Submitted URL: https://t.nl.primolotto.com/c/?t=69603fd-1km-1a!9-13cm-98a5f
Effective URL: https://www.primolotto.com/grid
Submission: On May 28 via api from BE

Summary

This website contacted 52 IPs in 9 countries across 46 domains to perform 234 HTTP transactions. The main IP is 54.155.235.161, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.primolotto.com.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.
This is the only time www.primolotto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a05:71c0:200... 34993 (ODISO-AS)
2 17 54.155.235.161 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.141.129.226 48402 (VIOUSLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.15.145.115 12876 (Online SAS)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.59.220.194 60068 (CDN77 (^_^)/)
5 35.244.174.68 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
18 199.232.137.44 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
9 145.239.211.22 16276 (OVH)
2 145.239.193.53 16276 (OVH)
2 185.141.129.223 48402 (VIOUSLY)
2 3 185.33.223.178 29990 (ASN-APPNEX)
1 2 185.86.137.131 201081 (SMARTADSE...)
2 2 91.216.195.7 12516 (WEBORAMA ...)
1 1 23.45.99.241 16625 (AKAMAI-AS)
1 1 2.18.233.201 16625 (AKAMAI-AS)
2 2 52.31.176.223 16509 (AMAZON-02)
1 35.180.10.74 16509 (AMAZON-02)
1 51.195.5.40 16276 (OVH)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2 95.131.143.205 47841 (OXALIDE)
4 185.141.129.230 48402 (VIOUSLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
55 151.101.13.44 54113 (FASTLY)
2 25 141.226.228.48 200478 (TABOOLA-AS)
2 6 13.248.242.197 16509 (AMAZON-02)
4 3.126.63.176 16509 (AMAZON-02)
6 6 185.94.180.126 35220 (SPOTX-AMS)
5 18.185.140.232 16509 (AMAZON-02)
4 4 2.19.35.65 16625 (AKAMAI-AS)
8 104.111.230.142 16625 (AKAMAI-AS)
5 69.173.144.165 26667 (RUBICONPR...)
2 2 18.185.197.81 16509 (AMAZON-02)
1 2 34.98.64.218 15169 (GOOGLE)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 35.153.224.87 14618 (AMAZON-AES)
1 2 198.148.27.139 19189 (PULSEPOINT)
2 3 142.250.185.194 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 72.251.249.13 29791 (VOXEL-DOT...)
1 185.86.137.110 201081 (SMARTADSE...)
1 18.195.155.181 16509 (AMAZON-02)
1 1 178.250.0.163 44788 (ASN-CRITE...)
1 1 172.105.213.147 63949 (LINODE-AP...)
1 192.132.33.46 18568 (BIDTELLECT)
1 141.226.124.231 200478 (TABOOLA-AS)
1 141.226.124.202 200478 (TABOOLA-AS)
1 141.226.124.213 200478 (TABOOLA-AS)
1 141.226.124.195 200478 (TABOOLA-AS)
1 141.226.124.238 200478 (TABOOLA-AS)
1 141.226.124.199 200478 (TABOOLA-AS)
1 141.226.124.198 200478 (TABOOLA-AS)
1 141.226.124.234 200478 (TABOOLA-AS)
1 2a04:4e42:3::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
234 52
Apex Domain
Subdomains
Transfer
108 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
c3.taboola.com
am-match.taboola.com
wf.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
sync.taboola.com
match.taboola.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
pips.taboola.com
cds.taboola.com
am-wf.taboola.com
3 MB
24 adgaterewards.com
wall.adgaterewards.com
369 KB
18 primolotto.com
t.nl.primolotto.com
www.primolotto.com
1 MB
17 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
44 KB
9 crm4d.com
p.crm4d.com
6 KB
6 spotxchange.com
sync.search.spotxchange.com
4 KB
6 adsrvr.org
match.adsrvr.org
2 KB
6 agmcdn.com
main-p.agmcdn.com
908 KB
6 viously.com
sonar.viously.com
e.viously.com
5 KB
5 bidswitch.net
x.bidswitch.net
726 B
5 rlcdn.com
ejp.rlcdn.com
4 advertising.com
pixel.advertising.com
497 B
3 doubleclick.net
cm.g.doubleclick.net
845 B
3 google-analytics.com
www.google-analytics.com
38 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
1 KB
3 smartadserver.com
sync.smartadserver.com
rtb-csync.smartadserver.com
569 B
3 adnxs.com
ib.adnxs.com
3 KB
3 tagadamedia.com
imgs.tagadamedia.com
181 KB
2 lijit.com
ce.lijit.com
1018 B
2 contextweb.com
bh.contextweb.com
819 B
2 betweendigital.com
ads.betweendigital.com
955 B
2 openx.net
u.openx.net
505 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 cloudflare.com
cdnjs.cloudflare.com
7 KB
2 commander1.com
sync.commander1.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 weborama.fr
wam.solution.weborama.fr
1 KB
2 easydmp.net
asset.easydmp.net
5 KB
2 googleapis.com
fonts.googleapis.com
1 KB
2 consentframework.com
cache.consentframework.com
choices.consentframework.com
200 KB
1 bttrack.com
bttrack.com
380 B
1 appier.net
s.c.appier.net
363 B
1 emxdgt.com
e1.emxdgt.com
59 B
1 pubmatic.com
simage2.pubmatic.com
547 B
1 postrelease.com
jadserve.postrelease.com
428 B
1 gstatic.com
www.gstatic.com
133 KB
1 google.com
www.google.com
642 B
1 id5-sync.com
id5-sync.com
1 KB
1 zebestof.com
dpm.zebestof.com
154 B
1 mathtag.com
pixel.mathtag.com
579 B
1 bluekai.com
stags.bluekai.com
882 B
1 pushcrew.com
cdn.pushcrew.com
70 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
1 getviously.com
getviously.com
1 KB
1 demand.supply
live.demand.supply
254 B
0 ew3.io Failed
ew3.io Failed
234 46
Domain Requested by
28 images.taboola.com www.primolotto.com
24 wall.adgaterewards.com www.primolotto.com
wall.adgaterewards.com
17 www.primolotto.com 2 redirects www.primolotto.com
15 cdn.taboola.com www.primolotto.com
cdn.taboola.com
10 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
9 p.crm4d.com www.primolotto.com
8 eus.rubiconproject.com am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
7 trc.taboola.com cdn.taboola.com
www.primolotto.com
6 sync.search.spotxchange.com 6 redirects
6 match.adsrvr.org 2 redirects am-match.taboola.com
imprammp.taboola.com
6 main-p.agmcdn.com www.primolotto.com
5 sync.taboola.com 2 redirects www.primolotto.com
5 x.bidswitch.net am-match.taboola.com
imprammp.taboola.com
www.primolotto.com
5 sync-t1.taboola.com am-match.taboola.com
imprammp.taboola.com
www.primolotto.com
5 trc-events.taboola.com www.primolotto.com
5 ejp.rlcdn.com www.primolotto.com
4 am-wf.taboola.com vidstat.taboola.com
4 token.rubiconproject.com eus.rubiconproject.com
4 secure-assets.rubiconproject.com 4 redirects
4 pixel.advertising.com am-match.taboola.com
imprammp.taboola.com
4 c3.taboola.com www.primolotto.com
4 e.viously.com www.primolotto.com
3 cm.g.doubleclick.net 2 redirects www.primolotto.com
3 am-vid-events.taboola.com www.primolotto.com
3 am-match.taboola.com vidstat.taboola.com
3 imprammp.taboola.com www.primolotto.com
vidstat.taboola.com
3 15.taboola.com cdn.taboola.com
3 www.google-analytics.com www.googletagmanager.com
www.primolotto.com
wall.adgaterewards.com
3 ib.adnxs.com 2 redirects www.primolotto.com
3 imgs.tagadamedia.com www.primolotto.com
2 ce.lijit.com 1 redirects www.primolotto.com
2 bh.contextweb.com 1 redirects www.primolotto.com
2 ads.betweendigital.com 2 redirects
2 u.openx.net 1 redirects www.primolotto.com
2 rtb.mfadsrvr.com 2 redirects
2 wf.taboola.com vidstat.taboola.com
2 cdnjs.cloudflare.com wall.adgaterewards.com
2 sync.commander1.com 2 redirects
2 gum.criteo.com 2 redirects
2 dpm.demdex.net 2 redirects
2 wam.solution.weborama.fr 2 redirects
2 sync.smartadserver.com 1 redirects www.primolotto.com
2 sonar.viously.com getviously.com
sonar.viously.com
2 asset.easydmp.net www.primolotto.com
asset.easydmp.net
2 fonts.googleapis.com www.primolotto.com
wall.adgaterewards.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 t8.taboola.com cdn.taboola.com
1 t7.taboola.com cdn.taboola.com
1 t6.taboola.com cdn.taboola.com
1 t5.taboola.com cdn.taboola.com
1 t4.taboola.com cdn.taboola.com
1 t3.taboola.com cdn.taboola.com
1 t2.taboola.com cdn.taboola.com
1 t1.taboola.com cdn.taboola.com
1 bttrack.com www.primolotto.com
1 s.c.appier.net 1 redirects
1 dis.criteo.com 1 redirects
1 e1.emxdgt.com www.primolotto.com
1 rtb-csync.smartadserver.com www.primolotto.com
1 simage2.pubmatic.com www.primolotto.com
1 jadserve.postrelease.com www.primolotto.com
1 pixel.rubiconproject.com www.primolotto.com
1 match.taboola.com www.primolotto.com
1 www.gstatic.com www.google.com
1 www.google.com wall.adgaterewards.com
1 id5-sync.com www.primolotto.com
1 dpm.zebestof.com www.primolotto.com
1 pixel.mathtag.com 1 redirects
1 stags.bluekai.com 1 redirects
1 cdn.pushcrew.com www.primolotto.com
1 www.googletagmanager.com www.primolotto.com
1 choices.consentframework.com www.primolotto.com
1 cache.consentframework.com www.primolotto.com
1 getviously.com www.primolotto.com
1 live.demand.supply www.primolotto.com
1 t.nl.primolotto.com 1 redirects
0 ew3.io Failed www.primolotto.com
234 78
Subject Issuer Validity Valid
tagadamedia.com
Amazon
2020-12-23 -
2022-01-21
a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2021-04-21 -
2022-04-20
a year crt.sh
getviously.com
Gandi Standard SSL CA 2
2019-07-18 -
2021-07-28
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-24 -
2021-07-24
a year crt.sh
choices.consentframework.com
R3
2021-04-19 -
2021-07-18
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
imgs.tagadamedia.com
R3
2021-05-26 -
2021-08-24
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2
2019-07-23 -
2021-07-31
2 years crt.sh
crm4d.com
R3
2021-04-26 -
2021-07-25
3 months crt.sh
icd.easydmp.net
R3
2021-05-13 -
2021-08-11
3 months crt.sh
*.viously.com
Gandi Standard SSL CA 2
2021-04-19 -
2022-05-14
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.zebestof.com
Gandi Standard SSL CA 2
2021-05-17 -
2022-06-07
a year crt.sh
*.id5-sync.com
R3
2021-03-23 -
2021-06-21
3 months crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA
2021-03-01 -
2021-08-24
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-04-01 -
2022-04-04
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh
*.postrelease.com
Amazon
2021-01-28 -
2022-02-25
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA
2020-05-07 -
2022-05-12
2 years crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2020-05-18 -
2021-07-17
a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA
2021-03-29 -
2022-03-29
a year crt.sh

This page contains 13 frames:

Primary Page: https://www.primolotto.com/grid
Frame ID: C530062F2A4015201FC9A0C6BCC88010
Requests: 144 HTTP requests in this frame

Frame: https://wall.adgaterewards.com/nq6XsA/2051987
Frame ID: DB8413131ACB2730EBC6D604C9A3BE21
Requests: 36 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=1AEDBEE5EB69784466218015904&cicmp=1337627&cijs=1&dast=V7kbQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLFgkSgsFmtFoS13w9FotpoMJsvlZDIcLpaQMIvFYjSZrYZTMNjC53R3t2EDTafD57rX636_u-DydPvNftPpb9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAJHEowMPychtez8vLHwAADwUgAAACGCEAJlqIIgAAAAAjAAAAACQAAomFJQAOd4smAAABebI4v24nAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAXQ6hQ97NFAogCRAWrRYwAAAAApMwk5I4mdUJlUfX___9vBXAFABCQJ4vzO5h1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IRmmJvTfjMyNdV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAAG9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhziQdW5dD6vzscGnMwVg8lcMZwrFqNVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Frame ID: 359B6C04D27AA2E4B5657B9CEA5D5DDD
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2B9ADB59E729398811588174382&cicmp=1337627&cijs=1&dast=V7lbUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzJhLkgU1nLFmyw3y-FwsBguFrvlcrdbLCFhFovFaDJbDadgsIXP6e5uwwaaTofPda_X_X53weXp9pv9ptPfrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wBI4lCAh-XlNryel5c_AAAeCkAAAAQwQgBMtApFAAAAAEYAAAAASAAEEgtLABzuFk0AAALyZHF-h04AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAC6GFp1tv0K7jOuJCiyLGAEAAABImUnIHU3qhMqi6v___98K4AoAICBPFueXLuvmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCc0wN6f9ZmRqqvGMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAANDsUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOMSDqnPpfF6djw04mSsGk7liOFcsRqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Frame ID: 800CBF6424D0B06C9D1CB08A216E2E14
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 91A8240038B67E9F86A705A941EA8D24
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: D99C312319440B17137512581B02061B
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: F5F6B595BDE9EB62AB7D29A1EDCF4BB1
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: D4CD48C98DB3772D91D28ACEC490AB25
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 99FFE361E43422DD04D341610DCC5AAC
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: CABF0335794C16715E01B806EC216A16
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a&tbid=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de&query=taboola_hm%3D80cbda95-5f31-48fb-a2be-c0999e95f85a&isDirect=0
Frame ID: 72D65CD6DBE0632B23C26B9DF78FC07D
Requests: 20 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 2621D7C8FF403E40A0DD2808A9F45E7D
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 498BC51F90EB28C34898D08548FF15D3
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://t.nl.primolotto.com/c/?t=69603fd-1km-1a!9-13cm-98a5f HTTP 302
    https://www.primolotto.com/login/auto?i=2051987&k=35d4169971c08633e4ba1e2a5c73156ec01d0f23&utm_source=u... HTTP 302
    https://www.primolotto.com/?utm_source=unknown&utm_campaign=2021-05-15 HTTP 302
    https://www.primolotto.com/grid Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

234
Requests

98 %
HTTPS

22 %
IPv6

46
Domains

78
Subdomains

52
IPs

9
Countries

5957 kB
Transfer

11292 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.nl.primolotto.com/c/?t=69603fd-1km-1a!9-13cm-98a5f HTTP 302
    https://www.primolotto.com/login/auto?i=2051987&k=35d4169971c08633e4ba1e2a5c73156ec01d0f23&utm_source=unknown&utm_campaign=2021-05-15&mid=%23messageId%23 HTTP 302
    https://www.primolotto.com/?utm_source=unknown&utm_campaign=2021-05-15 HTTP 302
    https://www.primolotto.com/grid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID HTTP 302
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=9049420836333641742
Request Chain 37
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Request Chain 38
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D HTTP 302
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=404423&d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D HTTP 302
  • https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=lMzMlQdWyjsJy5qG28XRnO
Request Chain 39
  • https://stags.bluekai.com/site/49123?id=1QDqrYNmv6GDt8WV1ushsLAN2Lm5wMpgIc7G-XyS7KI&limit=1&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fbluekai%2Fs.gif%3Fbounce%3D1%26uid%3D%24_BK_UUID HTTP 302
  • https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=qjYt%2F99999YfeqOQ
Request Chain 40
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fmediamath%2Fs.gif%3Fbounce%3D1%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=377c60b0-b258-4a00-b1d5-d57c2a3416ba
Request Chain 41
  • https://dpm.demdex.net/ibs:dpid=81351&dpuuid=9VwSBcuZhLaUfeP3bTxxjXgUFblx072Vfx4Wag3NMtM&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=81351&dpuuid=9VwSBcuZhLaUfeP3bTxxjXgUFblx072Vfx4Wag3NMtM&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=55337185609625300862920052901753977545
Request Chain 45
  • https://gum.criteo.com/sync?c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40 HTTP 302
  • https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=JyJ0xXFSeBuOzBTa9epRHwWj-OOfsmjX
Request Chain 46
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid HTTP 302
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid&firsttime=1 HTTP 302
  • https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=abaa942982200fcd16301e3b6baca463935b11c7cd9dae560a34581744fe16dc
Request Chain 158
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=dcabbdce-bf93-11eb-8bb3-1891fad20206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Request Chain 170
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Request Chain 172
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 175
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Request Chain 177
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 181
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Request Chain 188
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a&tbid=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de&query=taboola_hm%3D80cbda95-5f31-48fb-a2be-c0999e95f85a&isDirect=0
Request Chain 189
  • https://u.openx.net/w/1.0/sd?id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent= HTTP 302
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
Request Chain 191
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=868731ca-df13-5294-9d72-9b33fdc22953
Request Chain 193
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Tat3Su2K5eg2&ev=1&orig=trc&pid=562107
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc= HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEQksXnWifI30bNy-xb74Ec&google_cver=1
Request Chain 197
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de
Request Chain 198
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=033848c3-1534-4fc9-a390-2723db154fe7
Request Chain 199
  • https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Request Chain 203
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d09236da-9f83-4bd5-95b5-1f883eeb695a
Request Chain 204
  • https://id5-sync.com/s/464/9.gif?puid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent= HTTP 302
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=2486249549 HTTP 302
  • https://id5-sync.com/cq/464/100/6/2.gif?puid=Fo6/ShtxxBr1RfQ/rG/T5O&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/5/3.gif?puid=1441596e-0303-4402-93b9-0b93250a0f04&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOH_sIWynLisRZfnhpOcJaOi0ev9vLCTgWzO1rfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOH_sIWynLisRZfnhpOcJaOi0ev9vLCTgWzO1rfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/4/4.gif?puid=18f3931a-9f13-4d50-a0f1-7eb90de552ba&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/3/5.gif?puid=e_e1ebe615-9957-4f2c-ba07-e177c13a72f3&gdpr=1&gdpr_consent= HTTP 302
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D HTTP 303
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1 HTTP 303
  • https://id5-sync.com/c/464/9/2/6.gif?puid=ueJH_5vZbjfyxPHDJcv4UMpRAVwphJS45nft9lslWWQ&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEG-xuZvFsFqLyMQKHANkG98&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEG-xuZvFsFqLyMQKHANkG98&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033
Request Chain 205
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=DOnYLhLPBMCZAF1bYLKwYA
Request Chain 228
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=e89c80a6-bf93-11eb-bcac-124172220206 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e89c8068-bf93-11eb-bcac-124172220206&orig=video&us_privacy=1---
Request Chain 230
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

234 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request grid
www.primolotto.com/
Redirect Chain
  • https://t.nl.primolotto.com/c/?t=69603fd-1km-1a!9-13cm-98a5f
  • https://www.primolotto.com/login/auto?i=2051987&k=35d4169971c08633e4ba1e2a5c73156ec01d0f23&utm_source=unknown&utm_campaign=2021-05-15&mid=%23messageId%23
  • https://www.primolotto.com/?utm_source=unknown&utm_campaign=2021-05-15
  • https://www.primolotto.com/grid
35 KB
10 KB
Document
General
Full URL
https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 / PHP/7.4.11
Resource Hash
9448596734c8cc7858e3b36b63b731db3ca9cd2ee49e1ca17c516efaa09bdd0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
www.primolotto.com
:scheme
https
:path
/grid
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; AWSALB=36XM1so9lPpntWxSMNVHpYzKt3EA+S2kD0Nj+eGDt9iyG1xfWCD2+rL1HH8YO7AufKfxSPeJRHR4eYtr/U/vjQ+oegtZMOucH9fFyL3sVIps8C05JxZNhSWqKIm/; AWSALBCORS=36XM1so9lPpntWxSMNVHpYzKt3EA+S2kD0Nj+eGDt9iyG1xfWCD2+rL1HH8YO7AufKfxSPeJRHR4eYtr/U/vjQ+oegtZMOucH9fFyL3sVIps8C05JxZNhSWqKIm/; XSRF-TOKEN=eyJpdiI6InBOT1wvUUw2Q3JaSEduVHV0THRURXR3PT0iLCJ2YWx1ZSI6IkloY1wvN0VwbVhNZHgyYzN5ZFdMdG5DYXJSZmtteEc2dFY2dDZkc3B3SXFickJNWkVDSDZrN3IycW5EMVlON3lrIiwibWFjIjoiYzVmZGI3Zjg0MDI1MjA2YmYyNWNmY2E3MmIzNmRjOTAyYTU3ZmU5YzczMTFmYTRjYWRhYjhiYzlkNDg2MTNkNCJ9; laravel_session=eyJpdiI6Im9Tc0VtbVpldWFWZm84ODFmUzA2SWc9PSIsInZhbHVlIjoiOTh3cmFHTGc3dDlMamlaSDlUK29OK2hNc0k0U1lCN3E3c1FXa0VwQTAzMGgxYXUzcVwvTHlCM0RWaXNUZmIzUjkiLCJtYWMiOiIzYjk5YTZjODM0OTcwZTE5ZjZhYWRjZTY5OGJiNmM3MGE0YWU2NTU5NDg0MGQyNWZhY2U3MjAxNjFiYzY5OTVjIn0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; expires=Fri, 28-May-2021 11:05:28 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; expires=Fri, 28-May-2021 11:05:28 GMT; Max-Age=7200; path=/; httponly
server
nginx/1.19.10
x-powered-by
PHP/7.4.11
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

date
Fri, 28 May 2021 09:05:27 GMT
content-type
text/html; charset=UTF-8
location
https://www.primolotto.com/grid
set-cookie
AWSALB=36XM1so9lPpntWxSMNVHpYzKt3EA+S2kD0Nj+eGDt9iyG1xfWCD2+rL1HH8YO7AufKfxSPeJRHR4eYtr/U/vjQ+oegtZMOucH9fFyL3sVIps8C05JxZNhSWqKIm/; Expires=Fri, 04 Jun 2021 09:05:27 GMT; Path=/ AWSALBCORS=36XM1so9lPpntWxSMNVHpYzKt3EA+S2kD0Nj+eGDt9iyG1xfWCD2+rL1HH8YO7AufKfxSPeJRHR4eYtr/U/vjQ+oegtZMOucH9fFyL3sVIps8C05JxZNhSWqKIm/; Expires=Fri, 04 Jun 2021 09:05:27 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6InBOT1wvUUw2Q3JaSEduVHV0THRURXR3PT0iLCJ2YWx1ZSI6IkloY1wvN0VwbVhNZHgyYzN5ZFdMdG5DYXJSZmtteEc2dFY2dDZkc3B3SXFickJNWkVDSDZrN3IycW5EMVlON3lrIiwibWFjIjoiYzVmZGI3Zjg0MDI1MjA2YmYyNWNmY2E3MmIzNmRjOTAyYTU3ZmU5YzczMTFmYTRjYWRhYjhiYzlkNDg2MTNkNCJ9; expires=Fri, 28-May-2021 11:05:27 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im9Tc0VtbVpldWFWZm84ODFmUzA2SWc9PSIsInZhbHVlIjoiOTh3cmFHTGc3dDlMamlaSDlUK29OK2hNc0k0U1lCN3E3c1FXa0VwQTAzMGgxYXUzcVwvTHlCM0RWaXNUZmIzUjkiLCJtYWMiOiIzYjk5YTZjODM0OTcwZTE5ZjZhYWRjZTY5OGJiNmM3MGE0YWU2NTU5NDg0MGQyNWZhY2U3MjAxNjFiYzY5OTVjIn0%3D; expires=Fri, 28-May-2021 11:05:27 GMT; Max-Age=7200; path=/; httponly
server
nginx/1.19.10
x-powered-by
PHP/7.4.11
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
up.js
live.demand.supply/
0
254 B
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
65665246dd394aa3-FRA
content-length
0
cf-request-id
0a53d1c04300004aa36ca10000000001
app.css
www.primolotto.com/css/
232 KB
233 KB
Stylesheet
General
Full URL
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
52a9c07536a2b2ba437ce604b95d32754f75adecb4458e1b4c3038a565f9c168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/css/app.css?id=f7e6fd648c9509a51642
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; AWSALB=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; AWSALBCORS=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.primolotto.com
referer
https://www.primolotto.com/grid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-39eba"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=259200
set-cookie
AWSALB=ZS4/6T6Ty+m3Xn8FWw/N+i914jbMQFosiMVBZd/jSPXD8ll4xWf6vgltHmLkiiDuMzKoFw3IL6e9QO+bE3Ao4tR0igBGp3pODq3m3+C6IxXW/nIeFcF3fkh+Nl9Z; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=ZS4/6T6Ty+m3Xn8FWw/N+i914jbMQFosiMVBZd/jSPXD8ll4xWf6vgltHmLkiiDuMzKoFw3IL6e9QO+bE3Ao4tR0igBGp3pODq3m3+C6IxXW/nIeFcF3fkh+Nl9Z; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
237242
expires
Mon, 31 May 2021 09:05:28 GMT
app.js
www.primolotto.com/js/
481 KB
482 KB
Script
General
Full URL
https://www.primolotto.com/js/app.js?id=c72c7abf953b6dd5841a
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
faf58853644d69d07cc1ab1abb79f7b724ca1e057d90ea1bfb99d2dabfc57548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/js/app.js?id=c72c7abf953b6dd5841a
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; AWSALB=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; AWSALBCORS=dqo389BO0wpwaGlUQmOF4liiHGZMdixul7KGKJsOBqVIf4wOBfUKUfDqsv++hZ5OcQkExGMEpyzfamxRgwdGjMAiREFdj12ZREMVS0tZ1SBZiorpijrp4sAOqR90; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.primolotto.com
referer
https://www.primolotto.com/grid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-782db"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
set-cookie
AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
492251
js
getviously.com/
3 KB
1 KB
Script
General
Full URL
https://getviously.com/js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.226 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
3a3a55823c91e98f9e21aa1b1284d231cf4c4c721e528816a407b5889c6aeb7b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-encoding
gzip
last-modified
Mon, 17 May 2021 13:54:52 GMT
server
nginx
etag
W/"60a275ac-b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
timing-allow-origin
*
expires
Fri, 28 May 2021 10:05:28 GMT
stub
cache.consentframework.com/js/pa/26948/c/JM8eX/
1 KB
1 KB
Script
General
Full URL
https://cache.consentframework.com/js/pa/26948/c/JM8eX/stub
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:466 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c208e1dcb1037274ed8cd3103cecb21e8bb9eb0ff60f94bffe0d96396345d33
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2336
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YhwTEfTWsCSIXI5Xy9YHb1wrP2EtQhx%2F%2BLiBMHeQReGB%2BX7kNYAsemn87huSkfhIxZSeMpFoGqNedSa1oPtoH04YJq7dZAOODYssUtThtEbmZRBJmo0%2Bme3yMHrNnPSwizfXdsPwSzYvAIy%2FfrAICCNnxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=UTF-8
cache-control
max-age=3600
strict-transport-security
max-age=15724800; includeSubDomains; preload
cf-ray
65665246d92c4ea3-FRA
cf-request-id
0a53d1c04c00004ea3318e3000000001
cmp
choices.consentframework.com/js/pa/26948/c/JM8eX/
726 KB
199 KB
Script
General
Full URL
https://choices.consentframework.com/js/pa/26948/c/JM8eX/cmp
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.15.145.115 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-15-145-115.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
5b9c7a1b74b1b04d105a7786933c85f904ab13261d5c431232845ab55a138d39
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
private, max-age=3600
server
nginx/1.11.3
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains; preload
content-type
text/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93113711-1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bfcaa4074375f59b60b0526f67b930a703c1a18111ec4b87d940ee6855a2daa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35859
x-xss-protection
0
expires
Fri, 28 May 2021 09:05:28 GMT
logo_mail.jpg
www.primolotto.com/img/
4 KB
4 KB
Image
General
Full URL
https://www.primolotto.com/img/logo_mail.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
8a8d52eba8ab85703a684f068b5eac40b2c1525af4c4e347305e1dd6eb286241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/img/logo_mail.jpg
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/grid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.10
etag
"5efdff0f-e62"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=259200
set-cookie
AWSALB=wpcE04xHfqOinC6H36YKFAIbNRP+WKiq+BudO+XT+dCi6yl+zePnFQbIRKfTPHzLzqKYOw6GiWY9ge0enGuloM05hoTS7qjlom/KYTGz+PCjNbL3Hdid0fpazBIi; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=wpcE04xHfqOinC6H36YKFAIbNRP+WKiq+BudO+XT+dCi6yl+zePnFQbIRKfTPHzLzqKYOw6GiWY9ge0enGuloM05hoTS7qjlom/KYTGz+PCjNbL3Hdid0fpazBIi; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
3682
expires
Mon, 31 May 2021 09:05:28 GMT
purple_bg.jpg
www.primolotto.com/img/
49 KB
49 KB
Image
General
Full URL
https://www.primolotto.com/img/purple_bg.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
a2c1937fe1cf16f6ef92bc981984b30e82983ffd4ed81b763d9d8ac70cc1f12a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/img/purple_bg.jpg
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/grid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.10
etag
"5efdff0f-c374"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=259200
set-cookie
AWSALB=K80sOrrgA3yHa99pTSkpas+5EQZJ32ooTkGKxiDwXiysHj++CDpt169VaB0Fy65wYV6BS+mI8Gc9hha9KbTD+93xaWbT9+mSDNm+QVonJWuHqQGX0qHE6z0CzRzk; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=K80sOrrgA3yHa99pTSkpas+5EQZJ32ooTkGKxiDwXiysHj++CDpt169VaB0Fy65wYV6BS+mI8Gc9hha9KbTD+93xaWbT9+mSDNm+QVonJWuHqQGX0qHE6z0CzRzk; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
50036
expires
Mon, 31 May 2021 09:05:28 GMT
prize-132-1589895126.png
imgs.tagadamedia.com/primolotto/prod/prize/
126 KB
127 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-194.datapacket.com
Software
BunnyCDN-DE1-713 /
Resource Hash
a633cc3894b71084834e7448c54597d858bee7441f15c31088e4c99b8457688d

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cdn-edgestorageid
722
x-amz-request-id
Q8TM0JCDQ0C5AWJA
cdn-cachedat
2021-05-28 11:04:44
cdn-pullzone
61945
content-length
129184
x-amz-id-2
fHjqAPeMboqX2N6ghqm09Kq8ztxOiawwzDvKEdkcPwZZfT9h5p/vaWAnQut9TLxpK7BZ7kvU3No=
last-modified
Tue, 19 May 2020 13:32:07 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
14f848e538b4f27271f084b53f2ed6d3
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
prize-183-1619174219.png
imgs.tagadamedia.com/primolotto/prod/prize/
30 KB
31 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prod/prize/prize-183-1619174219.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-194.datapacket.com
Software
BunnyCDN-DE1-713 /
Resource Hash
a166a14902d3cb4600656ccec114493074522f1d7e57ce5afaa5b9c26bd014b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cdn-edgestorageid
601
x-amz-request-id
DT8RZXNS02W4XNXS
cdn-cachedat
2021-05-28 02:31:02
cdn-pullzone
61945
content-length
31138
x-amz-id-2
CI720xP2FD7YGdzlIxcBt2rJhgcmvkW1GDtl6hRHugOfQxHJV0/TBMN32zQpIEal5hHW8c/qRjQ=
last-modified
Fri, 23 Apr 2021 10:37:00 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
86b3ad684fbe9ec5f4ed6f7b673b6322
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
gift.png
www.primolotto.com/img/
2 KB
2 KB
Image
General
Full URL
https://www.primolotto.com/img/gift.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
33c1ddf6998b4221d60d27dfea001f5557df4bfc5a42b15ea05f827011601c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/img/gift.png
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/grid
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.10
etag
"5efdff0f-6c5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
set-cookie
AWSALB=VbbdV3d3LK1u4ggkSKlrx3SCM525+EP7xSz7K+WADVsvBPRdSFhJ5cMEBGecpYlTtc14nw4Z28EK0aX3hEn8ZWcMvHBsHIUilLH7fSZQnENZblIY0bL8PG8HUjUl; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=VbbdV3d3LK1u4ggkSKlrx3SCM525+EP7xSz7K+WADVsvBPRdSFhJ5cMEBGecpYlTtc14nw4Z28EK0aX3hEn8ZWcMvHBsHIUilLH7fSZQnENZblIY0bL8PG8HUjUl; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1733
expires
Mon, 31 May 2021 09:05:28 GMT
prize-182-1619173510.png
imgs.tagadamedia.com/primolotto/prod/prize/
23 KB
23 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prod/prize/prize-182-1619173510.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.194 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-194.datapacket.com
Software
BunnyCDN-DE1-713 /
Resource Hash
eeeb643f6eec84c181b7128294b181ab57e4bcd9a557897c7cab231c5f116553

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cdn-edgestorageid
632
x-amz-request-id
DV2C5FSHGQGC4TB9
cdn-cachedat
2021-05-28 10:56:19
cdn-pullzone
61945
content-length
23188
x-amz-id-2
pVVgdfplNuiXhodV/qIF59VDCpPARMrXTZTC97bv+6gxK4vKnFd7S9Dm/9FGQ3zun7dSKusLOu4=
last-modified
Fri, 23 Apr 2021 10:25:11 GMT
server
BunnyCDN-DE1-713
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
b172f52421248b9d6afc1b868cf989ea
accept-ranges
bytes
cdn-requestcountrycode
FR
cdn-requestpullsuccess
True
473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=2e3fed56edde36da197b33627e91f2ea&n=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=2e3fed56edde36da197b33627e91f2ea&n=2
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=2e3fed56edde36da197b33627e91f2ea&n=3
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=2e3fed56edde36da197b33627e91f2ea&n=4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=2e3fed56edde36da197b33627e91f2ea&n=5
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

css2
fonts.googleapis.com/
2 KB
629 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 May 2021 07:20:52 GMT
server
ESF
date
Fri, 28 May 2021 09:05:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 May 2021 09:05:28 GMT
loader.js
cdn.taboola.com/libtrc/tagadamedia-primolotto/
258 KB
27 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6501d63a1aed9616cca1d151d9524311acd2a57bd15a839695f7cef88ba75f1

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UMJWOdaj2BJb.qpmEL8JSQDBBiFr42NK
content-encoding
gzip
etag
"e6bf9b040354d69a909675f712d0f23a"
age
149
x-cache
HIT
content-length
27292
x-amz-id-2
bECrdTE4DMCShEi231lSAuTfmayQKbYnP3Qd4ocIa3GKnRQKSFtUlNtcps4m7qn6qYj9qaP3Rrw=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 12:24:18 GMT
server
AmazonS3
x-timer
S1622192728.416319,VS0,VE1
date
Fri, 28 May 2021 09:05:28 GMT
vary
Accept-Encoding
x-amz-request-id
5EZF5B8YQDJV28M1
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
98
x-cache-hits
1
38bae9676e0b8236d37b091728844b67.js
cdn.pushcrew.com/js/
243 KB
70 KB
Script
General
Full URL
https://cdn.pushcrew.com/js/38bae9676e0b8236d37b091728844b67.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3777 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff724737a3926e6581553d5d4fbeeceee6b69e8a0c9866d1a98f683010db6feb

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-encoding
gzip
cf-cache-status
HIT
age
109
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a53d1c14c00004a68eeb86000000001
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 16:43:43 GMT
server
cloudflare
etag
W/"6053833f-3cd69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
cache-control
max-age=43200
cf-ray
656652487abd4a68-FRA
expires
Fri, 28 May 2021 09:33:39 GMT
2051987
wall.adgaterewards.com/nq6XsA/ Frame DB84
63 KB
12 KB
Document
General
Full URL
https://wall.adgaterewards.com/nq6XsA/2051987
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2d9a126c1362d12bf147046b25ca41abeee3d81ce51388ad5802f9b4f36dfdd

Request headers

:method
GET
:authority
wall.adgaterewards.com
:scheme
https
:path
/nq6XsA/2051987
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
content-type
text/html; charset=UTF-8
cache-control
no-cache
set-cookie
adgate_session=eyJpdiI6IlJqV3JjXC91ZUttdERZTDcxZFwvXC9OTWc9PSIsInZhbHVlIjoia3M4RWxGRG1UNnA2K0huU0JTYVBrV0g5NVREOVBpT2grb2F0cGtPa2Z3K0xoNHFUU2p2OUVmZHV0YTlna3Y3REpRNVwvK3FHR0ZlR3EzS1ZHQVRlTGFnPT0iLCJtYWMiOiI5OWJjY2U5NWRkZTc0MjY3Mjg2NWE3NGZlNzk4ODRmMmFjM2EzNmU5NjYyOGY1YWM0M2I1ODg0OGI1OTlkNDYzIn0%3D; expires=Fri, 28-May-2021 11:05:28 GMT; Max-Age=7200; path=/; HttpOnly
cf-cache-status
DYNAMIC
cf-request-id
0a53d1c10600000ea7e8baa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Jh%2BXK%2FjnKxJpgVHYVNyKvH8ooPMhvk1c9dKLK9xLJ93TAqvG%2BPjPANEycJjxS5aDzU3GWPUe40qOZfAqbL5u9mkuvS8M7pxVztWpT466pOJpfZ1EN84C0lFP%2Fdw5RllpWCPpvDe1iBhHFzURmoIIdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
656652480bf80ea7-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
ic_ticket.svg
www.primolotto.com/images/
3 KB
3 KB
Image
General
Full URL
https://www.primolotto.com/images/ic_ticket.svg?75d4489ba75a376cc87ea7c684438cb9
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
f0069af0bb8816687fbd93943c1b72d78919dc44c893e78f2c6aedc0525ebb46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/images/ic_ticket.svg?75d4489ba75a376cc87ea7c684438cb9
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-a35"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
set-cookie
AWSALB=m7G6urUMnVnkkkMTxqa5qd0jHA1xtm4zWqtx/V18vfSSNyjJo12SZjLfHymIEaPOxfSTexrw50ml+aENuEgy9UWlpPVPnK8xAtdN7YsAu0hEphaXtmQAAOmuX0bM; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=m7G6urUMnVnkkkMTxqa5qd0jHA1xtm4zWqtx/V18vfSSNyjJo12SZjLfHymIEaPOxfSTexrw50ml+aENuEgy9UWlpPVPnK8xAtdN7YsAu0hEphaXtmQAAOmuX0bM; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
2613
MuseoSans_500.otf
www.primolotto.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_500.otf?62c0135163427c652ae397f327f85010
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.primolotto.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
:path
/fonts/MuseoSans_500.otf?62c0135163427c652ae397f327f85010
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-f428"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
set-cookie
AWSALB=kdUy2kW4oKIcLEXQxNK+LCUH3Us2y+UFjqnJnVk5l1fk8GAQGV9LIK4KCbLekyA/HkWBYUqEXvxtuXplSCJGqlV0DMhqZfehaHCeoBPodmpT8/h51fQQ+XQsMC4y; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=kdUy2kW4oKIcLEXQxNK+LCUH3Us2y+UFjqnJnVk5l1fk8GAQGV9LIK4KCbLekyA/HkWBYUqEXvxtuXplSCJGqlV0DMhqZfehaHCeoBPodmpT8/h51fQQ+XQsMC4y; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
62504
expires
Mon, 31 May 2021 09:05:28 GMT
webfa-solid-900.woff2
www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/
78 KB
78 KB
Font
General
Full URL
https://www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?b15db15f746f29ffa02638cb455b8ec0
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.primolotto.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
:path
/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?b15db15f746f29ffa02638cb455b8ec0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-13654"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=259200
set-cookie
AWSALB=DFswn2e/DUolE8ZSRXLV9kF/rCfxuTKAbSs3M1/q+7ET6upyMolnouZuRGamAAAuo3l/eEQFTz0VCHMuZb2+/CftGmuVCKI/qOM4PCliWOXrf7d7FTdguP+n4i0K; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=DFswn2e/DUolE8ZSRXLV9kF/rCfxuTKAbSs3M1/q+7ET6upyMolnouZuRGamAAAuo3l/eEQFTz0VCHMuZb2+/CftGmuVCKI/qOM4PCliWOXrf7d7FTdguP+n4i0K; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
79444
expires
Mon, 31 May 2021 09:05:28 GMT
MuseoSans_900.otf
www.primolotto.com/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_900.otf?f5d070fca3ddc0fce188de14f62bf795
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
3523734aa4e5c25525d494704e645ff08af67b7f7c77addb0d6a3303d08a545a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.primolotto.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
:path
/fonts/MuseoSans_900.otf?f5d070fca3ddc0fce188de14f62bf795
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-fed8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
set-cookie
AWSALB=/gssmTEUqKE+zr+LFjnMYRkTD8eXfaZKcnslTJN2ecmZG+Gp03m5fu+i3JMGmg5JjNOJU+Hq3ikCifQImqFNm5cNtnoUvOOywTya/yJ8eFS3IAChKQnANh9lgSlb; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=/gssmTEUqKE+zr+LFjnMYRkTD8eXfaZKcnslTJN2ecmZG+Gp03m5fu+i3JMGmg5JjNOJU+Hq3ikCifQImqFNm5cNtnoUvOOywTya/yJ8eFS3IAChKQnANh9lgSlb; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
65240
expires
Mon, 31 May 2021 09:05:28 GMT
webfa-regular-400.woff2
www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/
13 KB
14 KB
Font
General
Full URL
https://www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?c20b5b7362d8d7bb7eddf94344ace33e
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.primolotto.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
:path
/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?c20b5b7362d8d7bb7eddf94344ace33e
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-3510"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=259200
set-cookie
AWSALB=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
13584
expires
Mon, 31 May 2021 09:05:28 GMT
MuseoSans_300.otf
www.primolotto.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_300.otf?bdb59b808cfc4fb88f3963fa06e6c79b
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-fetch-mode
cors
origin
https://www.primolotto.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU; AWSALBCORS=QxN7xh30IEMSxmUzdgGY66VNA2gXnPQTUQ7p308QlFo4ZiJSM6/RXfpsh8nu3XLihB3cLd/FNFz2sjiar6Bs1rmK5udlLWr2bCSAd0X+pM9Zp19pr23az6j8WsaU
:path
/fonts/MuseoSans_300.otf?bdb59b808cfc4fb88f3963fa06e6c79b
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-f5cc"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
set-cookie
AWSALB=zCjHl+WLgxlJoTObdC2/fkWpE9dnKm30u6JJ5vvPR/t72aavmT1EcTXjxv9e4EZXW1ktQt5x9TnE8V8SOgD5xPIGDjv0hNo84Q3UGbFcetyercNht3opiZt5sc+w; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=zCjHl+WLgxlJoTObdC2/fkWpE9dnKm30u6JJ5vvPR/t72aavmT1EcTXjxv9e4EZXW1ktQt5x9TnE8V8SOgD5xPIGDjv0hNo84Q3UGbFcetyercNht3opiZt5sc+w; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
62924
expires
Mon, 31 May 2021 09:05:28 GMT
gagnant_img.png
www.primolotto.com/images/
10 KB
11 KB
Image
General
Full URL
https://www.primolotto.com/images/gagnant_img.png?c9094453187bfc1ddd9e337e493a76c9
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
8f7a04dfcfe5ffe5e09a0f9d4a91bb2ad737f0d6e261dc8b86538ac49eb7adfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/images/gagnant_img.png?c9094453187bfc1ddd9e337e493a76c9
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW; AWSALBCORS=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-29b8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
set-cookie
AWSALB=8rGXgC4GYogsHi3r7m/+T/cTfMmal9wPsCoJDO9VYmzfdwI/GsZU2MiCjB3TrC8TKCQhaMWY9TRZDVmnBMNPOMHY/MoFhakvrnNavpvhkt6I5YpqGDlFBVP41xdr; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=8rGXgC4GYogsHi3r7m/+T/cTfMmal9wPsCoJDO9VYmzfdwI/GsZU2MiCjB3TrC8TKCQhaMWY9TRZDVmnBMNPOMHY/MoFhakvrnNavpvhkt6I5YpqGDlFBVP41xdr; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
10680
expires
Mon, 31 May 2021 09:05:28 GMT
box-astro.png
www.primolotto.com/images/
92 KB
92 KB
Image
General
Full URL
https://www.primolotto.com/images/box-astro.png?6f42ab2e19cad6423209eb1cc60e0a89
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
d25283aef05052ea413e5e518534f8451ed6e8da9e3ab42587a7b6dc5241a1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/images/box-astro.png?6f42ab2e19cad6423209eb1cc60e0a89
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW; AWSALBCORS=/OEki2OrGSiyZnmz97xiWvnWZe6sgBxe2okOkKjMAzAN6ClJIFKEksLULnOQK+cHHQSWP8uAoNi1BOy/o3z1CF9b7EGHAACDbXFnKGNqNZVVTwZBjDiUFpN8i5pW
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-16e18"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
set-cookie
AWSALB=NCayOitKKeECt8bQL6TrwjA8jxmGECrFoJLWsL9jpqQWKDT57b1VpJt9KnCnSRj68RyDpB42HdExpLRVSGcf1yKR/xn+r9bgm7vqJ2pplsZ6u3GliTA5n5Sq3Dhg; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=NCayOitKKeECt8bQL6TrwjA8jxmGECrFoJLWsL9jpqQWKDT57b1VpJt9KnCnSRj68RyDpB42HdExpLRVSGcf1yKR/xn+r9bgm7vqJ2pplsZ6u3GliTA5n5Sq3Dhg; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
93720
expires
Mon, 31 May 2021 09:05:28 GMT
tagada.js
p.crm4d.com/sync/
4 KB
2 KB
Script
General
Full URL
https://p.crm4d.com/sync/tagada.js?r=0.667405369871539
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
aae0ed386647143e8ef7b32913b8defe476c25e069bf4c55b9aff601e84db0e5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
mt.js
asset.easydmp.net/mt/squadata/
1 KB
1 KB
Script
General
Full URL
https://asset.easydmp.net/mt/squadata/mt.js?t=225305
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 May 2021 08:17:04 GMT
X-IPLB-Request-ID
52661272:BEAE_91EFC135:01BB_60B0B258_FDE9A0:11576
ETag
"60a37800-28f"
X-IPLB-Instance
25144
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
655
ball_full.svg
www.primolotto.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.primolotto.com/images/ball_full.svg?285aded41fb2f6ea7a8152b4d866995d
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.235.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-235-161.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.10 /
Resource Hash
b841835671d58155e2265cfcdaa0b54eeea722bee5516ae7594ac35d912765b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:path
/images/ball_full.svg?285aded41fb2f6ea7a8152b4d866995d
pragma
no-cache
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6IlpsVmUzN2c1TWhtVE9nY3hKMjZ4bXc9PSIsInZhbHVlIjoieXZQMjV0RDl2YnFsQ3A3REVFUHVTelcrdzdmNTcyUmJMYzNoazF4OG1jNG5xOTZwNm1vUzJ0SjZrS3U1ZTdYMWQ5TEgzWGYxRGVIR0FLeWVOemZDeDNmQ042SHg3RytxbUQ5bDhiRUVXZSt1TXBUNUtEZGN1VnRvSzZCYktpSzcwbXZadzU1NVNBWnpwKzRwYlRyREFaeERKNlJ5c1Bvb2FWQmN5MEpYWEZMUW9lMHV1NVp3MWNXbGd0MDJKcUtLIiwibWFjIjoiZjNhNjU4MDhiNTVjYWIxYmJjZTAwNTk1NzBjYTFiZTBmN2U5NDQ0NTc2OTFiODY4NmY5OWJhODQwZWU0ZWU5ZCJ9; XSRF-TOKEN=eyJpdiI6Im5jY3hVOWZ2XC96emNicW1zY3p0NWl3PT0iLCJ2YWx1ZSI6InlHdHRRaGlycUE3a2g4akJnbzBOa3VlNFwvb2g2UTN0RDBzbGY3anBzd0NPXC9VVVhXdFNkNWM5SjFtQ1EwYzcreiIsIm1hYyI6ImY4MTRlMmQ5NTVmYWQ2MTE4NGE2MjBmYTFmNGFmMTRjYzQwNDcwZWYxNzdjODE5ZTIxMTdkZDRiYjc2NmJmMzgifQ%3D%3D; laravel_session=eyJpdiI6ImtqSWhzaWhnNGs1amRrUVNiS0gxMEE9PSIsInZhbHVlIjoiOXlrUTU1U3BJZ1ZRSHQ5VTZ3MllOdnBCbUU4OFp3OE1TZHpFXC9naFdwTElwbHg1djhNN1NoSmJVRThiU2NCTkUiLCJtYWMiOiJiNDk2NDg1MDg1MmY4N2QzODcwYWFkZmNjZGFkOGU1ZTdlYWIwNzhlMWQ5YmFlZThmMmQ2ZjhkMDI3MTQyZmIyIn0%3D; AWSALB=zCjHl+WLgxlJoTObdC2/fkWpE9dnKm30u6JJ5vvPR/t72aavmT1EcTXjxv9e4EZXW1ktQt5x9TnE8V8SOgD5xPIGDjv0hNo84Q3UGbFcetyercNht3opiZt5sc+w; AWSALBCORS=zCjHl+WLgxlJoTObdC2/fkWpE9dnKm30u6JJ5vvPR/t72aavmT1EcTXjxv9e4EZXW1ktQt5x9TnE8V8SOgD5xPIGDjv0hNo84Q3UGbFcetyercNht3opiZt5sc+w
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.primolotto.com
referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Thu, 27 May 2021 07:16:54 GMT
server
nginx/1.19.10
etag
"60af4766-76a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
set-cookie
AWSALB=K8HnCaEiVbaaYocH606NsRR+ji78ZZmSFXBc/uWsRN8gwBlzkJ3zdjdC+uPLaEvq1nEGOfQOcMn8He3K9mKr8EYsudSFN7GqgHp7a1EKWosxMaSw/nMBfWP8h9vG; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/ AWSALBCORS=K8HnCaEiVbaaYocH606NsRR+ji78ZZmSFXBc/uWsRN8gwBlzkJ3zdjdC+uPLaEvq1nEGOfQOcMn8He3K9mKr8EYsudSFN7GqgHp7a1EKWosxMaSw/nMBfWP8h9vG; Expires=Fri, 04 Jun 2021 09:05:28 GMT; Path=/; SameSite=None; Secure
accept-ranges
bytes
content-length
1898
js
sonar.viously.com/1622192728420/
11 KB
4 KB
Script
General
Full URL
https://sonar.viously.com/1622192728420/js?w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=
Requested by
Host: getviously.com
URL: https://getviously.com/js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.223 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
7f862934183e36c2f5c7857651442e21696df7ed13e85a4e7aba40c17d6cf928

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript; charset=UTF-8
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Tue, 24 Nov 2015 00:00:00 GMT
impl.20210527-9-RELEASE.js
cdn.taboola.com/libtrc/
491 KB
113 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
da8da07ffa93f21d6759c3621e1862524e7c303443d58fcbb8a950b84455eaac

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2sM3riWCXoa9TBeO03uAos9N9yiwnoIa
content-encoding
br
etag
"03cd29942e6903e6ca83ace91ad1c27a"
age
2199
x-cache
HIT
content-length
115011
x-amz-id-2
cCpclkZhN+6aWC8sPvoD3GOY0PnXkoRLZOSwP09nJ6//3dvIZzluO1ikHELtSAew/IQ392B8Ycw=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 08:27:19 GMT
server
AmazonS3-br
x-timer
S1622192728.498454,VS0,VE0
date
Fri, 28 May 2021 09:05:28 GMT
vary
Accept-Encoding
x-amz-request-id
XNAAD661CRDHV79Y
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
57
x-cache-hits
19841
match
p.crm4d.com/sync/tagada/
42 B
534 B
Image
General
Full URL
https://p.crm4d.com/sync/tagada/match?eh=2e3fed56edde36da197b33627e91f2ea%2Cfac7470b34e40bda25c115752d261d1c78c162e3003e100dd8f888218457b274
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
s.gif
p.crm4d.com/sync/appnexus/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=9049420836333641742
42 B
550 B
Image
General
Full URL
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=9049420836333641742
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
no-cache
Date
Fri, 28 May 2021 09:05:28 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.239:80
AN-X-Request-Uuid
a2389032-c906-4222-b8fa-a37a94059fd4
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=9049420836333641742
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:27 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
pragma
no-cache
date
Fri, 28 May 2021 09:05:28 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
s.gif
p.crm4d.com/sync/weborama/
Redirect Chain
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=404423&d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D
  • https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=lMzMlQdWyjsJy5qG28XRnO
42 B
550 B
Image
General
Full URL
https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=lMzMlQdWyjsJy5qG28XRnO
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:28 GMT
last-modified
Fri, 28 May 2021 09:05:28 GMT
server
Apache
access-control-allow-origin
*
transfer-encoding
chunked
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=lMzMlQdWyjsJy5qG28XRnO
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Tue, 03 Jul 2001 06:00:00 GMT
s.gif
p.crm4d.com/sync/bluekai/
Redirect Chain
  • https://stags.bluekai.com/site/49123?id=1QDqrYNmv6GDt8WV1ushsLAN2Lm5wMpgIc7G-XyS7KI&limit=1&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fbluekai%2Fs.gif%3Fbounce%3D1%26uid%3D%24_BK_UUID
  • https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=qjYt%2F99999YfeqOQ
42 B
563 B
Image
General
Full URL
https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=qjYt%2F99999YfeqOQ
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location
https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=qjYt%2F99999YfeqOQ
Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Length
0
BK-Server
44ee
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
s.gif
p.crm4d.com/sync/mediamath/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fmediamath%2Fs.gif%3Fbounce%3D1%26uid%3D%5BMM_UUID%5D
  • https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=377c60b0-b258-4a00-b1d5-d57c2a3416ba
42 B
551 B
Image
General
Full URL
https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=377c60b0-b258-4a00-b1d5-d57c2a3416ba
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Date
Fri, 28 May 2021 09:05:28 GMT
Server
MT3 3736 915c305 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=377c60b0-b258-4a00-b1d5-d57c2a3416ba
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 28 May 2021 09:05:31 GMT
s.gif
p.crm4d.com/sync/adobeam/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=81351&dpuuid=9VwSBcuZhLaUfeP3bTxxjXgUFblx072Vfx4Wag3NMtM&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=81351&dpuuid=9VwSBcuZhLaUfeP3bTxxjXgUFblx072Vfx4Wag3NMtM&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD...
  • https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=55337185609625300862920052901753977545
42 B
566 B
Image
General
Full URL
https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=55337185609625300862920052901753977545
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

DCS
dcs-prod-irl1-1-v008-0145a78e3.edge-irl1.demdex.com 6.3.0.20210527085910-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
FDgqPdtSSuc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=55337185609625300862920052901753977545
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
dpm.zebestof.com/
2 B
154 B
Image
General
Full URL
https://dpm.zebestof.com/sync?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fzbo%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BZBO_ID%7D
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.180.10.74 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-180-10-74.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
private, must-revalidate, proxy-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
2
p3p
CP="CAO PSA OUR"
0.gif
id5-sync.com/s/9/EKnS1Qv6bfhydZM0Um3uHDfP5l-Io7GHEyK0beF3tHg/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/9/EKnS1Qv6bfhydZM0Um3uHDfP5l-Io7GHEyK0beF3tHg/0.gif
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.195.5.40 , France, ASN16276 (OVH, FR),
Reverse DNS
p17.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
1622192728477
ew3.io/r/
0
0

s.gif
p.crm4d.com/sync/criteo/
Redirect Chain
  • https://gum.criteo.com/sync?c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40
  • https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=JyJ0xXFSeBuOzBTa9epRHwWj-OOfsmjX
42 B
548 B
Image
General
Full URL
https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=JyJ0xXFSeBuOzBTa9epRHwWj-OOfsmjX
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

location
https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=JyJ0xXFSeBuOzBTa9epRHwWj-OOfsmjX
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3147
date
Fri, 28 May 2021 09:05:28 GMT
content-length
204
content-type
text/html; charset=utf-8
s.gif
p.crm4d.com/sync/cact/
Redirect Chain
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid&firsttime=1
  • https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=abaa942982200fcd16301e3b6baca463935b11c7cd9dae560a34581744fe16dc
42 B
560 B
Image
General
Full URL
https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=abaa942982200fcd16301e3b6baca463935b11c7cd9dae560a34581744fe16dc
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.211.22 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
ip22.ip-145-239-211.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
private
Date
Fri, 28 May 2021 09:05:28 GMT
Content-Encoding
gzip
Server
web
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
location
https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=abaa942982200fcd16301e3b6baca463935b11c7cd9dae560a34581744fe16dc
Cache-Control
private, max-age=486000, pre-check=486000
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/html
Keep-Alive
timeout=60
Content-Length
20
Expires
Thu, 26 Aug 21 11:05:28 +0200
xdCsKz.gif
e.viously.com/
43 B
178 B
Image
General
Full URL
https://e.viously.com/xdCsKz.gif?ts=882.9&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 28 May 2021 09:05:27 GMT
raUWL9.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/raUWL9.gif?ts=883.1&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&sec=4&sem=unkown_domain
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 28 May 2021 09:05:27 GMT
BKaUfB.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/BKaUfB.gif?ts=884&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&wvv=744.3999996185303
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:28 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 28 May 2021 09:05:27 GMT
stories-vertical-ui.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
585 B
717 B
Script
General
Full URL
https://cdn.taboola.com/libtrc/stories-vertical-ui.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fef269571f27c369be45dbc589fce9730f1e137492437ceea15fec31d0838038

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VM_P6ATm6NC37hBr_wK6qGsq0YerB.GQ
content-encoding
gzip
etag
"abc3c8830dd92efa306d2b6ef1668783"
age
49
x-cache
HIT
x-amz-replication-status
PENDING
content-length
317
x-amz-id-2
6Okdj9PGAXz+sYjb+QRgXkaxBTAhD3IQGQLotGGwuAhgOPBvm54OTTq6w4yzZg7o/EMttsR8nvA=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:49:49 GMT
server
AmazonS3
x-timer
S1622192729.569322,VS0,VE0
date
Fri, 28 May 2021 09:05:28 GMT
vary
Accept-Encoding
x-amz-request-id
ZWZXZN1VP08DYXDX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
662
client.js
asset.easydmp.net/js/
9 KB
4 KB
Script
General
Full URL
https://asset.easydmp.net/js/client.js?t=225305
Requested by
Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=225305
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5ea43bfc60e2c50bd334980133eb207d11589f49e55da3d6b053526e76148d63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 18 May 2021 08:17:04 GMT
X-IPLB-Request-ID
52661272:BEAE_91EFC135:01BB_60B0B258_FDE9A2:11576
ETag
"60a37800-e7d"
X-IPLB-Instance
25144
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
3709
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93113711-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2316
date
Fri, 28 May 2021 08:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 28 May 2021 10:26:52 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=2144868818&t=pageview&_s=1&dl=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ul=en-us&de=UTF-8&dt=Primolotto.com%20-%20Loterie%20100%25%20gratuite%20-%20De%20l%27argent%20et%20des%20ch%C3%A8ques%20cadeaux%20%C3%A0%20gagner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEAAAQAB~&cid=992594848.1622192729&tid=UA-93113711-1&_gid=762925729.1622192729&gtm=2ou5q1&gcs=G100&npa=1&z=55224621
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 00:35:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30616
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame DB84
2 KB
546 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 May 2021 07:18:31 GMT
server
ESF
date
Fri, 28 May 2021 09:05:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 May 2021 09:05:29 GMT
bootstrap.css
wall.adgaterewards.com/assets/css/vc/ Frame DB84
114 KB
18 KB
Stylesheet
General
Full URL
https://wall.adgaterewards.com/assets/css/vc/bootstrap.css
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c96396f5c59de04878a008c9231a46553cbb06472116a33675a5dbc754c4d68

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2129
cf-polished
origSize=117305
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a53d1c3ae00004abc04932000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
W/"60ad1578-1ca39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=s%2BWDfyIiGcnQPig028ABaiMnTcOQ3JX7nFJGAo5uwj2bU3YZT9t1n%2Bc38kMn8ZM0%2B8PqoPY4oo%2B3Xq4K7e71azDn2XZk4OE4cRjqYUSp4kHb4JpX6anYq8Gnb3Vjnd6xMDt8h85vbnw8Hu8W2WdYgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6566524c487e4abc-FRA
cf-bgj
minify
font-awesome.min.css
wall.adgaterewards.com/assets/fonts/font-awesome-4.7.0/css/ Frame DB84
30 KB
7 KB
Stylesheet
General
Full URL
https://wall.adgaterewards.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3579
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a53d1c3ae00004abcbca26000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
W/"60ad1578-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qykGLW7yZCJ1AOR0yJFdzCFrI9cR7EIwrb%2F1ZmoRUmUkEbuFLMpq%2BqZdDFgRJN9dI4xoXh8gi7zYBtJP36sWRJ7ruSqFbrAG9uW2HnzVHCtacwP%2Fp0qUXMx%2B5KECusFZD0MtSMyz8LKj4E8PtDfH%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
6566524c48804abc-FRA
api.js
www.google.com/recaptcha/ Frame DB84
850 B
642 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1b6a758365f36733ee318c64cbfd8d2a1aee8dae87112ed62597cdcc15fe0cfc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Fri, 28 May 2021 09:05:29 GMT
adgaterewards.png
wall.adgaterewards.com/assets/img/vc/ Frame DB84
12 KB
12 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/vc/adgaterewards.png
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698c7a603e5dae46fa689aed50735ad8a3e51466b132210015ae6aa30f3b8068

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2129
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11816
cf-request-id
0a53d1c3cf00004abc919d4000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-2e28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gRhyGNCtrt6bjQ91SJC23hBKnq822IqHshbl6WWaOab%2FgXoyBqOpVVh8f9T4GUamxws4d1lBxwJntGaZwbIWumZQPW3pAw93dsSp25kQ9FwvzC6emtWQ7CeIvsyjvYU1AdTC19Tk4R7X%2FhveJS7f9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524c78f24abc-FRA
es5-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ Frame DB84
15 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-shim.min.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3104040
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5026
cf-request-id
0a53d1c3c600004e1429299000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-3b2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=MVH8hXvwsLH%2F6Ry1J%2BVoOTX7Y5uNQ4FI29Wrt1jeRhOVaJbp61W4io6gd0JTO9gAMLS9JRU2TpZiYC6BC20DNKQXcKdVX69bVwQ5Dq9SH0gfMmAEwEc%2BDdgZIFAniwQGHIPWdCXnzeoso6aK2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6566524c7a464e14-FRA
expires
Wed, 18 May 2022 09:05:29 GMT
es5-sham.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ Frame DB84
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-sham.min.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430519d7fdd5ff30e5c83844c4352be35bc55dbd2632e9a70cc474050c44b8f8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
619323
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1407
cf-request-id
0a53d1c3c900004e1455b3c000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=4fGp9f6fo7jG%2FpHZ%2B3e7B549VhY7vS1UyC4OXH8SQV3LOlZi3QcG66Oe2LiRA8ETY%2BsjgOGs3cm1lEX8qFjLJx2v4aRQyvZtnSnL%2BSjNBNsRyL8pJwg5e%2Fb7wUYrWgL0n%2FZu7AHXnZSULAJ6lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6566524c7a594e14-FRA
expires
Wed, 18 May 2022 09:05:29 GMT
desktopBundle.js
wall.adgaterewards.com/assets/js/vc/ Frame DB84
2 MB
291 KB
Script
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/desktopBundle.js?t=1621546207
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ad236b5967ea547c3daf0830c3a6fa908d35c6201c76e182267d59b668b629

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3243
cf-polished
origSize=1661163
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a53d1c3ce00004abca6b6d000000001
last-modified
Tue, 25 May 2021 15:19:22 GMT
server
cloudflare
etag
W/"60ad157a-1958eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=5Sv41dcO4RZvAqYOqoN7%2FRtTA2uhd25O57R0l%2BBwxrMHjudSQX1gTsozCSRS9R0tTCw5IpEmSA7VOYQacOpGG%2BcsFnR0usQzQNe4Kt%2FHQNiDluScoRFsHXCcqLn3K6QNADCx5m2SwSC613NP7j%2FtnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
6566524c78ee4abc-FRA
cf-bgj
minify
advertisement.js
wall.adgaterewards.com/assets/js/vc/ Frame DB84
30 B
680 B
Script
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/advertisement.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9212967af6330d6bce1b082e672372b651c92379a8ecb40e1922fdb859a5c268

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2129
cf-polished
origSize=32
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
cf-request-id
0a53d1c3ce00004abc9f178000000001
last-modified
Tue, 25 May 2021 15:19:22 GMT
server
cloudflare
etag
"60ad157a-20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=u5da1ojvbK8OoXowpkO6E4uw2xYQZxdI%2BXBJnNOb%2BmWNKN2PdiAMNhjyO5DHIgwxYe78RsUob5t%2F76t3sCXLIX%2BG95n19iiKCEEB3oOMs6TrFQdaOuWUkljABO5q3g3s8xGs99Raa09LwSApY3cJnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524c78f14abc-FRA
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/ Frame DB84
342 KB
133 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/sG0iO6gHcGdWJzjJjW9AY49S/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wall.adgaterewards.com
Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 06:42:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8572
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
136431
x-xss-protection
0
last-modified
Tue, 25 May 2021 16:32:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 May 2022 06:42:37 GMT
analytics.js
www.google-analytics.com/ Frame DB84
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/2051987
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2317
date
Fri, 28 May 2021 08:26:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Fri, 28 May 2021 10:26:52 GMT
en.json
wall.adgaterewards.com/assets/js/vc/locale/ Frame DB84
21 KB
7 KB
Fetch
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/locale/en.json
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/assets/js/vc/desktopBundle.js?t=1621546207
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee97dad5bc48f34673bd7ee16f8d93186063b5e60882af7704b306f0584ae1b2

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With
XMLHttpRequest

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 25 May 2021 15:19:22 GMT
server
cloudflare
etag
W/"60ad157a-53a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6PHTiFq59qfHvEGWfMYGNpfOFKnbsawlap8uTqAsJqG8d576deMzBa00PClBqf1qUXnoN9kkLIBESUbGqKX5%2B7jwR8Bof9hWFoPR3HGi%2FrS3xG0aAUTSwKd1AO%2F%2FGZqPQ%2F6xfcKaGS6IkhVjCfhpWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
6566524d4af04abc-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0a53d1c44b00004abce69c9000000001
US.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
765 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/US.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3580
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
765
cf-request-id
0a53d1c52200004abca9af9000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-2fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Fz3Tapm1jXsVSAIGSLT7iK5WAvqEObntvqAqxuzhX2Ehm3pVdIR8%2FrafAYwxb%2FbG32Dy5ySdFrGMgdZ0WrwfghJNyaKAi9ggK3nSD0VLF9vdzL4%2BVvTtzXFmjNTIKDnXqm8O5p40zIDeLQq%2FqBkpIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dca4abc-FRA
DE.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/DE.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52200004abcb00e4000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G%2BN2ZrD5A4mfbh3bGP25nUCdkzGbAcgzFj3keOnIp9k0PAeokwSvGGEB0E%2BNi5zoyBb%2FwTh%2FxCQvX%2F3wtHQze1EPFXIjcpggpxQmRjm6cdpoYibcPy7Y9PTq6erULz12dkAlyWlp1xjeZ4sQ1CBTMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dce4abc-FRA
RU.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
520 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/RU.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a435a77ba9821779ff039d294facf001ace345b9173c180754f425970b2d1a

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
520
cf-request-id
0a53d1c52200004abcf71ac000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=58MPzbwRdmhwFoT8gMlFtisjq3UEY5wlzifa2ATFr68z5Wr2EE6%2BHmzuMeQNtxTHVblCf32BSi0CUm30btxeDhd8SpQA0fNWkP%2B2IhepsIJN72YuqcTaq3Sdq33QESAu2Vq1%2BN54F3fixUYPIT%2FRcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dd14abc-FRA
UA.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/UA.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc0bbfb3f05a1803fc6289d151b61cabf846ff5b2660d47493c399135f7658c

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52200004abcc53c1000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2kLxc00LC8zAJPJ5jkVOcLYKn3N%2FLuwoIKEqqU9BoJmYLnMlTKcskSk4bhgm2Ft%2B%2F2%2B6YJoqlbQAOlQTUroRXIhFcKXLETJPWZNg679vXhxYYC1Y5t%2FDGa8Jvgo20sr7dUonsgQ5RkOc0T9kPIh0UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dd34abc-FRA
ES.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
705 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/ES.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c246ec07b24762244202158adadb0d006913c39f924c7d01d0ff00d2d024a0af

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
705
cf-request-id
0a53d1c52500004abcfa3c6000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-2c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Ty%2FNzXfE5eFBOMHCV30qiAvM1JqPvEXgcLGIRhSu6OufnKrsenf8ThHySnx3KVuLc48yYV5FN1BFbwQ9iUWz6JuqyWJhRGksv8XCW%2FV1t0mYW38OHOz8KgEI3jBRZYwHrWVpCDH%2B87QNTeMEuhp4rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dd44abc-FRA
PT.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
869 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/PT.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e13a24713c60de07775945d4f347acc364ae5f5f156ac3186329c0dcdfa7c69

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
869
cf-request-id
0a53d1c52300004abcad201000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Oz73xAf%2BZ9GOB1KaTKc1J3e6GdRoRVwoxW9UTrrTRUdLTX4XrJzvz6sowLGSLbApcShexSd1QjIi7vY4W%2F7zFp3lUbMX5C%2FtR85cT5GtwsWHMoGaXhVD3rC7XNjNpRPYyEr3iCVjPTHFUO6lFdpDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dd74abc-FRA
TR.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
718 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/TR.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34e825b0af90621129e3b1da7d4bb8dcb83a970067998c49e42e9572332ca37

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
718
cf-request-id
0a53d1c52300004abcf1064000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-2ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=QTJM%2BFnOgwXtmO%2FgKrIDvdC8Ig3MZfWorLEPBJmTLZygYtOnG8XuPV8BFHKc2ZqN3f%2FIygiClEJzA7OK2GbH57KKP6odZT%2FntlI5t81a9ecFhLmSwAHH2qWgQbKQEqW5PdoCzZRYhwD%2BjQ1erOuKqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9dd84abc-FRA
NL.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/NL.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fbaef854e0f55871aa050995066ea783c517640ba307e4971a5dfa009342b1

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52300004abc8d0c8000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6Ef1tnJabraW2q9fwh9FMX4tSBNMg%2FTfTOVmbsAGmy2O%2BRR%2BGRisFENktkIkBO%2FDkEGVbh8f4sPEI6LhJcIBlw3eDv29cruooS3R%2Bbxy%2FkHeTk2ULXOy%2FxWP9%2B%2Fn7kiHrJ7Sy28Li%2BLUMyUdM8PfRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9ddb4abc-FRA
IT.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
851 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/IT.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6cf86376b18e7013022123018f749c4427bc442df1ca43d05f7514b1984980

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
851
cf-request-id
0a53d1c52300004abcba22c000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0Z94LrnQEM7rd6OXbQSASw05FzSBLln1U%2FBOXHO2Q7rkbWSVcPdLeGtfsJD9Hb8tnwefBAVdqRa8vMetm%2Bii1dVRgSwWa72ldm0%2BTiqyh6CqIY6RAQf7SN%2BDhRap7TArzVc5kJAak5PVQasjjp6izw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9ddc4abc-FRA
FR.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
851 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/FR.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f494c6d8894113fcc5724294d52ff485c8d28b2d898a00975df52f1b6cb88584

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
851
cf-request-id
0a53d1c52400004abcf3af7000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rte%2BDM6ghNaWCmigBn%2FSMIXalEaQH54pgB01ZeC63yCWrt%2F1V5%2Bm3b88ALO0XCwlq3X9c7kAKrXKi3qIn8kyM%2FcWPmVpwPRQD1sLUfqayIklQ5HFS4h2MRpSxRqbbBhqUsD8gkfBUtjId87I1aTtAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9ddd4abc-FRA
SE.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
575 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/SE.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94cc624c94016647682407c6631bdbabb26f5065873f55f6237ab31aa7095154

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
575
cf-request-id
0a53d1c52400004abcf4be3000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-23f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Se3KTBaR6%2BOg4TSiycESrfH3DkeTeSjOqSU5IcRI%2BJxmzVYI%2FmtsFqZBB8bFpq6MqOr4fA4v5x9VDqbj7zOTqsWpstx0npo5QqhcxJmN2DVGkBsOkys%2FLhVdUCzKdU4JnDSlW%2BETPoGKo5N%2Byzof2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de04abc-FRA
DA.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
437 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/DA.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80a3407ddae570bfd761f497180f58472dad91693b58437210e2af57a835a83

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
437
cf-request-id
0a53d1c52400004abcd0a15000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jRexnFv8rZg3dlB0tGT9M1H3tWjIfESad3jHymGdDztXqIp0mdqOhTUukBV%2F3mtvXH5Hoh8%2FI7VUvvT4HycF04mM55UzeRohYwsLoMQI%2FWwjHZTSf%2FCxTq3xcjwdL%2BLgRC0P6VtDn%2FeZTCkyq4RgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de14abc-FRA
PL.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/PL.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8538a9e4df6cdfd820f455ef945483f2bdf9d130ddad32ab5f91f7dbb76b9d

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52500004abce69e4000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uuCYhTuhbbtUr1NSyGPGiUTvQtqPk1fMjToGQOb4nXEUZaMFqHZON%2FQ0FuIc2HuMWQPaAx47Y2BPXc%2Bk76x0DF1rZJhvhzFZx90NW4u8ma8mqz3AtF4414NLJeXLAYgOesHpQgKQpD75tqhJmaWN4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de34abc-FRA
TH.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/TH.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab6a8190b095272d4f8d0771b1f975c3b6b0992660e5fa1dcdf41a9534e716e

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2943
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52500004abc04956000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pDqlehHZ4ZNIVvi%2FhhRLFWkqqZnjPYYoYDEJtVwsAMtopUT%2BPruG75%2F8JjAs5Yxc12KKwsZCUAXcAgokM%2BQxIqmKGS3vCf9aHvfsEzK%2B84p58MRecyc1awOtkir9e4AoF6Ing0D0kHTj7PEGj3bOeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de44abc-FRA
VN.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
615 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/VN.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817dce8a7cc72dcf653b7883035382ce6db243a40c106598f47c419180d9858a

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
615
cf-request-id
0a53d1c52500004abcb49f5000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=BBkEJG4EGj49T%2BOUzLjPeRu9Tdj%2B0mBRKC0Vhk3mY3oXmkqoiOuKpPpuHdclJBA3Df6JJWMhAYf9lGAc3o3ZBuclxO%2BPg6cbp%2FJzXLO3%2BqhzMhTYbBb%2F4Yb3UPB%2B0TeWfswtLpEFIVbtLsvAGPTD9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de54abc-FRA
ID.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
509 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/ID.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea41b0db7ca29655f610421075ce1eb794fa892783be830f5cce6be828b5a4cc

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
0a53d1c52600004abcd2b22000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DwcO5HXjgMaE%2FNxAUD%2Bav8i%2BYlc1kM2goZwR%2FrEfwyD88uB%2F6xwQaI53NFkTMD%2Fmssui6ACVNOqmSZwNqIcxC9n3L8IQ98A5lXTTSaqEEhXVNV%2BWck7t0NljZBvjvY45VSv2%2FFUj71YD%2Bdh%2FwY7HQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de64abc-FRA
SA.png
wall.adgaterewards.com/assets/img/flags/ Frame DB84
939 B
2 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/SA.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1914089b9ec68a3b941d15a5315684bcb4362329b5ffc2dcf49c667c2964376e

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/2051987
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3554
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
939
cf-request-id
0a53d1c52600004abccdb80000000001
last-modified
Tue, 25 May 2021 15:19:20 GMT
server
cloudflare
etag
"60ad1578-3ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2FLdWEO%2FX4fu6Km9zmZBe3q9FWN2g7zvZH%2BzYZjs1R3%2F2P5m%2BibVQRKBq5CLHsXaWZ%2FASjb9M9ruxEEuloF9Xla46aNqlJrMzALhp1A2cP4bKW85mNnGtpabGzg%2B6rykzVLDp1hhOmnG1XHrBBeLo3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6566524e9de84abc-FRA
1616984629830.png
main-p.agmcdn.com/offers/ Frame DB84
388 KB
389 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1616984629830.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
744dc63ebc12000d2a43b2e30f92b3ec81064b6f3124111f36529b736054bc03

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6581
cf-ray
6566524effd24e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
397682
x-amz-id-2
u0kJ6L6kMYR/KJFE7Yc2bhbv0vo94ZfrGzcZCCBzZZSlvbStxkikho8NE0p93Pi8a/SjZA914nQ=
last-modified
Mon, 29 Mar 2021 02:23:51 GMT
server
cloudflare
etag
"84575eb8778ee7cf5332f3d46af111fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ANcA%2BawYGwsySMd3y7tDJcHbkbNl6x6hTkXi1uURVnoAjNTaNvLyHkI1OpWgnsHG2SrUR4hSqsPcdvZDcHCDt%2FHExibEkD423bh4ecX8hgqvpYMZcKqafvwY2fzcHZpfOWpYoM8oEFvWDWU%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
DC0KCV8736SC1Q7V
cache-control
max-age=432000
cf-request-id
0a53d1c55a00004e5086378000000001
accept-ranges
bytes
content-type
image/png
1613580417599.gif
main-p.agmcdn.com/offers/ Frame DB84
189 KB
190 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1613580417599.gif
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f960611508b199cef031bf17d41761dbdbb33c48ffbc2243e2d9a7736de42d

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3170
cf-ray
6566524effd44e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
193459
x-amz-id-2
42Atm22o9v3P3xSTlFBNopelT6+licxY5lLU8EWqttywG6tVJ+IA5QVW7IJ2cs/oDgiE/l2HoSY=
last-modified
Wed, 17 Feb 2021 16:46:58 GMT
server
cloudflare
etag
"9a9180e60ccfd01c1fdf7adc8e64b8f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ERbWb398L9PTCwBUMPrIlLhxWdD%2BlQxb4Js%2FOG9CaCUYVnIArtMYmZJFcWKojksD2W8AqvNvmWwQuSfqykoDAFLqzTECq8kfpUKGuPTQzAZp0l%2Be8CCq9pntVYXo3WxKI1GyCXXIJgxWHNE%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
A1G0HE2FYPFM1SHG
cache-control
max-age=432000
cf-request-id
0a53d1c55a00004e508b9fa000000001
accept-ranges
bytes
content-type
image/gif
1618868042684.jpeg
main-p.agmcdn.com/offers/ Frame DB84
8 KB
8 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1618868042684.jpeg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008bf02d7cfaded94ef3cc92509823d5839600ea7cf34fa02d38cea87f0b4585

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6758
cf-ray
6566524effd64e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8179
x-amz-id-2
HMlW6ehiFRafH+mh5RoRTdZoigeH6W83t2qF/aie0/v2nEslUDbhh+M/YYI4bB9S4fZ9PT7OSxY=
last-modified
Mon, 19 Apr 2021 21:34:06 GMT
server
cloudflare
etag
"12993cf863c516c683006c4e90b84173"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UueBszQ4iJmF%2FvvoXXv%2Bo8zkkrgIY0K9ZQjeSwgPmCQTW0e74oSI9EV8n63nJVxRcuVZVahziyCMR36QlDc%2BDfBeVoiP%2B%2BN3QZAK1CdlhDMr11HZWlPGbOvTHqnEGygS9ezUXU%2FQR5ZRqMc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
SVJ20XK96ZNXQ4FR
cache-control
max-age=432000
cf-request-id
0a53d1c55b00004e5097918000000001
accept-ranges
bytes
content-type
image/jpeg
340577-3gFMPyAo.jpg
main-p.agmcdn.com/offers/ Frame DB84
212 KB
213 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/340577-3gFMPyAo.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660d23a83593219127fbe8ee10bf8625f3b500309b3c534a6e28ffb711d5733a

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4406
cf-ray
6566524effd84e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
217413
x-amz-id-2
5U9+gvJ7gUPRKnCWOk/y5vxeKD4IHjDfPMjdrIwWBfPvTousRcLVcQbkN7rOp/3k4QyIGYKUrx4=
last-modified
Fri, 06 Sep 2019 07:40:25 GMT
server
cloudflare
etag
"a5803580f504d127df60df9d93fcf2f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ablYmfp8lkYZ5I3hwdFN31DHss0CZjdtAn%2FnceUwLEO%2Byepj4paY%2Fo3pXEupCSZgja3AQlvJeyju0pe5xzsKKEG1hgVwKTzEuIev9tfopjHPl7QuAxXAMzD%2Fjq%2FkOco7r7MB6p%2BwT3JFKKw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
TMAT6099E21YX8MS
cache-control
max-age=432000
cf-request-id
0a53d1c55b00004e50a6bb7000000001
accept-ranges
bytes
content-type
jpg
21491-hVc8Uizv.png
main-p.agmcdn.com/offers/ Frame DB84
3 KB
4 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/21491-hVc8Uizv.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c83bd091eed6528d91f3230623610f12263d983748eb89e8456ff41030da61

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3132
cf-ray
6566524effda4e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3164
x-amz-id-2
+BXTjLJuYy2yzg1ZFZyjSSh3HX7Q+yC2Vu5GwmM3bCYYu4LS1VKBYXdox2S4e1emBSdBMmHwFqg=
last-modified
Thu, 22 Mar 2018 13:40:17 GMT
server
cloudflare
etag
"62794225d67c61fac20ad717082573f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0%2BvOpEqtugFTcDNRjXExGwlfJXlxczXtm94J2TyThYTOeUW6j%2BTs%2FzP7zN2nqq2TU8vY%2Bik6wVY5wPhV641I%2Fg8zndmLmZYZdpqciNYCAwwj6TV8y4E9PZI6bnafauykZFgeIn2KvEpa2a8%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
EJF6Y9VTQQR1Z7SK
cache-control
max-age=432000
cf-request-id
0a53d1c55c00004e50959a5000000001
accept-ranges
bytes
content-type
image/png
1559315455478.gif
main-p.agmcdn.com/offers/ Frame DB84
104 KB
104 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1559315455478.gif
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:dec5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a10ff3b440212dabf7d8e4da5954c7995a5f9610b465ae52a447d3fc15cf5c

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3566
cf-ray
6566524effe34e50-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
105992
x-amz-id-2
kYtgbx1aHiJlSMKrDxADEaSwkxAqsJqRMKr32ieKlWO9wKeeh7v7wBrEoWIV3fyEuj83o+pRsjo=
last-modified
Fri, 31 May 2019 15:10:56 GMT
server
cloudflare
etag
"43c30170783909a3d6660493e868f0e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jENrkqKkoifv4cKW2cKQB4y%2FABF5oWSa7AUnhqaPi5qMym3sSIV5gjF2uSRXCjbQz8Oc%2FxIhnm52ygt8yxS1IFy4hq9dQp1AgVeILLIPufhMVG1TeflrK797ABbXNrgwjbV734IsrGuYCDY%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
NQGK09V8WJP5A3DR
cache-control
max-age=432000
cf-request-id
0a53d1c55c00004e50a5922000000001
accept-ranges
bytes
content-type
image/gif
mt
sonar.viously.com/1622192729503/
0
128 B
Script
General
Full URL
https://sonar.viously.com/1622192729503/mt?c=&o=https%3A%2F%2Fwww.primolotto.com%2Fgrid&w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=&ex=false&t=Primolotto.com%20-%20Loterie%20100%25%20gratuite%20-%20De%20l%27argent%20et%20des%20ch%C3%A8ques%20cadeaux%20%C3%A0%20gagner&d=Primolotto%20est%20une%20loterie%20100%25%20gratuite%20qui%20vous%20permet%20de%20remporter%20chaque%20jour%20de%20l%27argent%20et%20des%20cadeaux%20en%20validant%20vos%20grilles&pd=&l=fr&v=false&ev=&av=
Requested by
Host: sonar.viously.com
URL: https://sonar.viously.com/1622192728420/js?w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.223 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:29 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
content-type
application/octet-stream
content-length
0
expires
Tue, 24 Nov 2015 00:00:00 GMT
json
trc.taboola.com/tagadamedia-primolotto/trc/3/
69 KB
19 KB
XHR
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/trc/3/json?tim=11%3A05%3A33.570&lti=deflated&data=%7B%22id%22%3A310%2C%22ii%22%3A%22%2Fgrid%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1622118251313%2C%22vi%22%3A1622192733568%2C%22cv%22%3A%2220210527-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.primolotto.com%2Fgrid%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A1994%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-footer%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A793%2C%22mw%22%3A1046%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
86d773c7b32f486acae0f328dce1c9d6980416abd16788ae9b9596504f17a884

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
266
date
Fri, 28 May 2021 09:05:33 GMT
content-encoding
gzip
server
nginx
x-timer
S1622192734.632887,VS0,VE266
x-served-by
cache-fra19176-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.primolotto.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
19 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding
gzip
etag
"559c107d74fc83d8062b2553a1818b07"
age
15697
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5911
x-amz-id-2
PcZdxd4MAAFykcoOHYcgyv+TEhcU7OKI7t0br8QAKbOSr4qga/V09bIEDue+m1dl1lmqkJ1sz9E=
x-served-by
cache-hhn11557-HHN
last-modified
Mon, 03 May 2021 12:43:43 GMT
server
AmazonS3
x-timer
S1622192734.947574,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
7QPCNXQEEQ4QGPWX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
57
x-cache-hits
169543
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
977 B
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
8186
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by
cache-hhn11557-HHN
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1622192734.947605,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
CR4E2RJ6SANDVYVF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
57
x-cache-hits
111145
tfa-eid.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df5978120ab661004f993de1c4f2fc1c119207c7342f4022b7f4167ced53bd28

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7GnNCOEiHR2YJW9HNJ1E8Ct_GsynAKYk
content-encoding
gzip
etag
"c35d628c6e0b3546cf86e573667d36a2"
age
58
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4867
x-amz-id-2
/GDclUjSHRewakDJdTC7bCyGxET147dhulqkUIJEfowd9FsVohEFpdoDG5J7R3kDbcn4vLUTBEk=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:49:43 GMT
server
AmazonS3
x-timer
S1622192734.948958,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
0W06227CYQ3YJ7SD
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
622
sha256.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f5be796439b66283c7bc23da4d3ea539144f96b3a4f2b5e2c1cabd7a395e3a23

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3QrS4ahqnU3OHSVskFg6yr3GAmYaVkAR
content-encoding
gzip
etag
"3363a7849a8697294d3ea0866a30dc36"
age
49
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2595
x-amz-id-2
ZoOzQgH2XKqVdhs5t2Gl7DzG+vDqEO96SU2MQzOEoQEQMMhwTKVL4Pa7SG9uiTNdVKVfRVspx2s=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:49:56 GMT
server
AmazonS3
x-timer
S1622192734.948932,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
RTNR5DCB2G7WX3WW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
513
floating-unit.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
7 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
51c1592a7af9a558f5a28727dd018b2db1b429c2cd51599742c1aa22fbe70dd2

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
PyFajSl.us1yZhU8FE4GiKGkxy6FRa9q
content-encoding
gzip
etag
"338c9d835610c66e2cfb22af6c31bd55"
age
109
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2293
x-amz-id-2
K9b7mEUY58g9E06X1t2BywohdE5/HBzibY/TtD6WqVFSn1k2r0JIEQdilbvNkeGtCv1Rgcl3/vE=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:50:06 GMT
server
AmazonS3
x-timer
S1622192734.951660,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
SMAWBYHA51P0N59V
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
52
tb
15.taboola.com/
36 KB
10 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=tagadamedia-primolotto&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.primolotto.com%2Fgrid&encoded=1&uid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&variant=0|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1622192733942&tagid=&cntry=FR&platform=1&sesid=daeef9cc1b11cfcbc9618906b950d77f&itemid=/grid&viewid=1622192733568&geolat=&geoing=&deviceifa=&appid=&sd=v2_daeef9cc1b11cfcbc9618906b950d77f_3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd_1622192733_1622192733_CNawjgYQwvlBGID74pGbLyABKAEwSjjE1whA8osQSIi23QNQsaEPWABgAGixr-m1yv33zq0B&ri=cebf16ad1dd67797d6cfbf19e0a60a51&appname=&cdb=&gdprApplies=true&rid=&sii=-5698045850605719970&oee=true&tpubid=1080514&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=NAQ&hasGDPRConsent=true&tcfVersion=2&cmpStatus=1&tnetid=1047657&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6862f5b39023d1529b7fbb85a9d94be2b0642e575a1ab92f89938dd6305dcbd0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 May 2021 09:05:33 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1451
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-fra19176-FRA
pragma
no-cache
server
nginx
x-timer
S1622192734.953259,VS0,VE20
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6b19aaac7bd18341eee2aa8d888c87c9c2fca6edd6aa9337253c52b0b256c01

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ptM3vXD00UyGQIaSNiX_cF.xiFK8PQbs
content-encoding
gzip
etag
"d92a2545ac2f8bc15228d4c73639276f"
age
23
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1269
x-amz-id-2
StKj5RoIWj/Wx/XQ8GogeNOwLqLglvS8opnig8d8RkrDGa06w72p93l4R623UYe/6GKX1bEtlk8=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:50:17 GMT
server
AmazonS3
x-timer
S1622192734.954758,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
T6E02YWNCD92GJXH
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
14764
userx.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c8598654642759a89e6001b1f75b30fcd92b1e788cd490853985dabfc490d13

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
v8S6Tu3lFF8PRA6oD1gNvwyB1rRNXpt5
content-encoding
gzip
etag
"b76de45322e6195e9c4bcb13f978b180"
age
54
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7954
x-amz-id-2
AUyMlhxiQ3JgMmD67JyJQY3Z+97csa/V2Efi95WQytZ1Ggxp+GECsT+Nz45Clk7/7FBGl252kiA=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:49:38 GMT
server
AmazonS3
x-timer
S1622192734.974347,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
N2EEJBHT124CPDA8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
164
explore-more.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4292fc47bc28890f13b4c915d28a70ba5cafa055e9994c703fa244d044417dc5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pyJGM2JEf83.da2rhN06EWMrk6QloNfZ
content-encoding
gzip
etag
"efe002d046bf49e6af7b67671cef4ced"
age
12
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6763
x-amz-id-2
0UoaEWMgbYR4Sy97awsLgdtqDMDgqszr3lflvqHDE68AKpcxgJh3UqKLmDMPxdAL2NgYLFRj2Gk=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:50:20 GMT
server
AmazonS3
x-timer
S1622192734.976703,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
x-amz-request-id
FM94K0ZC1XH6DQG7
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
12
supply-feature
trc.taboola.com/tagadamedia-primolotto/log/3/
0
99 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/supply-feature?route=AM:AM:V&tvi2=2512&lti=deflated&ri=40fb3cd9dbbb0e56d19bafd6ae32d18c&sd=v2_daeef9cc1b11cfcbc9618906b950d77f_3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd_1622192733_1622192733_CNawjgYQwvlBGID74pGbLyABKAEwSjjE1whA8osQSIi23QNQsaEPWABgAGixr-m1yv33zq0B&ui=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&pi=/grid&wi=-5698045850605719970&pt=text&vi=1622192733568&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=11%3A05%3A33.941&id=7354&llvl=1&cv=20210527-9-RELEASE&
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192734.993296,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
61 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=11%3A05%3A33.974&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&id=9035&cv=20210527-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
x-fastly-to-nlb-rtt
9836
server
nginx
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
60 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=11%3A05%3A33.979&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&id=7757&cv=20210527-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
x-fastly-to-nlb-rtt
9836
server
nginx
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
60 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=11%3A05%3A33.983&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&id=3941&cv=20210527-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
x-fastly-to-nlb-rtt
9836
server
nginx
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
117
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
PXmN+/eJHi4iQw88K9bPSBbNSL6U9paKuXHdiL316amvW79JZtq3lEGrTbArm1EheJrKfE2/QWM=
x-served-by
cache-hhn11557-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1622192734.996032,VS0,VE0
date
Fri, 28 May 2021 09:05:33 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
9TS4S95ND2X7GHJ3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
57
x-cache-hits
423
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.4.3/
96 KB
28 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
97725b58061a739b37771c81bec6532aeaf5362f4d96cd9fbd5447fdd081396b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront), 1.1 varnish
age
1123345
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
28069
x-served-by
cache-fra19176-FRA
last-modified
Sat, 15 May 2021 09:01:53 GMT
server
AmazonS3
x-timer
S1622192734.042819,VS0,VE0
etag
"fcb5bc7c7995847e4677426fd754a620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
R6QpSWrvO9uDxOJbKTlUs65nLYZyroHBItHb__cHq2SUEK6DNO5EyA==
x-cache-hits
156402
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
255 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=2512&lti=deflated&ri=40fb3cd9dbbb0e56d19bafd6ae32d18c&sd=v2_daeef9cc1b11cfcbc9618906b950d77f_3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd_1622192733_1622192733_CNawjgYQwvlBGID74pGbLyABKAEwSjjE1whA8osQSIi23QNQsaEPWABgAGixr-m1yv33zq0B&ui=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&pi=/grid&wi=-5698045850605719970&pt=text&vi=1622192733568&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1622192734035%7D&tim=11%3A05%3A34.035&id=5400&llvl=1&cv=20210527-9-RELEASE&
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192734.045678,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
7953dda2232e0c7872c3225bdacff36e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7953dda2232e0c7872c3225bdacff36e.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5e8acdd160993bfe86dbdd9f2f2955fb3ce24b9e7a827be017274bb7c761d3ff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2244277
edge-cache-tag
453348772779574487830573783746026371082,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7953dda2232e0c7872c3225bdacff36e.jpg
content-length
8710
x-request-id
fe6610fa4d00b5cf5d8c932807d0ac5f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Sun, 02 May 2021 03:55:46 GMT
server
nginx
x-timer
S1622192734.049872,VS0,VE0
etag
"b744864f45c0b427a6c7040e77a80dbc"
x-served-by
cache-wdc5546-WDC, cache-dca17774-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
16 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80f9afad5106e5a1689f441f247dd7b8c43cbfcb06d897f31259709a061f0ccc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2418635
edge-cache-tag
296518910215287624490810605428222221363,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
31
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
content-length
16226
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Thu, 15 Apr 2021 05:43:58 GMT
server
nginx
x-timer
S1622192734.050041,VS0,VE1
etag
"a364a9a81aee7918c006f38a471e7f5b"
x-served-by
cache-wdc5541-WDC, cache-dca17725-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dd5315f7514cc38ef5644119e3d76d3e0b6fe8cc138302c55266150ffc784e1f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1025562
edge-cache-tag
383854561892179148618613608838688076333,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Wed, 19 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
content-length
11016
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Sun, 18 Apr 2021 02:42:06 GMT
server
nginx
x-timer
S1622192734.050017,VS0,VE1
etag
"cd0277cae7e4fbd639b86d5a32f6ddff"
x-served-by
cache-wdc5541-WDC, cache-dca12928-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
aff49e586caaa1d449a0e0fed6e270e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff49e586caaa1d449a0e0fed6e270e5.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9d2d6cae0922314a2965881cf7b832225eb419abfff4f8faa38ba994da68a75d

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2430125
edge-cache-tag
425177583314781390622082648547921672355,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
49
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff49e586caaa1d449a0e0fed6e270e5.jpg
content-length
12930
x-request-id
d0a02890d9e5c9ed90a0d77f333ab2b6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Wed, 28 Apr 2021 13:06:30 GMT
server
nginx
x-timer
S1622192734.050133,VS0,VE0
etag
"b5e89715fa4d8e2b75cfdc69983afb85"
x-served-by
cache-wdc5532-WDC, cache-dca17758-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 16
53546c4906796f2242fcffc7bac4e80c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
23 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53546c4906796f2242fcffc7bac4e80c.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec0ed00cb5e7631659bb5cde922049f79e8248aee226a5f736b49a3dc6aec8c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
727336
edge-cache-tag
451797562700402431043862664139733792353,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
1479
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/53546c4906796f2242fcffc7bac4e80c.jpg
content-length
23114
x-request-id
67bb15634738bd39346477b467a903fe
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Fri, 14 May 2021 16:03:57 GMT
server
nginx
x-timer
S1622192734.050060,VS0,VE1
etag
"a9c7eac4b23f2b59401a10f3ae3f8659"
x-served-by
cache-wdc5552-WDC, cache-dca12925-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a81392117a271b47f3f16bbeb7545b7421dc2c7b5102c5b134af4320305904e1

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2192040
edge-cache-tag
434627008199126008315450987453179400199,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/44dd7285-cd6a-4a0f-9085-8137587509a3/winter-is-coming-3_1000x600_3cdb896d38f728bf2948d75b6c6c8081.png
content-length
17556
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 15 Apr 2021 08:06:53 GMT
server
nginx
x-timer
S1622192734.069498,VS0,VE1
etag
"698f94d1a5a60d29705dc640fc7e21ba"
x-served-by
cache-wdc5565-WDC, cache-dca17756-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
examining-production-of-solar-power-plant-with-digital-tablet-picture-id1188930543%3Fb%3D1%26k%3D6%26m%3D1188930543%26s%3D170667a%26w%3D0%26h%3DVCC6NOM2XnSM9UOLFIOv8zcyPQVvxS4821c7RkHpE6Y%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/examining-production-of-solar-power-plant-with-digital-tablet-picture-id1188930543%3Fb%3D1%26k%3D6%26m%3D1188930543%26s%3D170667a%26w%3D0%26h%3DVCC6NOM2XnSM9UOLFIOv8zcyPQVvxS4821c7RkHpE6Y%3D
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c64b2da717e045efd1dbea5ed6631acb89aa154bf00415c6643ba028d0ec1c5b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
332067
edge-cache-tag
418461077679311276278184917167030830529,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
30
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/examining-production-of-solar-power-plant-with-digital-tablet-picture-id1188930543%3Fb%3D1%26k%3D6%26m%3D1188930543%26s%3D170667a%26w%3D0%26h%3DVCC6NOM2XnSM9UOLFIOv8zcyPQVvxS4821c7RkHpE6Y%3D
content-length
12368
x-request-id
a20c95ac0d0381f13e4b893366fb6561
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Mon, 24 May 2021 10:56:10 GMT
server
nginx
x-timer
S1622192734.077884,VS0,VE1
etag
"fc15389a963ba90ce2d525af0a456221"
x-served-by
cache-wdc5575-WDC, cache-dca17722-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
d8341b68689cd293570bacec163f0fd4.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8341b68689cd293570bacec163f0fd4.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9ff515c414102d89a2ecdbbfd13b4ea3b58c88e96c9b0d608c1503f590339f38

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3013665
edge-cache-tag
302620826574435161352059752986391093993,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
65
expiration
expiry-date="Fri, 07 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d8341b68689cd293570bacec163f0fd4.png
content-length
13204
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Tue, 06 Apr 2021 06:15:19 GMT
server
nginx
x-timer
S1622192734.082101,VS0,VE1
etag
"2dada78ce4a293acc9594e2cfeecb5cb"
x-served-by
cache-wdc5545-WDC, cache-dca17730-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
f507f3e622a702dea3a57eec5dd01b31.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f507f3e622a702dea3a57eec5dd01b31.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e2485fa2017a08e325ee546bb3c2393ae840233c8e51e4e19f6808bdd612cb41

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1477503
edge-cache-tag
420211057674410807394815168229576164167,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f507f3e622a702dea3a57eec5dd01b31.jpg
content-length
21522
x-request-id
8f895c495c860585da0d70a2f8697b18
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 06 May 2021 05:28:39 GMT
server
nginx
x-timer
S1622192734.090359,VS0,VE1
etag
"41288759041f1b0aa56470577202e1e5"
x-served-by
cache-wdc5579-WDC, cache-dca17763-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/
6 KB
3 KB
XHR
General
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a6ae56eebd4de7bcc4be90ea10f8ad2d9d042c51b4ccb1add02b30ed9c7c0a5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1430
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19176-FRA
pragma
no-cache
server
nginx
x-timer
S1622192734.051162,VS0,VE200
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
45236de419748e8ccd24ae79236cf970.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
43 KB
43 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a4943c185ec21f062fe03037374283832edb43603c5eff619af2b14b0389f6fd

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3860316
edge-cache-tag
502799783262806491759975645567713804953,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45236de419748e8ccd24ae79236cf970.jpg
content-length
43762
x-request-id
93ab4eb6bbd837ab869d417c978a0666
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Mon, 05 Apr 2021 17:45:54 GMT
server
nginx
x-timer
S1622192734.093814,VS0,VE1
etag
"4b582ecf97980f80188e6b9cbb492d17"
x-served-by
cache-wdc5537-WDC, cache-dca17746-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ca1a0af15f63585aab47433efd34124e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
16 KB
16 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca1a0af15f63585aab47433efd34124e.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16f911f528305db97e037d0d878a5a0bf798f58f1189baa739927cfcf7664210

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1554835
edge-cache-tag
357481122250201953117089454200068661235,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Fri, 14 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ca1a0af15f63585aab47433efd34124e.jpg
content-length
15968
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Tue, 13 Apr 2021 11:15:12 GMT
server
nginx
x-timer
S1622192734.096908,VS0,VE1
etag
"3ab870c9113184e20227513f84c56a5a"
x-served-by
cache-wdc5559-WDC, cache-dca17723-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1e211456-b34f-49ac-ad12-4df35e421b87.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vxgkq.com/content/
14 KB
15 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vxgkq.com/content/1e211456-b34f-49ac-ad12-4df35e421b87.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c6471021913e986a495ce3dc48839abbb29a2946fd5ec65acb7825713c4350a8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3816574
edge-cache-tag
532314228262054952042658448881624746486,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//vxgkq.com/content/1e211456-b34f-49ac-ad12-4df35e421b87.jpg
content-length
14554
x-request-id
ca4550990dd61747727da2f0d510caa3
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Sun, 11 Apr 2021 06:14:21 GMT
server
nginx
x-timer
S1622192734.100438,VS0,VE1
etag
"1072e6bc242c18a794b3fc27c261aba7"
x-served-by
cache-wdc5568-WDC, cache-dca17760-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
dff029b733e14fef206bb6bc91a4e417.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
10 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dff029b733e14fef206bb6bc91a4e417.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
778ef966cd529fadd1c05fa19a0a5b8e4c59b269dfc10a8280ceb7453e20000c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1250509
edge-cache-tag
470032785649597276988234701983128873893,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dff029b733e14fef206bb6bc91a4e417.jpg
content-length
10658
x-request-id
e97fc7ba872de1778d2f9f2ba47382ae
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Sun, 02 May 2021 11:45:27 GMT
server
nginx
x-timer
S1622192734.103579,VS0,VE1
etag
"d6e81ec75740b8f302b0150832f69cbf"
x-served-by
cache-wdc5562-WDC, cache-dca17769-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
2, 1, 1
prize-132-1589895126.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a6fecbeccaaf4daf397b7a2d18852b5eeeb893cdb5213212d16104c21d21fbf3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3033798
edge-cache-tag
358866144034612477154796702909255614674,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sat, 15 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
content-length
30320
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Wed, 14 Apr 2021 13:07:26 GMT
server
nginx
x-timer
S1622192734.107556,VS0,VE1
etag
"c968b6dd28ac474963a2a0b3cf803622"
x-served-by
cache-wdc5566-WDC, cache-dca17746-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
7953dda2232e0c7872c3225bdacff36e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7953dda2232e0c7872c3225bdacff36e.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
22d3c3f39d761c8d254f91938682421f5d9ac201805a164ffbf2b4722f31f9fd

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
97700
edge-cache-tag
453348772779574487830573783746026371082,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
119
expiration
expiry-date="Wed, 02 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7953dda2232e0c7872c3225bdacff36e.jpg
content-length
22602
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Sun, 02 May 2021 09:54:18 GMT
server
nginx
x-timer
S1622192734.116838,VS0,VE1
etag
"573daa20ec253feafcd6a48aa7c549fd"
x-served-by
cache-wdc5538-WDC, cache-dca17737-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
44 KB
45 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
341666f4c3dc05df23c848678de444880ecbdee95bd0ce410ec35433eb10032d

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1724702
edge-cache-tag
296518910215287624490810605428222221363,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
126
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c69ff11d1711d5a0fa9dc0bc2826b3dc.jpg
content-length
44882
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 15 Apr 2021 14:33:47 GMT
server
nginx
x-timer
S1622192734.122236,VS0,VE1
etag
"6c91bc0ac1537716c4f1560c2b302f77"
x-served-by
cache-wdc5576-WDC, cache-dca17761-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/
13 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6883b98278a2e4387a286d178c69fd7edda6befea76d1684077a27ee6ac265be

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
978964
edge-cache-tag
383854561892179148618613608838688076333,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
105
expiration
expiry-date="Mon, 24 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.bestofglamour.com/afbeeldingen/0x0/1603360782_de50016620bfde89efb3129cbee9296d4a9927c5.png
content-length
13256
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Fri, 23 Apr 2021 12:54:33 GMT
server
nginx
x-timer
S1622192734.123766,VS0,VE0
etag
"3b379efbc25f5dcc6fdb4b340d310d3f"
x-served-by
cache-wdc5522-WDC, cache-dca17737-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
aff49e586caaa1d449a0e0fed6e270e5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff49e586caaa1d449a0e0fed6e270e5.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf2264ebb3d3b6a7b10d68a6c45aec9ebf3a9e1e1fb57f4f7ab504288b62e92b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
614718
edge-cache-tag
425177583314781390622082648547921672355,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
37
expiration
expiry-date="Mon, 31 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/aff49e586caaa1d449a0e0fed6e270e5.jpg
content-length
8474
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 30 Apr 2021 06:05:24 GMT
server
nginx
x-timer
S1622192734.126218,VS0,VE1
etag
"461f38d845f2bcc051aa03e8ffd5fe5a"
x-served-by
cache-wdc5552-WDC, cache-dca17780-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
angry-woman-attacking-laptop-computer-young-sitting-desk-hammer-shouting-55187256.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thumbs.dreamstime.com/b/
11 KB
11 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thumbs.dreamstime.com/b/angry-woman-attacking-laptop-computer-young-sitting-desk-hammer-shouting-55187256.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7aca44c61fb879ab0188675d489610e9f6e808efbf913facfca965b92fb72545

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
623661
edge-cache-tag
362007456220031241015200715057989971068,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
54
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//thumbs.dreamstime.com/b/angry-woman-attacking-laptop-computer-young-sitting-desk-hammer-shouting-55187256.jpg
content-length
10788
x-request-id
146c7950bda0e5bb04a9f9dd14193d79
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Fri, 21 May 2021 02:29:19 GMT
server
nginx
x-timer
S1622192734.129126,VS0,VE1
etag
"d22838f23110a4f6f3b75c1ca4f66703"
x-served-by
cache-wdc5522-WDC, cache-dca12922-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
tbp
15.taboola.com/
6 KB
3 KB
XHR
General
Full URL
https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1ae7fe402c184ffa0cc3b2d011fd40243cf3cee2988e7fdcafc4fe7b676035e1

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1451
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19176-FRA
pragma
no-cache
server
nginx
x-timer
S1622192734.063585,VS0,VE24
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
0ae1405d059b148497528916fae0d4d2.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
28 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0ae1405d059b148497528916fae0d4d2.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d60858521d6b8c13c7a36b0643743d4007bc664754e898177d9870d3d18e7770

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1300880
edge-cache-tag
529794874879384388990632465602175795558,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0ae1405d059b148497528916fae0d4d2.jpg
content-length
28496
x-request-id
2363333e511855b2a651b5115f2bea04
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 13 May 2021 03:48:19 GMT
server
nginx
x-timer
S1622192734.136065,VS0,VE1
etag
"d6f3036ee8da2cb9467c544e7da9f76e"
x-served-by
cache-wdc5568-WDC, cache-dca17770-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
de31f29f3d085800e84b3b95b598638a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de31f29f3d085800e84b3b95b598638a.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7210d05b7b2f96ab720b4e6899fe21a457655c3a01890fb23a4774abcc1983ed

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
698748
edge-cache-tag
349332737538890843097218365573879456410,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
390
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de31f29f3d085800e84b3b95b598638a.png
content-length
21594
x-request-id
0e6e8c1383196939f1dbcf276e646bf9
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Mon, 17 May 2021 15:13:08 GMT
server
nginx
x-timer
S1622192734.142462,VS0,VE1
etag
"dc81d168bf485e2ed480f862d2c936af"
x-served-by
cache-wdc5525-WDC, cache-dca17758-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
221be2d1e0fd7848bfc26597f134f6af.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221be2d1e0fd7848bfc26597f134f6af.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc64b47901a2d3df60b2a6cf01a6f5caea404737fbeda1140f5cceb195f33995

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
330113
edge-cache-tag
587817824691932283011528511247443890158,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
419
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/221be2d1e0fd7848bfc26597f134f6af.jpg
content-length
11592
x-request-id
29efdb535fbdb4f5ddfc73519597d330
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb103
last-modified
Mon, 24 May 2021 08:52:30 GMT
server
nginx
x-timer
S1622192734.149190,VS0,VE1
etag
"983bf4b5193239fbe2632afffcf7a3df"
x-served-by
cache-wdc5574-WDC, cache-dca17756-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
f196e84d70c5b8e3aff8b8dae81664f5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
9 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f196e84d70c5b8e3aff8b8dae81664f5.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
96d74e6440b953d1ef80f81140488b65c9509e1b9ac2498f906e5c5319bc93e0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2913725
edge-cache-tag
352522340039122163428157143163117154504,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Tue, 11 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f196e84d70c5b8e3aff8b8dae81664f5.jpg
content-length
8910
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sat, 10 Apr 2021 18:11:24 GMT
server
nginx
x-timer
S1622192734.150517,VS0,VE1
etag
"d056d8bac97c6615af3a87dddd729b32"
x-served-by
cache-wdc5521-WDC, cache-dca17722-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
18a18573baa13014ab1061e12574a0a4.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_500,y_374/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_500,y_374/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18a18573baa13014ab1061e12574a0a4.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
158fea97531a019d9797d707ff6b40cbee9098b48b0570bd5268b7ae88a56e7a

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
2164771
edge-cache-tag
485568418982765064913676057572683972233,578034958120372951655602054241159635141,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
35
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, MISS, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_500,y_374/http%3A//cdn.taboola.com/libtrc/static/thumbnails/18a18573baa13014ab1061e12574a0a4.jpg
content-length
7668
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Thu, 15 Apr 2021 07:55:22 GMT
server
nginx
x-timer
S1622192734.151755,VS0,VE1
etag
"36eca023788cefc0f35cf411a560f501"
x-served-by
cache-wdc5530-WDC, cache-dca17767-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1
23d71b0d-06b5-4477-a355-e3e8ad7331d5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//pzwzj.com/content/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//pzwzj.com/content/23d71b0d-06b5-4477-a355-e3e8ad7331d5.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
415904296c3e7668069665e18cca37f9795a1d43940a5c1cde093d096a8e3634

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
1942105
edge-cache-tag
351628769934975618021699777289718834633,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//pzwzj.com/content/23d71b0d-06b5-4477-a355-e3e8ad7331d5.jpg
content-length
19726
x-request-id
e4944a4422d5e22e9dda51fbb3cb263e
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified
Wed, 05 May 2021 12:53:00 GMT
server
nginx
x-timer
S1622192734.154082,VS0,VE1
etag
"eace86468b7b1f271249f9522569c09b"
x-served-by
cache-wdc5562-WDC, cache-dca17720-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
2e761a4e557230af814cba8337c3c5f1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e761a4e557230af814cba8337c3c5f1.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5195f12b212bff0204203261880d59ab515771f13fc33d5608761a3f416c1aba

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3719513
edge-cache-tag
494171845315726608885071547810770032935,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
expiration
expiry-date="Sun, 16 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2e761a4e557230af814cba8337c3c5f1.jpg
content-length
13368
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Thu, 15 Apr 2021 05:29:12 GMT
server
nginx
x-timer
S1622192734.161998,VS0,VE1
etag
"91f5e538505e97964cf5bac250a5a463"
x-served-by
cache-wdc5536-WDC, cache-dca17775-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
d1b7e7bf8ab7aface55f397a577a64d1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
33 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1b7e7bf8ab7aface55f397a577a64d1.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ed7f3fc8996d9def2ed39335c3862f3e42c4ed0cbd5f9969ca93976915a47bd7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
525549
edge-cache-tag
400210417659649355788656345581896387143,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
50
expiration
expiry-date="Thu, 03 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d1b7e7bf8ab7aface55f397a577a64d1.jpg
content-length
32686
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Mon, 03 May 2021 10:19:37 GMT
server
nginx
x-timer
S1622192734.169204,VS0,VE1
etag
"7af204a71541acc1cf7cd06861150a2b"
x-served-by
cache-wdc5562-WDC, cache-dca17767-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
dd09e42dacaee2b4004be91357dacbd0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd09e42dacaee2b4004be91357dacbd0.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0b986b09ebc87c5263a6297298e8b678805555958018bcc691f7422b1cbfe167

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish, 1.1 varnish
age
3723988
edge-cache-tag
616437528911267345035661880947463113538,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
expiration
expiry-date="Sun, 25 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dd09e42dacaee2b4004be91357dacbd0.png
content-length
26018
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Thu, 25 Mar 2021 12:19:44 GMT
server
nginx
x-timer
S1622192734.175241,VS0,VE1
etag
"a0ddd4576e0f56e84771b3cc516d810e"
x-served-by
cache-wdc5560-WDC, cache-dca17726-DCA, cache-fra19176-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
next-up-widget.20210527-9-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20210527-9-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
093bbb017e1f736c787f0c1cfcad909bee1269d46118f2d2dcb75deb56d24c48

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
XmyGPLRECmKyvKrIfaO6NPW61CJpFp5F
content-encoding
gzip
etag
"ceddae7a654baa6c3d06e1841ea68aca"
age
117
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4366
x-amz-id-2
s5ep0FKLPN+Fov7TMJvmebITnEgGg4kdVY4NFzGL19m9tu9EJ6j8BEaI6eV/PmXlnt6yABrFyds=
x-served-by
cache-hhn11557-HHN
last-modified
Thu, 27 May 2021 13:50:04 GMT
server
AmazonS3
x-timer
S1622192734.076459,VS0,VE0
date
Fri, 28 May 2021 09:05:34 GMT
vary
Accept-Encoding
x-amz-request-id
04X6644FEVDY638Z
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
47
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
60 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=11%3A05%3A34.112&type=warn&msg=mode%20-%20blend-next-up-a%20has%20no%20config%20%3A-%20fallback%20-%20blend-next-up-a&id=7985&cv=20210527-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
x-fastly-to-nlb-rtt
9520
server
nginx
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
60 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=11%3A05%3A34.112&type=error&msg=TRCRBox.loadScriptCallback%3A%20Mode%20name%20%27blend-next-up-a%27%20doesn%27t%20exist%20in%20configuration%20file%20&id=4726&cv=20210527-9-RELEASE&lt=deflated&pct=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
x-fastly-to-nlb-rtt
9520
server
nginx
creative_js.js
vidstat.taboola.com/vpaid/units/27_2_17/creatives/
4 KB
2 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 8cdf0467c0468ddfe8e9873c6bb8304c.cloudfront.net (CloudFront), 1.1 varnish
age
2763823
x-amz-meta-mtime
1580720676
x-cache
Miss from cloudfront, HIT
x-amz-meta-ctime
1580720957
x-amz-meta-mode
33188
content-encoding
gzip
content-length
1904
x-served-by
cache-fra19176-FRA
last-modified
Mon, 03 Feb 2020 09:09:18 GMT
server
AmazonS3
x-timer
S1622192734.123234,VS0,VE0
etag
"d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
fAeHO52Fy78UbxheIVGwTQpabLzTVzA-RHX2HcKYyUH5P0SAs1-vKA==
x-cache-hits
487050
st
imprammp.taboola.com/ Frame 359B
0
92 B
Document
General
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=1AEDBEE5EB69784466218015904&cicmp=1337627&cijs=1&dast=V7kbQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLFgkSgsFmtFoS13w9FotpoMJsvlZDIcLpaQMIvFYjSZrYZTMNjC53R3t2EDTafD57rX636_u-DydPvNftPpb9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAJHEowMPychtez8vLHwAADwUgAAACGCEAJlqIIgAAAAAjAAAAACQAAomFJQAOd4smAAABebI4v24nAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAXQ6hQ97NFAogCRAWrRYwAAAAApMwk5I4mdUJlUfX___9vBXAFABCQJ4vzO5h1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IRmmJvTfjMyNdV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAAG9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhziQdW5dD6vzscGnMwVg8lcMZwrFqNVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=1AEDBEE5EB69784466218015904&cicmp=1337627&cijs=1&dast=V7kbQCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHHLFgkSgsFmtFoS13w9FotpoMJsvlZDIcLpaQMIvFYjSZrYZTMNjC53R3t2EDTafD57rX636_u-DydPvNftPpb9f43X45AAAAADwAELVEQ-z4NrRHAAAAAEjwjFwrUARU_FsIXAAAAABgABCIhWsAJHEowMPychtez8vLHwAADwUgAAACGCEAJlqIIgAAAAAjAAAAACQAAomFJQAOd4smAAABebI4v24nAAAAB3UyT9ss_____zEAee9NMgAUaRs3Bj0ADz4AD0IAAAAXQ6hQ97NFAogCRAWrRYwAAAAApMwk5I4mdUJlUfX___9vBXAFABCQJ4vzO5h1c1LMGgYAAAAwtkAPi99vdtg1frfL_v_________N_s8A0IRmmJvTfjMyNdV4Rq4V1n4BAQDY3g0A4E0ALuYA7AAAAADu_v____MAAAAG9ijZXqvx7FHW-wy28Dnd3fWbsMVoNZlslsPZcjEZDEfD0Wh_Argc4EQMlsvJZDHZrUar0Wa4G80GCxSIwQQnZDjaTFaj3Wo3WQ4no9FsM9kgRatWs9FmMFzNJrPdbjUcDJejEVK0ZjGbTBaz0XK3GSwno8FwMhziQdW5dD6vzscGnMwVg8lcMZwrFqNVAgAAAAAAAABYwpR5EwAAAIDTIGazyW634sabPRPEWq2WNQAAAAC3buQA!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1622192734.152931,VS0,VE80
content-length
0
cmTagCUSTOM.js
vidstat.taboola.com/vpaid/units/28_3_10/infra/
727 KB
132 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
age
633839
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697428
x-amz-meta-mode
33188
content-encoding
br
content-length
135037
x-amz-id-2
Yu7t6mZCDoELdV30QXis+D2cvM1qwVXMtve4ZGFG5uVUQmvRuFT4FGUK9kCg6Nz5ezmyrxKo8IU=
x-served-by
cache-fra19176-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:50 GMT
server
AmazonS3-br
x-timer
S1622192734.150715,VS0,VE0
etag
"37b0b0415484e88063c945bde767ba70"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
8HVS7FJY7XMDS1M8
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
4134
cmOsUnit.css
vidstat.taboola.com/vpaid/units/28_3_10/assets/css/
44 KB
7 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/28_3_10/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
age
1401601
x-amz-meta-mtime
1605697226
x-cache
HIT
x-amz-meta-ctime
1605697397
x-amz-meta-mode
33188
content-encoding
br
content-length
6493
x-amz-id-2
wyVbznJC+qBpcdfkiPkbVqf91P/lznRp8qUAtLFEnhP5cZkKgGDIp+xzGW4CWOR791HCFRuRBQs=
x-served-by
cache-fra19176-FRA
accept-ranges
bytes
last-modified
Wed, 18 Nov 2020 11:03:19 GMT
server
AmazonS3-br
x-timer
S1622192734.150773,VS0,VE0
etag
"083925e970a05bed26a70ecbfde9c0ca"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
8318182254431FF2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
129104
PMS.js
vidstat.taboola.com/PMS/2.2.1/
51 KB
16 KB
Script
General
Full URL
https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/28_3_10/infra/cmTagCUSTOM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 fdb19a60fef99ccf6faacc3588fcd922.cloudfront.net (CloudFront), 1.1 varnish
age
3725009
x-amz-meta-mtime
1542789750
x-cache
Miss from cloudfront, HIT
x-amz-meta-mode
33188
content-encoding
gzip
content-length
15795
x-served-by
cache-fra19176-FRA
last-modified
Wed, 21 Nov 2018 08:42:31 GMT
server
AmazonS3
x-timer
S1622192734.250033,VS0,VE0
etag
"57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
content-type
application/javascript
access-control-allow-headers
*
x-amz-cf-id
V7kH1ThKPP2LD_fu2xrbkdFfAzbjrlgwNURJZzCnWgHJhBJkwvGG2A==
x-cache-hits
2179004
st
imprammp.taboola.com/ Frame 800C
0
58 B
Document
General
Full URL
https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=2B9ADB59E729398811588174382&cicmp=1337627&cijs=1&dast=V7lbUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzJhLkgU1nLFmyw3y-FwsBguFrvlcrdbLCFhFovFaDJbDadgsIXP6e5uwwaaTofPda_X_X53weXp9pv9ptPfrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wBI4lCAh-XlNryel5c_AAAeCkAAAAQwQgBMtApFAAAAAEYAAAAASAAEEgtLABzuFk0AAALyZHF-h04AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAC6GFp1tv0K7jOuJCiyLGAEAAABImUnIHU3qhMqi6v___98K4AoAICBPFueXLuvmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCc0wN6f9ZmRqqvGMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAANDsUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOMSDqnPpfF6djw04mSsGk7liOFcsRqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cipid=7991117&ttype=0&cirid=2B9ADB59E729398811588174382&cicmp=1337627&cijs=1&dast=V7lbUCFgMx4ZFo0aUEZgQx4ZFo0aUEZgUAAAAGBugHGzJhLkgU1nLFmyw3y-FwsBguFrvlcrdbLCFhFovFaDJbDadgsIXP6e5uwwaaTofPda_X_X53weXp9pv9ptPfrvG7_XIAAAAAeAAgaomG2PFtaI8AAAAAkOAZuVagCKj4txC4AAAAAMAAIBAL1wBI4lCAh-XlNryel5c_AAAeCkAAAAQwQgBMtApFAAAAAEYAAAAASAAEEgtLABzuFk0AAALyZHF-h04AAAAO6mSetln-____YwDy3ptkACjSNm4MegAefAAehAAAAC6GFp1tv0K7jOuJCiyLGAEAAABImUnIHU3qhMqi6v___98K4AoAICBPFueXLuvmpJg1DAAAAGBsgR4Wv9_ssGv8bpf9_________5v9nwGgCc0wN6f9ZmRqqvGMXCus_QICALC9GwDAmwBczAHYAQAAANz9____5wEAANDsUbK9VuPZo6z3GWzhc7q76zdhi9FqMtksh7PlYjIYjoaj0f4EcDnAiRgsl5PJYrJbjVajzXA3mg0WKBCDCU7IcLSZrEa71W6yHE5Go9lmskGKVq1mo81guJpNZrvdajgYLkcjpGjNYjaZLGaj5W4zWE5Gg-FkOMSDqnPpfF6djw04mSsGk7liOFcsRqsEAAAAAAAAALCEKfMmAAAAAKdBzGaT3W7FjTd7Joi1Wi1rAAAAAG7dyAE!&excid=22&tst=1&docw=0&cs=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1622192734.279719,VS0,VE9
content-length
0
e4150bb0-d85d-4c1f-be53-9c934e080e1b
https://www.primolotto.com/
1 KB
0
Media
General
Full URL
blob:https://www.primolotto.com/e4150bb0-d85d-4c1f-be53-9c934e080e1b
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
8f66181c-ba7e-4985-a21c-26ddd938f9e9
https://www.primolotto.com/
1 KB
0
Media
General
Full URL
blob:https://www.primolotto.com/8f66181c-ba7e-4985-a21c-26ddd938f9e9
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
mqcqbcyo3jfvqalqtwf7.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621293075/
615 KB
616 KB
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621293075/mqcqbcyo3jfvqalqtwf7.mp4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
758db75d07a17c13b45e7d4d6395f51599ce7e1a15e93f545dbada7be9b3784d

Request headers

Referer
https://www.primolotto.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
XeAD2ChzgsxK1fCdSyheUDzRD_T04zgx
via
1.1 varnish
etag
"e1a5ed16bad00e74e57f2fdc09df0c71"
age
35
x-cache
HIT
Content-Range
bytes 0-630242/630243
x-amz-replication-status
COMPLETED
Content-Length
630243
x-amz-id-2
n5BEQaaI6WFcX09+1dUnwvqb1ojFQHVuWYMcz1arhvnEFt1AmkzKViniOW2gvc0CC8fMR39db/s=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 17 May 2021 23:11:22 GMT
server
AmazonS3
x-timer
S1622192734.379963,VS0,VE1
date
Fri, 28 May 2021 09:05:34 GMT
x-amz-request-id
Z21HHMH771YJYB1N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
57
x-cache-hits
0
l51irnyvicbqyw000tlf.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/
964 KB
965 KB
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/l51irnyvicbqyw000tlf.mp4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6721b2c203ce1ccd325a286fddcd1d9825857f79f9529dd47fbe58649efe1c0

Request headers

Referer
https://www.primolotto.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
k735iVgT8zcJHqILZLBsMsb_ifRwNBdS
via
1.1 varnish
etag
"2358cd8e2dda81cfdd44bd51e65422aa"
age
3
x-cache
HIT
Content-Range
bytes 0-987124/987125
x-amz-replication-status
COMPLETED
Content-Length
987125
x-amz-id-2
lzuU3Q+rFxIKvnD9DVQyOG30u7+2oDn6QKGYssUXI1iK8lfRrn3RrEAbDBsLEmY8yBlQIO076L8=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 17 May 2021 21:31:45 GMT
server
AmazonS3
x-timer
S1622192734.382164,VS0,VE1
date
Fri, 28 May 2021 09:05:34 GMT
x-amz-request-id
KQSE05SVBSNGJXJJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
57
x-cache-hits
0
st
imprammp.taboola.com/ Frame 91A8
955 B
678 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315

Request headers

:method
GET
:authority
imprammp.taboola.com
:scheme
https
:path
/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
content-type
text/html;charset=ISO-8859-1
content-encoding
gzip
accept-ranges
bytes
date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
x-served-by
cache-fra19176-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1622192734.392158,VS0,VE10
vary
Accept-Encoding
sync
am-match.taboola.com/ Frame D99C
956 B
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
date
Fri, 28 May 2021 09:05:34 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
VideoBidRequestHandlerServlet
wf.taboola.com/
1 KB
721 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192734382&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1233&pt=-570882960&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
43c553b7a6383e7548730c05dc497b91b159ff21399205fba793f5e963f07a30

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1419
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11557-HHN
pragma
no-cache
server
nginx
x-timer
S1622192734.394839,VS0,VE70
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=31589837&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1622192727621.3!ts:1622192734378&mntl=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-length
0
server
nginx
l51irnyvicbqyw000tlf.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/
64 KB
0
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621287097/l51irnyvicbqyw000tlf.mp4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.primolotto.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
k735iVgT8zcJHqILZLBsMsb_ifRwNBdS
via
1.1 varnish
etag
"2358cd8e2dda81cfdd44bd51e65422aa"
age
3
x-cache
HIT
Content-Range
bytes 0-987124/987125
x-amz-replication-status
COMPLETED
Content-Length
987125
x-amz-id-2
lzuU3Q+rFxIKvnD9DVQyOG30u7+2oDn6QKGYssUXI1iK8lfRrn3RrEAbDBsLEmY8yBlQIO076L8=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 17 May 2021 21:31:45 GMT
server
AmazonS3
x-timer
S1622192734.396086,VS0,VE1
date
Fri, 28 May 2021 09:05:34 GMT
x-amz-request-id
KQSE05SVBSNGJXJJ
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
57
x-cache-hits
0
mqcqbcyo3jfvqalqtwf7.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621293075/
23 KB
0
Media
General
Full URL
https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1621293075/mqcqbcyo3jfvqalqtwf7.mp4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.primolotto.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-version-id
XeAD2ChzgsxK1fCdSyheUDzRD_T04zgx
via
1.1 varnish
etag
"e1a5ed16bad00e74e57f2fdc09df0c71"
age
35
x-cache
HIT
Content-Range
bytes 0-630242/630243
x-amz-replication-status
COMPLETED
Content-Length
630243
x-amz-id-2
n5BEQaaI6WFcX09+1dUnwvqb1ojFQHVuWYMcz1arhvnEFt1AmkzKViniOW2gvc0CC8fMR39db/s=
x-served-by
cache-fra19176-FRA
last-modified
Mon, 17 May 2021 23:11:22 GMT
server
AmazonS3
x-timer
S1622192734.396142,VS0,VE1
date
Fri, 28 May 2021 09:05:34 GMT
x-amz-request-id
Z21HHMH771YJYB1N
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
video/mp4;codecs=avc1
abp
57
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame D99C
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame D99C
0
125 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D99C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
0
228 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Fri, 28 May 2021 09:05:34 GMT
server
nginx
x-fastly-to-nlb-rtt
14709

Redirect headers

Date
Fri, 28 May 2021 09:05:34 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame D99C
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/29_7_6/infra/
725 KB
120 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
121a0a70b461c0e186ca64f36a035299bf31ffacb44a057b2ee165d038615e92

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
age
255885
x-amz-meta-mtime
1621935352
x-cache
HIT
x-amz-meta-ctime
1621935353
x-amz-meta-mode
33188
content-encoding
br
content-length
122088
x-amz-id-2
gg+p6eGAbHgU/898uiagMOiQxJw1ZkXVYR3PZiRj3exNj0NsY53xgjaZu+PWDAPKY2T/V0OgT4Y=
x-served-by
cache-fra19140-FRA
accept-ranges
bytes
last-modified
Tue, 25 May 2021 09:35:54 GMT
server
AmazonS3-br
x-timer
S1622192735.541614,VS0,VE0
etag
"05739d9427025f0d5c60c2d7bca92d05"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
6SAH6GN4X6X8V3K2
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
133086
cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_7_6/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/29_7_6/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
age
255888
x-amz-meta-mtime
1621935370
x-cache
HIT
x-amz-meta-ctime
1621935370
x-amz-meta-mode
33188
content-encoding
br
content-length
7948
x-amz-id-2
fmRVjIwQyOitau0QOqSJ/IK3ymbupD+TMKsAQii9t81ZrjletQzGOPZfUGeIM1ABXFAy5zyEREk=
x-served-by
cache-fra19176-FRA
accept-ranges
bytes
last-modified
Tue, 25 May 2021 09:36:11 GMT
server
AmazonS3-br
x-timer
S1622192734.492076,VS0,VE0
etag
"ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
Z55SHR155RY3Q860
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
text/css
access-control-allow-headers
*
x-cache-hits
232221
content14_10_18m.js
vidstat.taboola.com/
37 KB
8 KB
Script
General
Full URL
https://vidstat.taboola.com/content14_10_18m.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront), 1.1 varnish
age
4284376
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
7638
x-served-by
cache-fra19176-FRA
last-modified
Sun, 14 Oct 2018 13:31:31 GMT
server
AmazonS3
x-timer
S1622192735.781290,VS0,VE0
etag
"d8d81221ec6e604811ce469d899c9c8b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA54
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
-TROi2rJAwAJZGjvQ1UUl45pz7OKYS6cCd8hK2LTON4-GEHuquvUjw==
x-cache-hits
5307198
oppsula.js
vidstat.taboola.com/oppsula/1.3.8/
15 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront), 1.1 varnish
age
2036400
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
5164
x-served-by
cache-fra19176-FRA
last-modified
Tue, 14 Apr 2020 06:07:12 GMT
server
AmazonS3
x-timer
S1622192735.786641,VS0,VE0
etag
"328b70146f77a19d2bc0172c656d921e"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aMkVreRZ2W_s9kpAVgUTQiU-V01sC2tQqC4rwufH-1HkDTxCNvJRIg==
x-cache-hits
1546807
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/
548 KB
112 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
48015da42a52ae4a114664f6a01d18f23d2240ced0d0a61752c742afbffd6196

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
via
1.1 varnish
age
518609
x-amz-meta-mtime
1621674044
x-cache
HIT
x-amz-meta-ctime
1621674057
x-amz-meta-mode
33188
content-encoding
br
content-length
114610
x-amz-id-2
sJcB9s4bvdSR3VDqe4OHAnu4Ng30IQxze+RvNB8u+wN/Kmt0WXmOAO3aJZ0IbI700mtL9x6dnxo=
x-served-by
cache-fra19176-FRA
accept-ranges
bytes
last-modified
Sat, 22 May 2021 09:00:58 GMT
server
AmazonS3-br
x-timer
S1622192735.799876,VS0,VE0
etag
"b7473e547ce104275d896a4eff4f5e2e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-request-id
Q78SWWQDH1SFNSDN
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-headers
*
x-cache-hits
478422
sync
am-match.taboola.com/ Frame F5F6
956 B
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
date
Fri, 28 May 2021 09:05:34 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3404
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=&cb=1622192734761&uv=2976&tms=1622192734761&su=&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&ft=0&unm=FEED_MANAGER&mntl=1&
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-length
0
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=31579697&cb=1622192734821&uv=2976&tms=1622192734821&su=1&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&ft=0&unm=FEED_MANAGER&su=1&
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 91A8
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 91A8
0
124 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 91A8
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
0
228 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Fri, 28 May 2021 09:05:34 GMT
server
nginx
x-fastly-to-nlb-rtt
12912

Redirect headers

Date
Fri, 28 May 2021 09:05:34 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
42
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 91A8
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame D4CD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
generic
match.adsrvr.org/track/cmf/ Frame F5F6
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame F5F6
0
124 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:35 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame F5F6
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
0
227 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Fri, 28 May 2021 09:05:35 GMT
server
nginx
x-fastly-to-nlb-rtt
12454

Redirect headers

Date
Fri, 28 May 2021 09:05:35 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=dcabbd89-bf93-11eb-8bb3-1891fad20206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
143
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame F5F6
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 99FF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66239685&crid=5498645&dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&cmcv=&pix=undefined&cb=1622192734378&uv=2976&tms=1622192734378&abt=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!ufm_vB&ft=0&su=1&unm=FEED_MANAGER&aure=false&agl=1&cirid=1AEDBEE5EB69784302906641829&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://imprammp.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://imprammp.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
visible
trc.taboola.com/tagadamedia-primolotto/log/3/
0
316 B
XHR
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/visible?tvi2=2512&route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 28 May 2021 09:05:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192735.040216,VS0,VE9
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/tagadamedia-primolotto/log/3/
0
61 B
XHR
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/bulk?tvi2=2512&route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
25
pragma
no-cache
date
Fri, 28 May 2021 09:05:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192735.055913,VS0,VE25
x-served-by
cache-fra19176-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
700 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
5400
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by
cache-hhn11557-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1622192735.103390,VS0,VE0
date
Fri, 28 May 2021 09:05:35 GMT
x-amz-request-id
BZA2MM8GAVQZA74K
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
98
x-cache-hits
12416
usync.html
eus.rubiconproject.com/ Frame CABF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 28 May 2021 09:05:35 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame D4CD
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44867
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Fri, 28 May 2021 21:33:22 GMT
usync.js
eus.rubiconproject.com/ Frame 99FF
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44867
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Fri, 28 May 2021 21:33:22 GMT
khaos.jpg
token.rubiconproject.com/ Frame D4CD
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
usync.js
eus.rubiconproject.com/ Frame CABF
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44867
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Fri, 28 May 2021 21:33:22 GMT
khaos.jpg
token.rubiconproject.com/ Frame CABF
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
khaos.jpg
token.rubiconproject.com/ Frame 99FF
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 72D6
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a&tbid=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de&query=taboola_hm%3D80cbda95-5f31-...
0
76 B
Image
General
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a&tbid=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de&query=taboola_hm%3D80cbda95-5f31-48fb-a2be-c0999e95f85a&isDirect=0
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192736.108523,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn11557-HHN

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=80cbda95-5f31-48fb-a2be-c0999e95f85a&tbid=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de&query=taboola_hm%3D80cbda95-5f31-48fb-a2be-c0999e95f85a&isDirect=0
tbl-x-upstream
10.41.10.199:10213
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx
x-fastly-to-nlb-rtt
11707
sd
u.openx.net/w/1.0/ Frame 72D6
Redirect Chain
  • https://u.openx.net/w/1.0/sd?id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
  • https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
43 B
180 B
Image
General
Full URL
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
OXGW/16.207.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:36 GMT
via
1.1 google
server
OXGW/16.207.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?cc=1&id=543998486&val=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
date
Fri, 28 May 2021 09:05:35 GMT
via
1.1 google
server
OXGW/16.207.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
sync.php
pixel.rubiconproject.com/exchange/ Frame 72D6
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 72D6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=868731ca-df13-5294-9d72-9b33fdc22953
0
227 B
Image
General
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=868731ca-df13-5294-9d72-9b33fdc22953
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx
x-fastly-to-nlb-rtt
11563

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=868731ca-df13-5294-9d72-9b33fdc22953
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 72D6
43 B
428 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.153.224.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 72D6
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Tat3Su2K5eg2&ev=1&orig=trc&pid=562107
0
218 B
Image
General
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Tat3Su2K5eg2&ev=1&orig=trc&pid=562107
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx
x-fastly-to-nlb-rtt
16765

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=Tat3Su2K5eg2&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-555c8fd69d-wzxdd
expires
-1
getuidnb
ib.adnxs.com/ Frame 72D6
43 B
696 B
Image
General
Full URL
https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 May 2021 09:05:36 GMT
X-Proxy-Origin
82.102.18.114; 82.102.18.114; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.142:80
AN-X-Request-Uuid
fcd46360-271d-4f14-9557-41fc986b6cd8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 72D6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm=&google_sc=&google_tc=
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEQksXnWifI30bNy-xb74Ec&google_cver=1
0
54 B
Image
General
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEQksXnWifI30bNy-xb74Ec&google_cver=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 28 May 2021 09:05:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192736.115438,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEEQksXnWifI30bNy-xb74Ec&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 72D6
42 B
547 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd:$UID
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:35 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:306
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 72D6
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D1%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=1&gdpr_consent=&google_hm=41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de
tbl-x-upstream
10.41.12.133:10213
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx
x-fastly-to-nlb-rtt
12057
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 72D6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=033848c3-1534-4fc9-a390-2723db154fe7
0
201 B
Image
General
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=033848c3-1534-4fc9-a390-2723db154fe7
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Fri, 28 May 2021 09:05:36 GMT
via
1.1 varnish
server
nginx
x-timer
S1622192736.021821,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19176-FRA

Redirect headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=033848c3-1534-4fc9-a390-2723db154fe7
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 72D6
Redirect Chain
  • https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
0
433 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 May 2021 09:05:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 May 2021 09:05:36 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=42&3pid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&us_privacy=&gdpr=1&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 72D6
49 B
397 B
Image
General
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-stage-0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 72D6
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:35 GMT
transfer-encoding
chunked
content-type
image/gif
put
e1.emxdgt.com/ Frame 72D6
0
59 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d41&uid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 72D6
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d09236da-9f83-4bd5-95b5-1f883eeb695a
0
228 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d09236da-9f83-4bd5-95b5-1f883eeb695a
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Fri, 28 May 2021 09:05:36 GMT
server
nginx
x-fastly-to-nlb-rtt
11619

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Fri, 28 May 2021 09:05:36 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=d09236da-9f83-4bd5-95b5-1f883eeb695a
cache-control
no-cache
server-processing-duration-in-ticks
2257
content-type
text/html; charset=utf-8
content-length
222
expires
Fri, 28 May 2021 00:00:00 GMT
getuid
ib.adnxs.com/ Frame 72D6
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&gdpr=1&gdpr_consent=
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://rd.frontend.weborama.fr/rd?url=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F100%2F6%2F2.gif%3Fpuid%3D%7BWEBO_CID%7D%26gdpr%3D1%26gdpr_consent%3D&bounce=1&random=2486249549
  • https://id5-sync.com/cq/464/100/6/2.gif?puid=Fo6/ShtxxBr1RfQ/rG/T5O&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F5%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/464/108/5/3.gif?puid=1441596e-0303-4402-93b9-0b93250a0f04&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOH_sIWynLisRZfnhpOcJaOi0ev9vLCTgWzO1rfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOH_sIWynLisRZfnhpOcJaOi0ev9vLCTgWzO1rfQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F4%2F4.gif%3Fp...
  • https://id5-sync.com/cq/464/124/4/4.gif?puid=18f3931a-9f13-4d50-a0f1-7eb90de552ba&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F3%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/441/3/5.gif?puid=e_e1ebe615-9957-4f2c-ba07-e177c13a72f3&gdpr=1&gdpr_consent=
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D
  • https://p.crm4d.com/sync/id5/getuid?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F9%2F2%2F6.gif%3Fpuid%3D%24C4D_UID%26gdpr%3D1%26gdpr_consent%3D&bounce=1
  • https://id5-sync.com/c/464/9/2/6.gif?puid=ueJH_5vZbjfyxPHDJcv4UMpRAVwphJS45nft9lslWWQ&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEG-xuZvFsFqLyMQKHANkG98&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0Rv...
0
0

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 72D6
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=DOnYLhLPBMCZAF1bYLKwYA
0
218 B
Image
General
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=DOnYLhLPBMCZAF1bYLKwYA
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Fri, 28 May 2021 09:05:37 GMT
server
nginx
x-fastly-to-nlb-rtt
15823

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=DOnYLhLPBMCZAF1bYLKwYA
date
Fri, 28 May 2021 09:05:36 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 72D6
35 B
380 B
Image
General
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Fri, 28 May 2021 09:05:33 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
x.bidswitch.net/ Frame 72D6
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=taboola&gdpr=1&gdpr_consent=
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cds.js
cdn.taboola.com/scripts/
3 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding
gzip
etag
"fe3141b1cffc47b284c82d96b098b304"
age
3481
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1181
x-amz-id-2
i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by
cache-hhn11557-HHN
last-modified
Wed, 10 Mar 2021 13:27:13 GMT
server
AmazonS3
x-timer
S1622192736.202665,VS0,VE0
date
Fri, 28 May 2021 09:05:36 GMT
vary
Accept-Encoding
x-amz-request-id
8G72GPESSN3T79N7
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
98
x-cache-hits
48258
/
t1.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t1.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.231 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t2.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t2.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.202 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6856c5a3a26b5a3f2ead70ca56870769d1fee88f9c457f4360812f2203565824

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t3.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t3.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.213 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e629fa6598d732768f7c726b4b621285f9c3b85303900aa912017db7617d8bdb

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Thu, 21 Jan 2021 15:58:50 GMT
server
nginx
etag
"6009a4ba-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t4.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t4.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.195 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0b8efa5a3bf104413a725c6ff0459a6be12b1fd33314cbb138745baf39504ae5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:23 GMT
server
nginx
etag
"600d8c3b-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t5.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t5.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.238 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b5196483f90f6525ff241a0480b1fac712a8eaf1793e0f964e3552f9d137c30f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Thu, 21 Jan 2021 15:59:30 GMT
server
nginx
etag
"6009a4e2-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t6.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t6.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.199 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
19b100ab7725c612f3d80ff203ca53cea5cadaafae3bf0f88f0fb4089fe08815

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:13 GMT
server
nginx
etag
"600d8c31-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t7.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t7.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.198 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
aacd834b5cdc64a329e27649143406dd068306542988dfc250d6184745894849

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
t8.taboola.com/
2 B
179 B
XHR
General
Full URL
https://t8.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.124.234 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
b2239ae33d9bc5614aeb2e439e5032b1fe77c32f7080d3211c1d03f1b17ffcf6

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
last-modified
Sun, 24 Jan 2021 15:03:16 GMT
server
nginx
etag
"600d8c34-2"
content-type
text/html
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
accept-ranges
bytes
content-length
2
/
pips.taboola.com/
64 B
242 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:36 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19163-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://www.primolotto.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/
0
155 B
XHR
General
Full URL
https://cds.taboola.com/?uid=3d16593e-f331-4e71-833b-90595bdc21f2-tuct7aa37dd&dnid=270a15032e07062a&uad=2fdc9dff64e35c1da87224be72196d266a5a59834b754e4e186adb6e48c6938f
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 28 May 2021 09:05:36 GMT
Cache-Control
no-store
Server
nginx
Connection
close
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
1 KB
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192737089&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1233&pt=947339828&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
eb9a1963479a78a3e80704fe3d83ead4e7c82ff9ed05074d45b8168fe9f1eabf

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

date
Fri, 28 May 2021 09:05:37 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1419
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn11557-HHN
pragma
no-cache
server
nginx
x-timer
S1622192737.103082,VS0,VE51
vary
Accept-Encoding
content-type
application/json;charset=utf-8
via
1.1 varnish
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
1 KB
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192740095&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1233&pt=947339828&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
eb9a1963479a78a3e80704fe3d83ead4e7c82ff9ed05074d45b8168fe9f1eabf

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:40 GMT
content-encoding
gzip
server
nginx
machineid
1410
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
LvebNC.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/LvebNC.gif?ts=14268.9&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&wvv=90.69999885559082
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:41 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 28 May 2021 09:05:40 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
1 KB
795 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192743099&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1233&pt=947339828&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a59a668c675466b166bfd4940ad2640adb714260cccd6f25daeb6f43f0eafcb3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:43 GMT
content-encoding
gzip
server
nginx
machineid
1459
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
1 KB
795 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192746101&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1233&pt=947339828&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a59a668c675466b166bfd4940ad2640adb714260cccd6f25daeb6f43f0eafcb3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:46 GMT
content-encoding
gzip
server
nginx
machineid
1439
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
1 KB
795 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=5498645&noaop=5&sortOrderType=0&cb=1622192749103&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=6&pv=1233&pt=947339828&tz=120&viewable=true&ddast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=7&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1866665&dpubid=283045&abtst=adh5c-1_vA!insc_vA!mprdctdt6_vA!qpr_vB!rvf1_vB!smbs!spa2_vB!t120!ufm_vE&mPre=0.025&cirf=https%3A%2F%2Fwww.primolotto.com&en=1&subu=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a59a668c675466b166bfd4940ad2640adb714260cccd6f25daeb6f43f0eafcb3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:49 GMT
content-encoding
gzip
server
nginx
machineid
1420
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
am-match.taboola.com/ Frame 2621
956 B
1 KB
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78

Request headers

:method
GET
:authority
am-match.taboola.com
:scheme
https
:path
/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

server
nginx
date
Fri, 28 May 2021 09:05:54 GMT
content-type
text/html;charset=ISO-8859-1
machineid
3401
generic
match.adsrvr.org/track/cmf/ Frame 2621
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 28 May 2021 09:05:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
pixel.advertising.com/ups/58166/ Frame 2621
0
124 B
Script
General
Full URL
https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:54 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 2621
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e89c8068-bf93-11eb-bcac-124172220206&orig=video&us_privacy=1---
0
228 B
Script
General
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e89c8068-bf93-11eb-bcac-124172220206&orig=video&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Fri, 28 May 2021 09:05:54 GMT
server
nginx
x-fastly-to-nlb-rtt
11454

Redirect headers

Date
Fri, 28 May 2021 09:05:54 GMT
Server
nginx
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=e89c8068-bf93-11eb-bcac-124172220206&orig=video&us_privacy=1---
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
110
Connection
keep-alive
Content-Length
0
sync
x.bidswitch.net/ Frame 2621
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.140.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 28 May 2021 09:05:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame 498B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
  • https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V70CsCFgPWNGeS6e6Z1gTWNGeS6e6Z1gUAAAAGBvQHG7FgkSgsFmtFoS13w9FmMFkOZrPRYjhZDoEjFiwShcVirSi05W442gwWk8FiNFmulpvdFD6M5TIZ1AIJy-z3HRSU09NjdhlERdfbYnc4zZ43fKDpdPhc93rd73cXXJ5uv9lvOv3tGr_br7M8TXYAAAAAeACYOq-A-AEEAIgAAAAAkAAAAACgCKj4txC4AAAAAMAAMNC_0wBI4lCAh-XlNryel5c_AAAeCkAAAAQwSAAIokpLADj2Uk8AAAAAAAAAAFj-____YwbkeYtlAEKKN3sAHnwAHogKVosYAQAAAEiZScgdTeqEyqIKAIAg3QrgCgAgIE8W5xchDAAAIGBsgR4Wv9_ssGv8bpcBAAAAAAAAAJj9n_2jCc0wN6f9ZmRqqv0CAgCs_QICALCpGwDAmwBc0AXA6gJidgAAAAB3_____3og5HC5bM6NxzFxLDY2j8XjnC2Gy8Fs4lwNRr7dzHv-zBOgEcfv6n0hwjL7fQcF5fT0mF0GUdH1ttgdTrPnID5oGJaTQTC_CVuMVpPJZjmcLReTwXA0HI32J4DLAU7EYLmcTBaT3Wq0Gm2Gu9FssECBGExwQoajzWQ12q12k-VwMhrNNpMNUrRqNRttBsPVbDLb7VbDwXA5GiFFaxazyWQxGy13m8FyMhoMJ8MhwszIMVstNyu3zLNZrEUr32It3GwmbuVgtVxNTB7LYmZZi14f02_h8OxGJi8KBmjsRXCRTkQPn8PkcLtMTodbcHm6_Wa_6fS3iCWak0U6kV32JYfLZXNuPI6JY7GxeSwe52wxXA5mE-dqMPLtZv7OyDFbLTcrt8yzWaxFK99iLdxsJm7lYLVcTUwey2JmWYteH9Nv4fDsRiZ_YzaZLJaT3Wazb8wmk8Vystts9h06w3f1ORu929nCY5J4o8GPYmY-KFwGi_epWl2M3dFB3HsenSbTslnUGZ2Hi9BrUHgOHtN4easdy9tnM30cJhSxRHC6SCeil_F0EUskT4t0onFZbI7ZwuQYmWy73XI3sm1sFptjuTIsbIOFazERS5Smi3Si11meJov6jw04mSsGk7liOFcsRqsEAAAAAAAAALCEOfMmAAAAAKeBDDeD0Wq5ABB8wro_5_6zFNEDpLuw7Hl9CMHuXscW9PA5TA63y-R0uAWXp9tv9ptOfysDPPCnMW_2TBBrtVrWAAAAAtgAAAAB3Lp5DziDUXEAAACBcQAAgABy!&excid=22&docw=0&cijs=1&nlb=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://am-match.taboola.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://am-match.taboola.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 May 2021 09:05:54 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date
Fri, 28 May 2021 09:05:54 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usync.js
eus.rubiconproject.com/ Frame 498B
31 KB
9 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 28 May 2021 09:05:55 GMT
Content-Encoding
gzip
Last-Modified
Thu, 20 May 2021 19:07:56 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=44847
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9267
Expires
Fri, 28 May 2021 21:33:22 GMT
khaos.jpg
token.rubiconproject.com/ Frame 498B
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ew3.io
URL
https://ew3.io/r/1622192728477?crm4did=d5_Mx91EEvoA8xybdZ6HNJ7jCKVsLI6JEd2ZPasnIm8
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEG-xuZvFsFqLyMQKHANkG98&sd=Y2FzY2FkZXNSZW1haW5pbmc9MSZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| tr_grid_is_validated string| tr_please_check_before_submit string| tr_not_enough_ticket string| tr_select_at_least_one string| tr_select_your_numbers_first string| tr_grid_not_entire object| Laravel function| jQuery function| $ function| moment object| app object| grid object| _taboola function| gtag object| adsbygoogle boolean| gtag_enable_tcf_support object| dataLayer function| __tcfapi object| Sddan object| _pcq object| _c4d function| __easyMetaTagSqudata object| google_tag_manager object| google_tag_data boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit object| TRC object| _tblConsole undefined| msg object| webVitals function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| SDDAN function| easyMetaTag_HTML object| data boolean| _cookieTest object| CollectSet string| [eedmpact] function| eedmpdo string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData number| taboola_view_id string| nam object| placementData object| _tfa object| cmTag undefined| define function| startCMTagMain object| _cm_wfCounters string| lastWfUrl string| category function| webpackHotUpdate function| shuffle object| arrToUse object| travel object| news object| mobilecontent1 object| mobilecontent1_new object| travelmuted object| movietrailersHD object| movietrailersHDmuted object| widescreen object| movietrailerslight object| landscapeHD object| landscapeHDmuted object| blank object| blankblack object| blankblack7 object| blankblack5 object| blankblack_mob object| blankwhiteHDmpg object| blankblack10 object| blankwhite object| blankwhiteHD object| black_loader object| lightweight object| lightweight_single object| lightweight300600 object| bonnier object| home object| lipstick object| shoes object| art object| infiltrator object| glass object| lemurs object| NBAshoes object| Sunglasses object| Hummus object| Short_food object| Short_swim object| Euro_news object| Automoto_TV object| Uzoo object| SmartDuvet object| Tiger object| Chocolate object| Logan object| Jacket object| Bike object| Kanye object| Cancun object| Smartwatch object| Helicopter object| dogshampoo object| icetea object| charger object| blueysmoothie object| ShortContent object| carbsandwich object| pisatower object| Food1 object| Food2 object| Food3 object| Food4 object| Food5 object| Food6 object| Food7 object| Fashion object| Lifestyle1 object| Lifestyle2 object| Technology1 object| Technology2 object| Technology3 object| Entertainment object| Scrambledeggs object| Spinach object| Bub1 object| Pokemon object| style_hacks object| Motorcycle object| IceCracking object| Manatees object| Daiving object| Fishing_Lure object| Shark object| HundredsManatees object| TigerShark object| MandelaPrize object| Bertram35 object| bushfire object| Snow object| Delta object| Wheels object| Yellowfin object| Grip object| Kawasaki object| Yoga object| Cat object| Chickens object| RZR object| bitcoin object| bmw object| wombat object| koala object| Marsupial object| puppy object| bitcoinMuted object| bmwMuted object| Wallabies object| Bunny object| Pumpkins object| Dogs_Stress object| Dogs_Stress_image object| lightweight300600_short object| playlist string| vpaidId function| OvaMediaPlayer

1 Cookies

Domain/Path Name / Value
.taboola.com/ Name: t_gid
Value: 41a960e5-6199-4b62-86a2-a3b973093951-tuct7aa37de

5 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01-b-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01-y-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-y-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3)
Message:
mode - blend-next-up-a has no config :- fallback - blend-next-up-a
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3)
Message:
TRCRBox.loadScriptCallback: Mode name 'blend-next-up-a' doesn't exist in configuration file

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
ads.betweendigital.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
asset.easydmp.net
bh.contextweb.com
bttrack.com
c3.taboola.com
cache.consentframework.com
cdn.pushcrew.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
choices.consentframework.com
cm.g.doubleclick.net
dis.criteo.com
dpm.demdex.net
dpm.zebestof.com
e.viously.com
e1.emxdgt.com
ejp.rlcdn.com
eus.rubiconproject.com
ew3.io
fonts.googleapis.com
getviously.com
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
imgs.tagadamedia.com
imprammp.taboola.com
jadserve.postrelease.com
live.demand.supply
main-p.agmcdn.com
match.adsrvr.org
match.taboola.com
p.crm4d.com
pips.taboola.com
pixel.advertising.com
pixel.mathtag.com
pixel.rubiconproject.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.c.appier.net
secure-assets.rubiconproject.com
simage2.pubmatic.com
sonar.viously.com
stags.bluekai.com
sync-t1.taboola.com
sync.commander1.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.taboola.com
t.nl.primolotto.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
vidstat.taboola.com
wall.adgaterewards.com
wam.solution.weborama.fr
wf.taboola.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.primolotto.com
x.bidswitch.net
ew3.io
ib.adnxs.com
104.111.230.142
13.248.242.197
141.226.124.195
141.226.124.198
141.226.124.199
141.226.124.202
141.226.124.213
141.226.124.231
141.226.124.234
141.226.124.238
141.226.224.32
141.226.228.48
142.250.185.194
145.239.193.53
145.239.211.22
151.101.13.44
172.105.213.147
178.250.0.163
18.185.140.232
18.185.197.81
18.195.155.181
185.141.129.223
185.141.129.226
185.141.129.230
185.33.223.178
185.59.220.194
185.64.190.80
185.86.137.110
185.86.137.131
185.94.180.126
188.42.196.115
192.132.33.46
198.148.27.139
199.232.137.44
2.18.233.201
2.19.35.65
23.45.99.241
2606:4700:10::6814:3777
2606:4700:20::681a:466
2606:4700:3034::6815:3724
2606:4700:3035::ac43:dec5
2606:4700::6810:125e
2606:4700::6810:8616
2a00:1450:4001:809::2004
2a00:1450:4001:810::2008
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a02:2638:1::13
2a04:4e42:3::300
2a05:71c0:2000::e
3.126.63.176
34.98.64.218
35.153.224.87
35.180.10.74
35.244.174.68
51.15.145.115
51.195.5.40
52.31.176.223
54.155.235.161
69.173.144.165
72.251.249.13
91.216.195.7
95.131.143.205
008bf02d7cfaded94ef3cc92509823d5839600ea7cf34fa02d38cea87f0b4585
093bbb017e1f736c787f0c1cfcad909bee1269d46118f2d2dcb75deb56d24c48
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8efa5a3bf104413a725c6ff0459a6be12b1fd33314cbb138745baf39504ae5
0b986b09ebc87c5263a6297298e8b678805555958018bcc691f7422b1cbfe167
121a0a70b461c0e186ca64f36a035299bf31ffacb44a057b2ee165d038615e92
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78
158fea97531a019d9797d707ff6b40cbee9098b48b0570bd5268b7ae88a56e7a
163c5edc91f9c49c92cc2c0316236267126527c386bd63ecf6fae68988ca2b92
16f911f528305db97e037d0d878a5a0bf798f58f1189baa739927cfcf7664210
1914089b9ec68a3b941d15a5315684bcb4362329b5ffc2dcf49c667c2964376e
19b100ab7725c612f3d80ff203ca53cea5cadaafae3bf0f88f0fb4089fe08815
19c83bd091eed6528d91f3230623610f12263d983748eb89e8456ff41030da61
1ae7fe402c184ffa0cc3b2d011fd40243cf3cee2988e7fdcafc4fe7b676035e1
1b6a758365f36733ee318c64cbfd8d2a1aee8dae87112ed62597cdcc15fe0cfc
22d3c3f39d761c8d254f91938682421f5d9ac201805a164ffbf2b4722f31f9fd
2c8598654642759a89e6001b1f75b30fcd92b1e788cd490853985dabfc490d13
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
33c1ddf6998b4221d60d27dfea001f5557df4bfc5a42b15ea05f827011601c1c
33df66ca469e2de5ae4723c4944b20fd37d65daa2f095b6ec2ff0d70ed6c3d57
341666f4c3dc05df23c848678de444880ecbdee95bd0ce410ec35433eb10032d
3523734aa4e5c25525d494704e645ff08af67b7f7c77addb0d6a3303d08a545a
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a3a55823c91e98f9e21aa1b1284d231cf4c4c721e528816a407b5889c6aeb7b
3cd4435683f31935fe9fac4db83d9a8c232cfe0849eb2db5c561b839066b0608
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
415904296c3e7668069665e18cca37f9795a1d43940a5c1cde093d096a8e3634
4292fc47bc28890f13b4c915d28a70ba5cafa055e9994c703fa244d044417dc5
42a10ff3b440212dabf7d8e4da5954c7995a5f9610b465ae52a447d3fc15cf5c
430519d7fdd5ff30e5c83844c4352be35bc55dbd2632e9a70cc474050c44b8f8
43c553b7a6383e7548730c05dc497b91b159ff21399205fba793f5e963f07a30
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
48015da42a52ae4a114664f6a01d18f23d2240ced0d0a61752c742afbffd6196
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c208e1dcb1037274ed8cd3103cecb21e8bb9eb0ff60f94bffe0d96396345d33
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e13a24713c60de07775945d4f347acc364ae5f5f156ac3186329c0dcdfa7c69
4e7681cdfb27c5d0457c58c9f0fe26a68bbf6a8dc88defd3c43826adb1fe6ca8
5195f12b212bff0204203261880d59ab515771f13fc33d5608761a3f416c1aba
51c1592a7af9a558f5a28727dd018b2db1b429c2cd51599742c1aa22fbe70dd2
52a9c07536a2b2ba437ce604b95d32754f75adecb4458e1b4c3038a565f9c168
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b6cf86376b18e7013022123018f749c4427bc442df1ca43d05f7514b1984980
5b9c7a1b74b1b04d105a7786933c85f904ab13261d5c431232845ab55a138d39
5e8acdd160993bfe86dbdd9f2f2955fb3ce24b9e7a827be017274bb7c761d3ff
5ea43bfc60e2c50bd334980133eb207d11589f49e55da3d6b053526e76148d63
5fc0bbfb3f05a1803fc6289d151b61cabf846ff5b2660d47493c399135f7658c
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
660d23a83593219127fbe8ee10bf8625f3b500309b3c534a6e28ffb711d5733a
670671cd97404156226e507973f2ab8330d3022ca96e0c93bdbdb320c41adcaf
6856c5a3a26b5a3f2ead70ca56870769d1fee88f9c457f4360812f2203565824
6862f5b39023d1529b7fbb85a9d94be2b0642e575a1ab92f89938dd6305dcbd0
6883b98278a2e4387a286d178c69fd7edda6befea76d1684077a27ee6ac265be
698c7a603e5dae46fa689aed50735ad8a3e51466b132210015ae6aa30f3b8068
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
7210d05b7b2f96ab720b4e6899fe21a457655c3a01890fb23a4774abcc1983ed
744dc63ebc12000d2a43b2e30f92b3ec81064b6f3124111f36529b736054bc03
758db75d07a17c13b45e7d4d6395f51599ce7e1a15e93f545dbada7be9b3784d
778ef966cd529fadd1c05fa19a0a5b8e4c59b269dfc10a8280ceb7453e20000c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7aca44c61fb879ab0188675d489610e9f6e808efbf913facfca965b92fb72545
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7f862934183e36c2f5c7857651442e21696df7ed13e85a4e7aba40c17d6cf928
802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d
80f9afad5106e5a1689f441f247dd7b8c43cbfcb06d897f31259709a061f0ccc
817dce8a7cc72dcf653b7883035382ce6db243a40c106598f47c419180d9858a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86d773c7b32f486acae0f328dce1c9d6980416abd16788ae9b9596504f17a884
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a6ae56eebd4de7bcc4be90ea10f8ad2d9d042c51b4ccb1add02b30ed9c7c0a5
8a8d52eba8ab85703a684f068b5eac40b2c1525af4c4e347305e1dd6eb286241
8c96396f5c59de04878a008c9231a46553cbb06472116a33675a5dbc754c4d68
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec0ed00cb5e7631659bb5cde922049f79e8248aee226a5f736b49a3dc6aec8c
8f7a04dfcfe5ffe5e09a0f9d4a91bb2ad737f0d6e261dc8b86538ac49eb7adfd
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
91f960611508b199cef031bf17d41761dbdbb33c48ffbc2243e2d9a7736de42d
9212967af6330d6bce1b082e672372b651c92379a8ecb40e1922fdb859a5c268
9448596734c8cc7858e3b36b63b731db3ca9cd2ee49e1ca17c516efaa09bdd0f
94cc624c94016647682407c6631bdbabb26f5065873f55f6237ab31aa7095154
96d74e6440b953d1ef80f81140488b65c9509e1b9ac2498f906e5c5319bc93e0
97725b58061a739b37771c81bec6532aeaf5362f4d96cd9fbd5447fdd081396b
9d2d6cae0922314a2965881cf7b832225eb419abfff4f8faa38ba994da68a75d
9ff515c414102d89a2ecdbbfd13b4ea3b58c88e96c9b0d608c1503f590339f38
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a166a14902d3cb4600656ccec114493074522f1d7e57ce5afaa5b9c26bd014b7
a2c1937fe1cf16f6ef92bc981984b30e82983ffd4ed81b763d9d8ac70cc1f12a
a34e825b0af90621129e3b1da7d4bb8dcb83a970067998c49e42e9572332ca37
a4943c185ec21f062fe03037374283832edb43603c5eff619af2b14b0389f6fd
a4a435a77ba9821779ff039d294facf001ace345b9173c180754f425970b2d1a
a59a668c675466b166bfd4940ad2640adb714260cccd6f25daeb6f43f0eafcb3
a633cc3894b71084834e7448c54597d858bee7441f15c31088e4c99b8457688d
a6fecbeccaaf4daf397b7a2d18852b5eeeb893cdb5213212d16104c21d21fbf3
a80a3407ddae570bfd761f497180f58472dad91693b58437210e2af57a835a83
a81392117a271b47f3f16bbeb7545b7421dc2c7b5102c5b134af4320305904e1
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7c984cd510935c132345bc7d579dfcde68742f7b11b599b905310f7164718c
aacd834b5cdc64a329e27649143406dd068306542988dfc250d6184745894849
aae0ed386647143e8ef7b32913b8defe476c25e069bf4c55b9aff601e84db0e5
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
b1fbaef854e0f55871aa050995066ea783c517640ba307e4971a5dfa009342b1
b2239ae33d9bc5614aeb2e439e5032b1fe77c32f7080d3211c1d03f1b17ffcf6
b5196483f90f6525ff241a0480b1fac712a8eaf1793e0f964e3552f9d137c30f
b841835671d58155e2265cfcdaa0b54eeea722bee5516ae7594ac35d912765b9
b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315
bab6a8190b095272d4f8d0771b1f975c3b6b0992660e5fa1dcdf41a9534e716e
bfcaa4074375f59b60b0526f67b930a703c1a18111ec4b87d940ee6855a2daa7
c246ec07b24762244202158adadb0d006913c39f924c7d01d0ff00d2d024a0af
c2d9a126c1362d12bf147046b25ca41abeee3d81ce51388ad5802f9b4f36dfdd
c6471021913e986a495ce3dc48839abbb29a2946fd5ec65acb7825713c4350a8
c64b2da717e045efd1dbea5ed6631acb89aa154bf00415c6643ba028d0ec1c5b
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
cf2264ebb3d3b6a7b10d68a6c45aec9ebf3a9e1e1fb57f4f7ab504288b62e92b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d25283aef05052ea413e5e518534f8451ed6e8da9e3ab42587a7b6dc5241a1d3
d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d
d60858521d6b8c13c7a36b0643743d4007bc664754e898177d9870d3d18e7770
da8da07ffa93f21d6759c3621e1862524e7c303443d58fcbb8a950b84455eaac
dc64b47901a2d3df60b2a6cf01a6f5caea404737fbeda1140f5cceb195f33995
dd5315f7514cc38ef5644119e3d76d3e0b6fe8cc138302c55266150ffc784e1f
df5978120ab661004f993de1c4f2fc1c119207c7342f4022b7f4167ced53bd28
df8538a9e4df6cdfd820f455ef945483f2bdf9d130ddad32ab5f91f7dbb76b9d
e2485fa2017a08e325ee546bb3c2393ae840233c8e51e4e19f6808bdd612cb41
e2ad236b5967ea547c3daf0830c3a6fa908d35c6201c76e182267d59b668b629
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e629fa6598d732768f7c726b4b621285f9c3b85303900aa912017db7617d8bdb
ea41b0db7ca29655f610421075ce1eb794fa892783be830f5cce6be828b5a4cc
eb9a1963479a78a3e80704fe3d83ead4e7c82ff9ed05074d45b8168fe9f1eabf
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
ed7f3fc8996d9def2ed39335c3862f3e42c4ed0cbd5f9969ca93976915a47bd7
ee97dad5bc48f34673bd7ee16f8d93186063b5e60882af7704b306f0584ae1b2
eeeb643f6eec84c181b7128294b181ab57e4bcd9a557897c7cab231c5f116553
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0069af0bb8816687fbd93943c1b72d78919dc44c893e78f2c6aedc0525ebb46
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f494c6d8894113fcc5724294d52ff485c8d28b2d898a00975df52f1b6cb88584
f5be796439b66283c7bc23da4d3ea539144f96b3a4f2b5e2c1cabd7a395e3a23
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f6501d63a1aed9616cca1d151d9524311acd2a57bd15a839695f7cef88ba75f1
f6721b2c203ce1ccd325a286fddcd1d9825857f79f9529dd47fbe58649efe1c0
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6b19aaac7bd18341eee2aa8d888c87c9c2fca6edd6aa9337253c52b0b256c01
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
faf58853644d69d07cc1ab1abb79f7b724ca1e057d90ea1bfb99d2dabfc57548
fef269571f27c369be45dbc589fce9730f1e137492437ceea15fec31d0838038
ff724737a3926e6581553d5d4fbeeceee6b69e8a0c9866d1a98f683010db6feb