2023 23:00:46 GMT
Server
nginx
Connection
keep-alive
Content-Disposition
attachment
Content-Length
12
Content-Type
application/json;charset=utf-8
profile
app.shopsettings.com/api/v3/72137502/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/api/v3/72137502/profile?token=public_DUQquiCwCFzdW8xcJSuGiNpKQFSifcDH
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a74a28a7c340d635f0f2b798eaea753abfa84702a89d54e0a4e872eb752ef78f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 23:00:45 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"787790769"
Access-Control-Max-Age
36000
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
2183
checkout.min.js
www.paypalobjects.com/api/ 		862 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host:
URL: ru.cdev.xnext.frontend.LegacyFrontend-0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C88) /
Resource Hash
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
HIT
paypal-debug-id
faaa907d8538b
dc
ccg11-origin-www-1.paypal.com
content-length
192776
last-modified
Mon, 25 Apr 2022 17:04:48 GMT
server
ECAcc (frc/4C88)
traceparent
00-0000000000000000000faaa907d8538b-394e7df8d166f84c-01
etag
W/"6266d4b0-d7987"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
access-control-allow-headers
x-csrf-token
expires
Tue, 07 Mar 2023 23:00:45 GMT
ecwid-checkout.2136fdeff94132b326a64e22eb39ad64.min.js
d3cy3u1txmkqs3.cloudfront.net/venera/static/ 		744 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3cy3u1txmkqs3.cloudfront.net/venera/static/ecwid-checkout.2136fdeff94132b326a64e22eb39ad64.min.js
Requested by
Host: app.shopsettings.com
URL: https://app.shopsettings.com/script.js?72137502
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-46.fra2.r.cloudfront.net
Software
nginx/1.19.0 /
Resource Hash
3a4bc628dca4827738952685603ee991a9478c64fb232391a07b1e262ac143b7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 08:17:18 GMT
content-encoding
gzip
via
1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
strict-transport-security
max-age=15724800; includeSubDomains
server
nginx/1.19.0
x-amz-cf-pop
FRA2-C1
age
53007
etag
2136fdeff94132b326a64e22eb39ad64
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-amz-cf-id
_gNAYluHymmdFXXmdHteVaZZ9rV8sM511eyP1mGz1cUO9oCOeBhJng==
rpc
app.shopsettings.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/rpc?ownerid=72137502&customerlang=en&version=2023-10002-g14c58ac0b29b01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://winthelotterycorp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 23:00:45 GMT
Server
nginx
rpc
app.shopsettings.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/rpc?ownerid=72137502&customerlang=en&version=2023-10002-g14c58ac0b29b01
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ecwid-device-measurement,x-gwt-module-base,x-gwt-permutation
Access-Control-Request-Method
POST
Origin
https://winthelotterycorp.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Headers
Cache-Control,Pragma,Content-Type,X-GWT-Module-Base,X-GWT-Permutation,X-Ecwid-Xsrf-Token,X-Ecwid-Device-Measurement
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Allow
GET, HEAD, POST, TRACE, OPTIONS
Connection
keep-alive
Content-Length
0
Date
Mon, 06 Mar 2023 23:00:45 GMT
Server
nginx
products
app.shopsettings.com/api/v3/72137502/ 		12 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.shopsettings.com/api/v3/72137502/products?token=public_DUQquiCwCFzdW8xcJSuGiNpKQFSifcDH&enabled=true&sortBy=ADDED_TIME_DESC&limit=6&offset=0&timestamp=1678143644679
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/bundle/publish/0.4.641/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.22.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-22-251.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4bb514e8dc9c3fbfafe1c73f42f920179598d4528c87d039645e660fee8adc85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date
Mon, 06 Mar 2023 23:00:46 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"1376879552"
Access-Control-Max-Age
36000
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, HEAD, OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
1776
pptm.js
www.paypal.com/tagmanager/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=winthelotterycorp.com&source=checkoutjs&t=xo&v=4.0.336
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZKRx73m3E0F7UkK4+v56jSfbIJufz+dXCkmAS4cMiagcTIa8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-ZKRx73m3E0F7UkK4+v56jSfbIJufz+dXCkmAS4cMiagcTIa8' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 06 Mar 2023 23:00:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
age
0
x-cache
MISS
paypal-debug-id
f23090556b875
server-timing
"traceparent;desc="00-0000000000000000000f23090556b875-c855878d9bf62322-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
content-length
4299
x-xss-protection
1; mode=block
x-served-by
cache-hhn-etou8220062-HHN
traceparent
00-0000000000000000000f23090556b875-a9384411b5da1de9-01
x-timer
S1678143646.022346,VS0,VE194
etag
W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Server-Timing
cache-control
public, max-age=3600
accept-ranges
bytes
x-cache-hits
0
ts
t.paypal.com/ 		42 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Lottery%20Number%20Lists%20%7C%20W.T.L.C.&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1678143646227&g=0&completeurl=https%3A%2F%2Fwinthelotterycorp.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 06 Mar 2023 23:00:46 GMT
via
1.1 varnish
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id
750bbc94c573b
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
content-length
42
x-served-by
cache-hhn-etou8220030-HHN
pragma
no-cache
traceparent
00-0000000000000000000750bbc94c573b-d5ee437497653383-01
x-timer
S1678143646.295075,VS0,VE156
content-type
image/gif
cache-control
max-age=0, no-cache, no-store, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Mar 2023 23:00:46 GMT
truncated
/ 		1015 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
adfc902cc3c1483e0957655d16a20198e89fdcedeab88ef6eccd151c8d8d0f82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type
image/svg+xml
3399080489.jpg
d2j6dbq0eux0bg.cloudfront.net/images/72137502/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/72137502/3399080489.jpg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-78.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27150a0e926e967a9271756c96b615bc88c8563f5ca4ea1f1d061262b45f1e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:47 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:07:57 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
etag
"0912197759258e454a6c985d86a1240d"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15924
x-amz-cf-id
TQuYn7h4sTU4amozIrcSWsNtU3elQUcgNFbDNCVnub0Y7FyN4yirWQ==
3401015507.jpg
d2j6dbq0eux0bg.cloudfront.net/images/72137502/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/72137502/3401015507.jpg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-78.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e387e7f7f0e3acf60cb57a7576dd1e1a8f485c35b4dc5e2b7cea3af157be9e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:47 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:01:39 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
etag
"4101d0693caf5df768e2cf885d4be5e6"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
24144
x-amz-cf-id
WoFD4SH9j0Ez-8guU342ovy7oCY-myfKKhRnH-iY6OOMntxzuC-B0A==
3400835278.jpg
d2j6dbq0eux0bg.cloudfront.net/images/72137502/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2j6dbq0eux0bg.cloudfront.net/images/72137502/3400835278.jpg
Requested by
Host: winthelotterycorp.com
URL: https://winthelotterycorp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.15.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-15-78.vie50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6aec5906084584a898ed50607a4a1695cdd36caae010a7bc9347b47129d0640a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://winthelotterycorp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 23:00:47 GMT
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
last-modified
Tue, 03 Jan 2023 15:06:14 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-P1
etag
"886be2965bc095e969ae99ba3e2b9c58"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
57519
x-amz-cf-id
K2kF4NW5hq_De7sn6tUjqDoMbiTYyaHNvs_3HIfS6sXZktyc2xCGZw==

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| __PRELOADED_STATE__ boolean| ecwid_script_defer boolean| ecwid_nocssrewrite object| ec boolean| _xnext_included undefined| cartData undefined| item undefined| cartDataItem function| addExtension function| ep function| proxyChain object| chameleon string| colorPrefix string| key object| EcwidUtils object| EcwidLogger undefined| hash_position undefined| hash undefined| loc undefined| html_id undefined| html_tag undefined| body_id undefined| body_tag undefined| commonError undefined| bodyTagError undefined| isWindowsMobile2005 function| xInjectJs function| isOnIframe function| parseId function| parseStyle function| xAddWidget function| xProductBrowser function| ecwid_loader function| xAddToBag function| xProductThumbnail function| xLoginForm function| xMinicart function| xCategories function| xVCategories function| xCategoriesV2 function| xSearchPanel function| xSearch function| xGadget function| xSingleProduct function| xProduct function| xAffiliate undefined| xReportError object| lazySizes object| ecwidEvents function| ecwid_init_elm_config object| ecwid_elm_config object| Ecwid object| ecwid_onBodyDoneTimerId boolean| ecwid_bodyDone function| ecwid_onBodyDone object| pathGroups boolean| needLoadEcwidAsync boolean| allowGWTAppResurrection string| css_selectors_prefix string| ecwid_script_base string| ecwid_url number| ecwid_wait_for_interactive_seconds boolean| ecwid_use_new_loader string| ecwid_loader_logo_url string| amazon_image_domain number| xnext_ownerId object| ecwid_initial_data object| ecwid_states_data string| HeapAnalyticsObject function| eca boolean| __heap_inits__ object| webpackChunkpage_render_service object| regeneratorRuntime function| __VERSION__ function| onloadRecaptchaCallback function| ru_cdev_xnext_frontend_LegacyFrontend object| __gwt_activeModules function| __gwt_getMetaProperty function| __gwt_isKnownPropertyValue object| __gwt_stylesLoaded object| ChameleonIntegration string| ec_legacyCssUrl string| rosettaLanguageCode object| rosettaMessages object| Venera object| goog object| com object| java object| ru function| GwtPotentialElementShim function| StackFrame object| ErrorStackParser string| timestamp object| EcwidCart function| ecwid_incompatible_version object| ProductBrowser object| frame object| testElm object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo object| paypalDDL

3 Cookies

Domain/Path Name / Value
winthelotterycorp.com/ Name: country
Value: DE
.paypal.com/ Name: ts
Value: vreXpYrS%3D1772838046%26vteXpYrS%3D1678145446%26vr%3Db927eaa91860a5704910cfb9ffffffff%26vt%3Db927eaa91860a5704910cfb9fffffffe
.paypal.com/ Name: ts_c
Value: vr%3Db927eaa91860a5704910cfb9ffffffff%26vt%3Db927eaa91860a5704910cfb9fffffffe

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection "1; mode=block"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.shopsettings.com
d1oxsl77a1kjht.cloudfront.net
d2j6dbq0eux0bg.cloudfront.net
d3cy3u1txmkqs3.cloudfront.net
d3dq8sxcny4hg.cloudfront.net
ecomm.events
fonts.googleapis.com
fonts.gstatic.com
rest.edit.site
static-cdn.edit.site
t.paypal.com
winthelotterycorp.com
www.paypal.com
www.paypalobjects.com
13.224.194.46
151.101.129.35
151.101.65.21
18.66.15.78
192.229.221.25
209.17.116.160
2600:9000:20eb:2800:1c:b536:2c40:21
2600:9000:21f3:2e00:1f:f560:8d00:21
2606:4700:10::6816:28ad
2a00:1450:400d:806::2003
2a00:1450:400d:80e::200a
3.67.22.251
34.236.246.67
04c04e65e789a022ea477187dc2438923959390ad3afe1bcb66559379a05d1ad
0813d7a0063b4c30f1863072477c12d612530832d51b8bd8ed9df0c56063e4e1
0b29465d75cc1d3e0a2b79873e66caad7d2fd4486c23e2d789d211b92c889fc4
175d02176e20774b70856d891dbd35cd39f89495705a3b42cf52cf85eb283bde
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25685c0de4fdeb07e6a8d7238466f4328b7e18063448a42be6f2a89122c97b97
27150a0e926e967a9271756c96b615bc88c8563f5ca4ea1f1d061262b45f1e0f
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3a4bc628dca4827738952685603ee991a9478c64fb232391a07b1e262ac143b7
3cd9f72f2f51b5991d4bab2a4c1ecf75f4fb610879cc5340dbdd09872530bc30
4856e0dec33026cfa9c040c56dada72450186453f78c629c06954ab1b5f8064f
4a68979cf4e31f0d369fc89f919ee8cd6cbb519748e71c84fd0622d3f9d2ba60
4bb514e8dc9c3fbfafe1c73f42f920179598d4528c87d039645e660fee8adc85
4dc2fb27d0ca4f68c2f27c138a07614b8a98fcf45df6acecc40033e8c8fd4d39
4dd17f1edcd84f8bd4e94b3226a272525bcb9e963b872f0e62257c22ea3b45be
5085396d0d1d26ddbfb420f47958cb5d37e11d0558fb01dd10c50ddd265cf81e
5a514b7e4f182ad5d27520623de23ab86519c70700964405e3899a7ab7d54755
5d27fa6c92bb6f0037a238a2bf5e94f4201519215c0c2a96c6efbe2237c943f1
627d8df9384d19b6a78b77cfb61a65c2f3892eeea9dee8702964628787923eda
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
6aec5906084584a898ed50607a4a1695cdd36caae010a7bc9347b47129d0640a
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
6da0a62838e5e86b4861eca78cef05a1b9e0b3e746b9acd9233ff85c2b7bc670
731665e6f77413518414f0045f0e9d03947970d2c2c3f502f13485ac6e05bb7a
7e387e7f7f0e3acf60cb57a7576dd1e1a8f485c35b4dc5e2b7cea3af157be9e6
80239c7b530ad7b3b681bed792f56cb742ddc86d3172e859cc64c420baf488d9
950d13c3e8a9fd93e026afeec5ad6205e36d194aa1d8f062c0876a9f9c42405d
a62eecf557e84d4eec099ad190835c7bd6b56a8294e4505924aad7ba240951e6
a6a41dce7dbc788846c83c5b65365499b560e0bf15f8ec83d2b6d47ce3360982
a74a28a7c340d635f0f2b798eaea753abfa84702a89d54e0a4e872eb752ef78f
ad8c982d6657b03e13a51c5ccb29c111c870abe20ddad4f9c80f22c8372d8392
adfc902cc3c1483e0957655d16a20198e89fdcedeab88ef6eccd151c8d8d0f82
b8c92ffac1c3dbb8c3dffeb8dd12c5aaca7802cc517034cf7272e17b3de67463
bb6b9ab8bc91864cfc3651af5ace6203375c40d4a01e019a87657d2c39be4e29
c14cf33c8650b5c60ddc5f30ee5d2f7f5c3ec851ca96c56a66ca0366e34a8bb5
c648bc3960d36813170173b7a3d8ab456e4bfd21e534ceda639faf84ed59693a
ccd384b270919f35801f8b396cad51e9a0372eed323c1702d85e7706c5faebf6
ef7c05f54d6fb7f4de07f2ebbf9f9090cea220d1452cfa55b41827099ffb0cae
f3e324afc2d965696e19bb684c34f54f4022d3df24df2d9933a549ef5b1c590a
ff69b4345df132652c8bab7bb63c1cc4cc07bea4569a48887f1abd00babf0085