urlscan.io logo urlscan.io
SecurityTrails logo

www.lotterypost.com Open in urlscan Pro
2606:4700::6812:12ad  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.lotterypost.us/
Effective URL: https://www.lotterypost.com/
Submission: On April 16 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 9 countries across 78 domains to perform 330 HTTP transactions. The main IP is 2606:4700::6812:12ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lotterypost.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.
This is the only time www.lotterypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
31 2606:4700:303... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 143.204.247.127 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
6 172.217.16.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 13.33.139.61 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 6 72.251.249.14 29791 (VOXEL-DOT...)
1 52.30.130.191 16509 (AMAZON-02)
3 104.108.144.24 16625 (AKAMAI-AS)
5 15 184.30.20.241 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 3 185.33.220.243 29990 (ASN-APPNEX)
16 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 13.33.139.122 16509 (AMAZON-02)
1 142.250.74.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
38 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
13 2606:4700:303... 13335 (CLOUDFLAR...)
13 27 216.58.212.162 15169 (GOOGLE)
2 2 2001:678:cb4:... 56396 (TURN)
2 46.228.164.11 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
5 5 185.29.135.233 30419 (MEDIAMATH...)
2 2 151.101.114.49 54113 (FASTLY)
1 2 66.155.71.25 13768 (COGECO-PEER1)
1 1 35.190.0.66 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 176.9.26.250 24940 (HETZNER-AS)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 5 94.130.102.164 24940 (HETZNER-AS)
2 2 51.38.145.136 16276 (OVH)
1 88.198.250.30 24940 (HETZNER-AS)
1 2 142.250.186.134 15169 (GOOGLE)
1 54.76.176.197 16509 (AMAZON-02)
2 2 52.57.110.162 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 3.126.63.176 16509 (AMAZON-02)
4 4 18.156.0.31 16509 (AMAZON-02)
1 104.111.239.217 16625 (AKAMAI-AS)
6 46.236.13.147 24931 (DEDIPOWER)
2 143.204.245.61 16509 (AMAZON-02)
2 81.29.72.47 24931 (DEDIPOWER)
4 52.213.184.2 16509 (AMAZON-02)
11 184.30.20.198 16625 (AKAMAI-AS)
1 151.101.13.108 54113 (FASTLY)
2 5 37.252.172.249 29990 (ASN-APPNEX)
4 185.64.189.115 62713 (AS-PUBMATIC)
3 5 35.158.172.137 16509 (AMAZON-02)
3 3 3.121.49.210 16509 (AMAZON-02)
13 216.52.2.48 29791 (VOXEL-DOT...)
4 4 213.19.147.150 26120 (RHYTHMONE)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 8.43.72.97 26667 (RUBICONPR...)
3 7 52.17.19.0 16509 (AMAZON-02)
3 3 185.184.8.30 204995 (RTB-HOUSE...)
1 3 159.253.128.183 36351 (SOFTLAYER)
1 54.154.158.183 16509 (AMAZON-02)
2 2 34.253.111.115 16509 (AMAZON-02)
1 69.173.144.165 26667 (RUBICONPR...)
2 2 198.148.27.139 19189 (PULSEPOINT)
1 2 52.95.118.60 16509 (AMAZON-02)
1 1 52.21.173.249 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (TURN)
2 7 35.244.159.8 15169 (GOOGLE)
9 54.229.236.120 16509 (AMAZON-02)
1 2 54.239.17.112 16509 (AMAZON-02)
1 1 54.236.220.178 14618 (AMAZON-AES)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.164 1299 (TELIANET ...)
8 185.64.190.80 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
3 3 37.157.2.239 198622 (ADFORM)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 18.195.155.181 16509 (AMAZON-02)
1 185.64.189.114 62713 (AS-PUBMATIC)
330 73
3    2a00:1450:4001:82b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.lotterypost.us
w-it.m-t.io
2    2606:4700::6812:12ad (United States)

ASN13335 (CLOUDFLARENET, US)
www.lotterypost.com
4    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
fonts.googleapis.com
31    2606:4700:3031::ac43:c203 (United States)

ASN13335 (CLOUDFLARENET, US)
lp.vg
8    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
3    143.204.247.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-247-127.cph50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
6    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.33.139.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-61.cph50.r.cloudfront.net
certify-js.alexametrics.com
5    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    52.30.130.191 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
c.deployads.com
3    104.108.144.24 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-24.deploy.static.akamaitechnologies.com
prebid.media.net
contextual.media.net
15    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
js-sec.indexww.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
16    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2600:9000:215d:f600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    13.33.139.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-139-122.cph50.r.cloudfront.net
certify.alexametrics.com
1    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
38    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
15    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
13    2606:4700:3039::6815:c02e (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
27    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)
r.turn.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
5    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.travelaudience.com
2    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal9000.redintelligence.net
2    2606:4700:3032::ac43:aa7a (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
ad4mat.net
5    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
hal900012.redintelligence.net
2    51.38.145.136 (France)

ASN16276 (OVH, FR)
PTR: ip136.ip-51-38-145.eu
pv.medialead.de
1    88.198.250.30 (Kassel, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
8019191.fls.doubleclick.net
1    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
gcm.ctnsnet.com
2    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-63-176.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
1    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
6    46.236.13.147 (United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
2    143.204.245.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-245-61.cph50.r.cloudfront.net
analytics.webgains.io
analytics-wg.webgains.io
2    81.29.72.47 (Leeds, United Kingdom)

ASN24931 (DEDIPOWER, GB)
PTR: 81-29-72-47.servers.dedipower.net
diapi.webgains.com
4    52.213.184.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
api.webgains.io
11    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    35.158.172.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
3    3.121.49.210 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
13    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
4    213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
7    52.17.19.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
data.adsrvr.org
match.adsrvr.org
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net
creativecdn.com
3    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    54.154.158.183 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    34.253.111.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
bcp.crwdcntrl.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.21.173.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
9    54.229.236.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
2    54.239.17.112 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.236.220.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.extend.tv
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.164 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
3    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
56 googlesyndication.com
pagead2.googlesyndication.com
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
tpc.googlesyndication.com
510 KB
52 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
8019191.fls.doubleclick.net
196 KB
31 lp.vg
lp.vg
574 KB
27 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
130 KB
19 lijit.com
ap.lijit.com
ce.lijit.com
25 KB
15 ampproject.org
cdn.ampproject.org
322 KB
13 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
389 KB
13 casalemedia.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
13 KB
9 gumgum.com
rtb.gumgum.com
4 KB
9 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
6 KB
8 webgains.com
track.webgains.com
diapi.webgains.com
137 KB
7 openx.net
us-u.openx.net
eu-u.openx.net
2 KB
7 adsrvr.org
data.adsrvr.org
match.adsrvr.org
2 KB
7 redintelligence.net
hal9000.redintelligence.net
hal900012.redintelligence.net
25 KB
7 gstatic.com
fonts.gstatic.com
www.gstatic.com
96 KB
7 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
6 webgains.io
analytics.webgains.io
api.webgains.io
analytics-wg.webgains.io
105 KB
6 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
6 google.com
adservice.google.com
www.google.com
774 B
5 bidswitch.net
x.bidswitch.net
2 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 turn.com
ad.turn.com
r.turn.com
d.turn.com
2 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
5 googletagservices.com
www.googletagservices.com
156 KB
4 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
31 KB
3 adform.net
c1.adform.net
2 KB
3 simpli.fi
um.simpli.fi
1 KB
3 creativecdn.com
creativecdn.com
990 B
3 1rx.io
sync.1rx.io
2 KB
3 mfadsrvr.com
rtb.mfadsrvr.com
2 KB
3 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
ad4mat.net
5 KB
3 media.net
prebid.media.net
contextual.media.net
9 KB
3 cloudflareinsights.com
static.cloudflareinsights.com
cloudflareinsights.com
5 KB
2 fiftyt.com
visitor.fiftyt.com
994 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 contextweb.com
bh.contextweb.com
786 B
2 crwdcntrl.net
bcp.crwdcntrl.net
1009 B
2 rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
478 B
2 rfihub.com
p.rfihub.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 m-t.io
w-it.m-t.io
280 B
2 advertising.com
pixel.advertising.com
938 B
2 w55c.net
pm.w55c.net
2 KB
2 medialead.de
pv.medialead.de
984 B
2 2mdn.net
s0.2mdn.net
459 B
2 sitescout.com
pixel-sync.sitescout.com
461 B
2 everesttech.net
sync-tm.everesttech.net
831 B
2 google.de
adservice.google.de
921 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 lotterypost.com
www.lotterypost.com
21 KB
1 emxdgt.com
cs.emxdgt.com
1 unrulymedia.com
sync.targeting.unrulymedia.com
585 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 criteo.com
dis.criteo.com
304 B
1 extend.tv
sync.extend.tv
546 B
1 clickagy.com
aorta.clickagy.com
663 B
1 bidr.io
match.prod.bidr.io
430 B
1 awin1.com
www.awin1.com
702 B
1 ctnsnet.com
gcm.ctnsnet.com
479 B
1 ad-server.eu
ad-server.eu
312 B
1 media01.eu
pb.media01.eu
607 B
1 travelaudience.com
ads.travelaudience.com
608 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 googleadservices.com
partner.googleadservices.com
642 B
1 quantcount.com
rules.quantcount.com
357 B
1 deployads.com
c.deployads.com
256 B
1 googletagmanager.com
www.googletagmanager.com
31 KB
1 lotterypost.us
www.lotterypost.us
132 B
0 socdm.com Failed
tg.socdm.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
330 78
Domain Requested by
38 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.lotterypost.com
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
cdn.ampproject.org
31 lp.vg www.lotterypost.com
lp.vg
ajax.googleapis.com
27 cm.g.doubleclick.net 13 redirects googleads.g.doubleclick.net
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
ap.lijit.com
rtb.gumgum.com
us-u.openx.net
15 cdn.ampproject.org securepubads.g.doubleclick.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.lotterypost.com
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
15 pagead2.googlesyndication.com www.lotterypost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
www.googletagservices.com
13 ce.lijit.com ap.lijit.com
rtb.gumgum.com
us-u.openx.net
11 ads.pubmatic.com lp.vg
ap.lijit.com
ads.pubmatic.com
rtb.gumgum.com
9 rtb.gumgum.com ap.lijit.com
rtb.gumgum.com
8 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
6 match.adsrvr.org 3 redirects ssum-sec.casalemedia.com
rtb.gumgum.com
us-u.openx.net
6 track.webgains.com as.ad4m.at
analytics.webgains.io
6 assets.ad4m.at as.ad4m.at
6 ap.lijit.com 3 redirects lp.vg
ap.lijit.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.lotterypost.com
5 us-u.openx.net 2 redirects ap.lijit.com
us-u.openx.net
5 x.bidswitch.net 3 redirects ap.lijit.com
rtb.gumgum.com
5 secure.adnxs.com 2 redirects ap.lijit.com
ssum-sec.casalemedia.com
5 hal900012.redintelligence.net 1 redirects 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
hal900012.redintelligence.net
5 sync.mathtag.com 5 redirects
5 ad4m.at 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
ad4m.at
5 fonts.gstatic.com fonts.googleapis.com
5 www.googletagservices.com www.lotterypost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
4 simage2.pubmatic.com ads.pubmatic.com
4 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 api.webgains.io analytics.webgains.io
4 ups.analytics.yahoo.com 4 redirects
4 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
4 pixel.quantserve.com 3 redirects www.lotterypost.com
3 c1.adform.net 3 redirects
3 um.simpli.fi 1 redirects ap.lijit.com
ads.pubmatic.com
3 creativecdn.com 3 redirects
3 sync.1rx.io 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 www.google.com 2 redirects www.lotterypost.com
3 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
8019191.fls.doubleclick.net
3 ib.adnxs.com 1 redirects lp.vg
ssum-sec.casalemedia.com
3 c.amazon-adsystem.com www.lotterypost.com
c.amazon-adsystem.com
3 fonts.googleapis.com www.lotterypost.com
securepubads.g.doubleclick.net
hal900012.redintelligence.net
2 eu-u.openx.net us-u.openx.net
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 aax-eu.amazon-adsystem.com 1 redirects ap.lijit.com
2 bh.contextweb.com 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 p.rfihub.com 2 redirects
2 contextual.media.net lp.vg
ap.lijit.com
2 js-sec.indexww.com lp.vg
ssum-sec.casalemedia.com
2 w-it.m-t.io analytics-wg.webgains.io
2 diapi.webgains.com track.webgains.com
2 as.ad4m.at ad4m.at
as.ad4m.at
2 pixel.advertising.com 2 redirects
2 pm.w55c.net 2 redirects
2 8019191.fls.doubleclick.net 1 redirects www.lotterypost.com
2 pv.medialead.de 2 redirects
2 hal9000.redintelligence.net 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
hal900012.redintelligence.net
2 s0.2mdn.net 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
2 pixel-sync.sitescout.com 1 redirects 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 2 redirects
2 r.turn.com 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 cloudflareinsights.com static.cloudflareinsights.com
2 www.gstatic.com googleads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.lotterypost.com
2 www.lotterypost.com www.lotterypost.com
1 simage4.pubmatic.com ads.pubmatic.com
1 cs.emxdgt.com rtb.gumgum.com
1 sync.targeting.unrulymedia.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 sync.extend.tv 1 redirects
1 d.turn.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 pixel-eu.rubiconproject.com ap.lijit.com
1 match.prod.bidr.io ap.lijit.com
1 data.adsrvr.org ap.lijit.com
1 pixel-us-east.rubiconproject.com ap.lijit.com
1 acdn.adnxs.com lp.vg
1 analytics-wg.webgains.io analytics.webgains.io
1 analytics.webgains.io track.webgains.com
1 www.awin1.com as.ad4m.at
1 gcm.ctnsnet.com 1 redirects
1 ad-server.eu 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
1 pb.media01.eu hal900012.redintelligence.net
1 ad4mat.net ad4m.at
1 static-de.ad4mat.net ad4m.at
1 ads.travelaudience.com 1 redirects
1 dclk-match.dotomi.com 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net www.lotterypost.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 certify.alexametrics.com www.lotterypost.com
1 rules.quantcount.com secure.quantserve.com
1 hbopenbid.pubmatic.com lp.vg
1 as-sec.casalemedia.com lp.vg
1 prebid.media.net lp.vg
1 c.deployads.com lp.vg
1 certify-js.alexametrics.com www.lotterypost.com
1 secure.quantserve.com www.lotterypost.com
1 static.cloudflareinsights.com www.lotterypost.com
1 www.googletagmanager.com www.lotterypost.com
1 ajax.googleapis.com www.lotterypost.com
1 www.lotterypost.us 1 redirects
0 tg.socdm.com Failed rtb.gumgum.com
0 ad.360yield.com Failed rtb.gumgum.com
0 b1sync.zemanta.com Failed rtb.gumgum.com
0 match.deepintent.com Failed rtb.gumgum.com
0 sync.technoratimedia.com Failed rtb.gumgum.com
0 sync.ipredictive.com Failed rtb.gumgum.com
0 sync.srv.stackadapt.com Failed rtb.gumgum.com
0 sync.outbrain.com Failed rtb.gumgum.com
0 ums.acuityplatform.com Failed ap.lijit.com
330 119
Subject Issuer Validity Valid
lotterypost.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
lp.vg
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.deployads.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-04 -
2021-07-03		 2 years crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.ad4mat.net
AlphaSSL CA - SHA256 - G2		 2019-08-06 -
2021-09-08		 2 years crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
redintelligence.net
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
*.media01.eu
RapidSSL RSA CA 2018		 2020-05-06 -
2021-06-05		 a year crt.sh
ad-server.eu
R3		 2021-02-18 -
2021-05-19		 3 months crt.sh
www.awin1.com
DigiCert Secure Site ECC CA-1		 2020-04-21 -
2021-07-21		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-20 -
2021-06-08		 2 years crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
w-it.m-t.io
GTS CA 1D4		 2021-04-09 -
2021-07-09		 3 months crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh

This page contains 47 frames:

Primary Page: https://www.lotterypost.com/
Frame ID: 5660A1F7D2F9440FA49EC4434AA82815
Requests: 76 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Frame ID: 1B0DE643DE90B27493EB40A0743329F6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Frame ID: 095DE367366A7BDAEB17739A2729AA77
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618588691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691747&bpp=2&bdt=337&idt=81&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=142145564397&frm=20&pv=1&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=85
Frame ID: AE6B28B9A8E377B55984B2DAEBFB8401
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Frame ID: 0FE5A2C378997A6D1E84A82FCCCDFA2C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1D4F02B22D4484FE4B72573F191E2727
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 2D4AFEFCDB56E82F565E9EC840577008
Requests: 17 HTTP requests in this frame

Frame: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6D0E6ACE046FD39765ECC55D803ED374
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: D9B65983B015C78B9840FD5D40EFBFD6
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 859BCBA38CB895FF578A5461CD8A2531
Requests: 15 HTTP requests in this frame

Frame: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 56CE4F3FB923C1BA1337CB647EC68DB7
Requests: 13 HTTP requests in this frame

Frame: https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
Frame ID: DC9F3EF97A2E25CA2CB8780EFAA2A4AA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4E76FA1F3DBDA2F0E93E07803C5A62E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
Frame ID: E4CF2719ACF186E7FCA44916D913962F
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C272A4F5336889F5AF0C71933885DC72
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 23E3AF29D64BC454E63B598594998031
Requests: 1 HTTP requests in this frame

Frame: https://ad4mat.net/frame.html
Frame ID: BA72241AEE4B2643FF1339E56C588E9D
Requests: 1 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
Frame ID: A95135BB4BC17BC9529E56E7D51B9838
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818
Frame ID: 73AC70CED7C922113D441F1BA0D3BA52
Requests: 2 HTTP requests in this frame

Frame: https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Frame ID: FF3AA76EE8081454B0BA240F25AEBAAF
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E59608943725A423DB133DF4372CC391
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Frame ID: 63644287D6B477344DB9390029CA6574
Requests: 23 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: CDCE1EAEF43FC5D613412CB4835C4B27
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 9B237DC4892377D3A8651FCC68A9A281
Requests: 17 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Frame ID: 537CB38489C15F7F817154F04A623AC6
Requests: 23 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 6670581EC99296FB976A0906846C6F39
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 9C17D1C7C120A432564CB3BFED7164DD
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 02FDEAA39D05ACEC28DA33468CD4DDAA
Requests: 10 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3980366426717056038&gdpr=1&gdpr_consent=
Frame ID: 5616FF6EF89AD8D27B44BA13DE124D0F
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 385EEF6BE09A2AA9EBEF5A823504A105
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 0E30F43A117BA8CCA87228A4A1C3B873
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 787FE0B3441C1036766B1F28D59C0FC3
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 18838B49C4DD75A6CABD624D9B61BDA1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E24DFF1C6049BDE84011E4F100F3DF03
Requests: 3 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 58E711CC2C440964FF9E0BC2C5F7DB74
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5849338472973247117
Frame ID: B8278683AFDF5494FCBABF6F88DC9146
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C11926817E1C2491C497832016319E14
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Frame ID: B0E2D8777564D7C8C1C2B7DB7DF4B4D5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHm0GgAAKr7IcgBg&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg
Frame ID: AACDE1352126FA48C345EA7F6498F4F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85MTdjOTY3Ni03Y2IwLTRmMzMtOGU3Yi02MzlmYzU3NzhlZWI=&gdpr=1&gdpr_consent=
Frame ID: A2554246099F67F49907FA9D4A33232D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: 14231F542B76D7F8E261CB1620AB75AD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: E4491A941C3EB018B902C004B4D18DFD
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: EA6293EBA1A5462E253F342FFD6FB181
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 8166C6BB361F4E0CD23139727B169696
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827870193185418
Frame ID: 1103FCD17B70BC0FCA1823B0DCF94CF1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
Frame ID: 1FA1C9C808D33FD5C89366F5A91F876A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 183579D7447EFA27E22844C4F76312FF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.lotterypost.us/ HTTP 301
    https://www.lotterypost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

330
Requests

97 %
HTTPS

29 %
IPv6

78
Domains

119
Subdomains

73
IPs

9
Countries

2840 kB
Transfer

5515 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lotterypost.us/ HTTP 301
    https://www.lotterypost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 152
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 159
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
Request Chain 172
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHm0FMZwI8k9OSaFU6B79QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
Request Chain 173
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1&google_push=AQvitULvQwffaej99l1Dghqgl2VcUSZkOd3vcy4HJy_s-3WQ1WyNkEdPY6vQ79FjQWWH_9w53q4ElmOsbWUdPg8nodk20oGnqZoK5Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyMzg5ODM2MDU0NTI3ODc1Ng== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
Request Chain 175
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDlxaQl8FG7FTJUOsMOCUBM&google_cver=1&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqoWyoea5eoPqOg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqoWyoea5eoPqOg
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitUI6tEI4lOVIMUKn8GjPwgmlc27HPbd8M_QPQxsMQMJREJQf0Ji25-2h67dDHcO15ToH0p50lIUkq6LgHHjmR2SBr1FbEWPy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_push=AQvitUI6tEI4lOVIMUKn8GjPwgmlc27HPbd8M_QPQxsMQMJREJQf0Ji25-2h67dDHcO15ToH0p50lIUkq6LgHHjmR2SBr1FbEWPy
Request Chain 178
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIPqlMkn84yc_na3qNTFpTI&google_cver=1&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C5304678GfdPiN_Aw HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uL8qOzJ3Qia6pHeAFIdVYA2&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C5304678GfdPiN_Aw
Request Chain 186
  • https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0 HTTP 302
  • https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Request Chain 189
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=52110700156516500710578011566012&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
Request Chain 190
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818 HTTP 302
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818
Request Chain 192
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=52110700156516500710578011566012 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 195
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1&google_push=AQvitUJY6S0uU2Tp4NKXbQthw5Tj6g09Z29bwu2dNOOhBLC3pGJozs_9QusuapdE132v_WT6SMMC9SFZTNwzHC7-_nGqS_ldhOHR HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyMzg5ODM2MDU0NTI3ODc1Ng== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
Request Chain 196
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQMgZi7ZR97J5P42depuJ4bEHqtZ_q_qtABBIRpXpsgN_4v3TiUiIt0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQMgZi7ZR97J5P42depuJ4bEHqtZ_q_qtABBIRpXpsgN_4v3TiUiIt0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0hyVGNoVVoxTHhxUmY1&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQMgZi7ZR97J5P42depuJ4bEHqtZ_q_qtABBIRpXpsgN_4v3TiUiIt0
Request Chain 197
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitULjBqxOH_ZetPBTZ0gW6zQrc0oQWePIFO7fq7cLNL1lWcWZXPt9A_5PqraPZ_QLVdWfQ22T9l6eSgvZ-rtqiYInubMI3jN2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhtMEZBQUFLcEpzU0FCZw==&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitULjBqxOH_ZetPBTZ0gW6zQrc0oQWePIFO7fq7cLNL1lWcWZXPt9A_5PqraPZ_QLVdWfQ22T9l6eSgvZ-rtqiYInubMI3jN2
Request Chain 198
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM4L-a3VejRjyGDjJO7tlR8&google_cver=1&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKEDpNSpe8OuTm6gzkvJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKEDpNSpe8OuTm6gzkvJ&google_hm=Mk4lg0vjQo2Lx2dSda8KKFk
Request Chain 200
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_cver=1&google_push=AQvitULuw0AZx2ZRiDN6I-EDnhLuQogEcbVIyvR3foL29jtt1V03Q_riapJlcKLKRJFd0CW4nHEI_IUQ0EtNuQkIHBSAq_ur3zlk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHm0FMZwI8k9OSaFU6B79QAABHMAAAIB&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_push=AQvitULuw0AZx2ZRiDN6I-EDnhLuQogEcbVIyvR3foL29jtt1V03Q_riapJlcKLKRJFd0CW4nHEI_IUQ0EtNuQkIHBSAq_ur3zlk&google_cver=1
Request Chain 201
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA HTTP 302
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA&apid=UP8c72c1c4-9ecc-11eb-86e9-0688702661c6 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA&apid=UP8c72c1c4-9ecc-11eb-86e9-0688702661c6&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YzcyYzFjNC05ZWNjLTExZWItODZlOS0wNjg4NzAyNjYxYzY%3D&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA
Request Chain 242
  • https://ap.lijit.com/beacon?informer=13414900 HTTP 302
  • https://ap.lijit.com/beacon?informer=13414900&dnr=1
Request Chain 245
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Request Chain 246
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 248
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl&google_tc=
Request Chain 249
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 252
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0
Request Chain 253
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 254
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=2159827870193185418
Request Chain 255
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 258
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LgUIFmioj1QiqIzGjWlC&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 260
  • https://um.simpli.fi/lj_match?r=1618588697989&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 263
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=235675bcc26f1dc16132face&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Request Chain 264
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=235675bcc26f1dc16132face/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=235675bcc26f1dc16132face/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=e14c7fe12f0f47473fdd1d0b4543958a&gdpr=1&gdpr_consent=
Request Chain 266
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=Ho8Dcpxi67mb&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 267
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 268
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=n80t7MvJK7SEzCq2m8g34MjFebeExCm3kMsDgT3j
Request Chain 269
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=235675bcc26f1dc16132face&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:d6277069e0a14a362e5e07d5b2593d86
Request Chain 270
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3980366426717056038&gdpr=1&gdpr_consent=
Request Chain 271
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 276
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEO2yp7EnNSGTzEOjpvq5CjE&google_cver=1
Request Chain 277
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&dcc=t
Request Chain 278
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHm0GVWjPNrF95VifP7QXQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkjVwcNJvp69pUa7KKPcTY&google_cver=1
Request Chain 279
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a919b4a-1b6b-448a-9c18-b141d4515617
Request Chain 281
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=G7cBbU-zBzUAtgY3H7IbYUy_VTYAvgU2FLEkbUI1
Request Chain 286
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5849338472973247117
Request Chain 287
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TNgSeon3SfCusQvHJGSAEQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 289
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 290
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CD8127A-89F7-49F0-AEB1-0BC724648011&addseg=19,36,42
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENEODEyN0EtODlGNy00OUYwLUFFQjEtMEJDNzI0NjQ4MDEx&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV5ewDW1V7aXe-FmLgD11M&google_cver=1
Request Chain 294
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4de3eb87-d40a-4664-b3c9-0690918ecffd
Request Chain 295
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3908127221052500125
Request Chain 296
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=0&gdpr_consent=
Request Chain 297
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3529291659560817583&gdpr=0&gdpr_consent=
Request Chain 298
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d12c6f2f-bf34-49c0-9249-d4ccffd42f72 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d12c6f2f-bf34-49c0-9249-d4ccffd42f72&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1Yjcj65E2uWgHEe4_Z9f_dPy_0tF8.Y-~A&gdpr=0&gdpr_consent=
Request Chain 302
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=3529291659560817583
Request Chain 305
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=7800d9f7-7184-041f-15ef-40ed91e45a61
Request Chain 307
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-QH6fcOdE2peGZDVQXMdxFrtzay0AKjCGgqHD~A
Request Chain 313
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=953925536 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/4de3eb87-d40a-4664-b3c9-0690918ecffd HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8b6de941-2dc2-406a-bc98-f4147fef577c-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003
Request Chain 314
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=XHNChX4tr4Th&ev=1&pid=558355
Request Chain 316
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Request Chain 317
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YHm0GgAAKr7IcgBg&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg
Request Chain 323
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870193185418
Request Chain 324
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=11246079-b41a-4f00-9e39-ea7a0c9a182a
Request Chain 327
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=StmD-B7dhaBR2ISiTtyZ9B3R16NR0IejRd8ohZj5
Request Chain 328
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3908127221052500125
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKC7Rzfw493B6PLl0V23NdI&google_cver=1

330 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lotterypost.com/
Redirect Chain
  • https://www.lotterypost.us/
  • https://www.lotterypost.com/
78 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52c1c34e49518a13cabcf9797deadbc90494c121b932055f4e76df3e41246539
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.lotterypost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-type
text/html; Charset=utf-8
content-length
19767
set-cookie
__cfduid=d48b791783a756e0ee84b8adcc2e10a081618588691; expires=Sun, 16-May-21 15:58:11 GMT; path=/; domain=.lotterypost.com; HttpOnly; SameSite=Lax; Secure g=a=44302.4987421991&b=44302.512631088&c=%2f&d=; expires=Sat, 16-Apr-2022 15:58:11 GMT; path=/; secure; HttpOnly f=a=44302.4987421991; domain=lotterypost.com; expires=Sat, 16-Apr-2022 15:58:11 GMT; path=/; secure; HttpOnly tz=1; expires=Sat, 16-Apr-2022 16:58:00 GMT; path=/; secure; HttpOnly ASP_Session=AGQRCCSR/IKNAGCJAKDHOLCOJEEFCLDEA; secure; path=/; HttpOnly g=a=44302.4987421991&b=44302.512631088&c=%2f&d=; expires=Sat, 16-Apr-2022 15:58:11 GMT; path=/; secure; HttpOnly f=a=44302.4987421991; domain=lotterypost.com; expires=Sat, 16-Apr-2022 15:58:11 GMT; path=/; secure; HttpOnly __cf_bm=56d1bb934476c170ce0a1fddc844a626de57afde-1618588691-1800-AUwLpddkZyo9dVdjpxDHbgO/PJodQ//ENjY+WoJZoV/ad7rGGAo5PPGgig90dW3x1QjICpVvNF1noFonqas4LxQ=; path=/; expires=Fri, 16-Apr-21 16:28:11 GMT; domain=.lotterypost.com; HttpOnly; Secure; SameSite=None
cache-control
no-cache,no-transform
content-encoding
gzip
vary
Accept-Encoding
x-lp-member-status
0
cf-cache-status
DYNAMIC
cf-request-id
097d00832100000eabea169000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
640e9d1838a60eab-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.lotterypost.com/
date
Fri, 16 Apr 2021 15:58:11 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
225
x-xss-protection
0
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 08:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28611
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 08:01:20 GMT
asp
lp.vg/js/fs01218.3/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/fs01218.3/asp
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1383569
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24905
cf-request-id
097d0083f100002b29522b2000000001
last-modified
Tue, 12 Jan 2021 20:27:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HvQWkyf8%2FKg6QMNTnwA1VGo%2FgFjhO5RfzdvdckXiPlFSHSGfLP01kL1chDuphp%2FXgVIBuTtec30GgWncvFG9wRzlQ%2FuYeLLTmdIltJ3SvZ8Liw%3D%3D"}],"group":"cf-nel"}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000,no-transform
accept-ranges
bytes
cf-ray
640e9d198e572b29-FRA
expires
Thu, 31 Mar 2022 15:38:42 GMT
css
fonts.googleapis.com/ 		3 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 14:20:37 GMT
server
ESF
date
Fri, 16 Apr 2021 15:58:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 15:58:11 GMT
asp,asp-main.css,news.css
lp.vg/css/fs01218.3/ 		63 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4b60f85a4346bdff1e8c38698690a43d7daacf46be720dea7e1e820403e4a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
173646
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13965
cf-request-id
097d0083f100002b29b7890000000001
last-modified
Fri, 18 Dec 2020 16:35:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qVq3cZuNzw8vTIAEnuY5RUtyRC4fAPTIlOf2ivvRkN4YVOZna6DON3fSxJWlVr8t3a6k4H9fAM6Z8ecbv3WafUtLqlh5AM3k84QGLrKCwxotGA%3D%3D"}],"group":"cf-nel"}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31466122,no-transform
accept-ranges
bytes
cf-ray
640e9d198e532b29-FRA
expires
Wed, 13 Apr 2022 20:19:28 GMT
gpt.js
www.googletagservices.com/tag/js/ 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e8ff6dae89d558983d8bec55fb809060faae27608a21cb96b6ff203280189d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"844 / 535 of 1000 / last-modified: 1618571343"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21139
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:11 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:48:01 GMT
content-encoding
gzip
server
Server
age
609
etag
24ac8c0f0d59670e43bc0b1990070642
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
SX2bXD.7CE44_1fFY2DAzC_Rqn0Shl08
x-amz-cf-id
FZC3lIJRy_ARX63_f06YPw0xefMDNqlcyJdokCqdnFzr3Ij0jsafYA==
pb3.21.0.js
lp.vg/js/f1/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/f1/pb3.21.0.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62878
cf-request-id
097d0084130000c26d529d0000000001
last-modified
Wed, 03 Jun 2020 14:37:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G6L6bA%2BGzutDR3KpxPNQARYSg0z5GzQGfsie%2BlBMole5qQSL1CaICY7XyNFq8mCigApYA93j6qffkfCbpaQnEuDB3FZngTegF4sH8zISmr7EUA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31534398,no-transform
accept-ranges
bytes
cf-ray
640e9d19bc45c26d-FRA
expires
Thu, 24 Feb 2022 17:59:32 GMT
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b2ce80074776f789855beb57b80e9f164b76d64decdc94ba8f19891a3c5877c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31405
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 16 Apr 2021 15:58:11 GMT
lp_logo.png
lp.vg/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/lp_logo.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2690221
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20811
cf-request-id
097d0084170000c26d603b7000000001
last-modified
Tue, 21 Feb 2017 21:49:07 GMT
server
cloudflare
etag
"614390538c8cd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hijZF8h1ndD5VIGDCQDWnzAi6w71XIZYM%2Bd%2FiFyDKWD3aLMXzcnnweq5ssRJyLFM6aKU0EWGmZqUkQbWhOg13Oipj8PII1UHZeRVzH1uTeuMKw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc60c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
b.gif
www.lotterypost.com/ 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lotterypost.com/b.gif
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:12ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:path
/b.gif
pragma
no-cache
cookie
__cfduid=d48b791783a756e0ee84b8adcc2e10a081618588691; g=a=44302.4987421991&b=44302.512631088&c=%2f&d=; f=a=44302.4987421991; tz=1; ASP_Session=AGQRCCSR/IKNAGCJAKDHOLCOJEEFCLDEA; __cf_bm=56d1bb934476c170ce0a1fddc844a626de57afde-1618588691-1800-AUwLpddkZyo9dVdjpxDHbgO/PJodQ//ENjY+WoJZoV/ad7rGGAo5PPGgig90dW3x1QjICpVvNF1noFonqas4LxQ=
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.lotterypost.com
referer
https://www.lotterypost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
private,no-transform
strict-transport-security
max-age=15552000
accept-ranges
bytes
cf-ray
640e9d19ca830eaf-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
097d00841a00000eaff0b6d000000001
usa-mega-button-2.png
lp.vg/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/usa-mega-button-2.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
710430
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17960
cf-request-id
097d0084180000c26d5123e000000001
last-modified
Fri, 18 Dec 2020 16:20:19 GMT
server
cloudflare
etag
"ecbb9ad59d5d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8i%2BcQ%2BX57fhUeq6pxEQjvln%2FmvItmtz84hKhl4%2BAgwcOQeV3uCdwjOFv0kt4xTsBrrV9h2Q5H34gL7UH26cyh6yuZ60HimAxZhTVU%2BW%2FDaYYTg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc63c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
LotteryPlaces_140x375.jpg
lp.vg/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/LotteryPlaces_140x375.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19025
cf-request-id
097d0084170000c26d5e27a000000001
last-modified
Tue, 21 Aug 2018 20:38:45 GMT
server
cloudflare
etag
"4f827df48e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WwCxxKqcAxq%2BNcwZHJB2nAgB2xCDM4qLNlMoNh43vLUBNH4QtXhUvPOj9zDCfzbjjauYaEjLCMevV2mDbGDi8IXAjV1OLyLnwKtRmCIqbouVNQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc5ec26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
Results2012-US-FrontCover-57x72.jpg
lp.vg/images/amazon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/amazon/Results2012-US-FrontCover-57x72.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1818
cf-request-id
097d0084180000c26d07b9c000000001
last-modified
Tue, 21 Aug 2018 20:35:02 GMT
server
cloudflare
etag
"1f7ea56f8e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=djL09FCAU%2F%2FC44OtM5cl31EfoOxtF27ZrGIB%2B4mMjaL1Y2VvaKzn5FWW1iRO2757cWekRKaEABDDKwwc%2F5ehY4WdPNyH%2B7LKDS8MQ7EvXOWX%2FQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc65c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook-share.png
lp.vg/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/facebook-share.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3387
cf-request-id
097d0084170000c26d3894e000000001
last-modified
Tue, 25 Sep 2018 17:12:37 GMT
server
cloudflare
etag
"fae128f5f254d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BhuKLYDCeIt8XDX%2BF8RwCewznxzGGBvtMCU2%2FjmBIT4b8DUOs1p3C3inuybtVopyKPw1PFpecVhbe9UzlAid8WKvkEMFvAPwzrT5FhsMsLXAZw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc5fc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_mtlottery.jpg
lp.vg/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_mtlottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c353a7df4509c03ee62b7a07151c20d68aa8f4b751aa46c99124e06d1836ad8

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
87329
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12156
cf-request-id
097d0084180000c26d4eb4b000000001
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"b34fa2d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5YtWSiOwftu87QPFBWE8H7qcONNSOgQB7v5GKZefkhh%2Bc5NfS%2FoPu68hXEZGoEsiC1in4LSNvZ3jE5oPYaNzfiZA%2FUCoXYh3xdS6EnYLtrOmlw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc66c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_alabama.jpg
lp.vg/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_alabama.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
107fdfb8c09e15d086a022f0fd713de430c49e6a2b6d5055479a4fdb9ba83831

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
173645
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17830
cf-request-id
097d0084190000c26de4b1a000000001
last-modified
Tue, 21 Aug 2018 21:01:47 GMT
server
cloudflare
etag
"2baba2c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0ESSL0PqrWiaRZjrHT0P55iFUQyv%2FphDMTwWiMb3Z43tte9LdriUVT3H%2FspVje%2FC2gYdIMJ5bAYBgS9HXOW0diJirNXmVHXEWqOf3zU8ryxLZw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc69c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_euromillions.jpg
lp.vg/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_euromillions.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6185c80f7b41f9421d3dc1422ac5ad210f66469912f6a002065c9c34db986aff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
348451
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14787
cf-request-id
097d0084190000c26d08981000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"baaf232d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ClZT7G99B0BhRRwM%2B1Qx7HpBiAKxArs327O2pMH3gOVWcn8uAvBFlheKTwWrn9Sub2NPDgAU1wylzzE%2FmSlaLXyijEFLHGV7ptE2XoCaczk0rQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc6bc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_walottery.jpg
lp.vg/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_walottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdc57deac17eacca1bdc9d551d7bf10f71201f913a7f8490f13abf9db868e4d

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
583548
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12179
cf-request-id
097d00841a0000c26d3b1dc000000001
last-modified
Tue, 21 Aug 2018 21:01:51 GMT
server
cloudflare
etag
"fb9fc92e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J4Emgyy9x5v7Wp%2FZW%2BRWMHdYmz5XucZpYFBr1tFj4wgi%2F90dM2slXjJR3tUk8krd5zy99b%2FjuPOqG6KbBMS5%2Fn0E79qqYdiUU1Kt%2FmyeoQH2Mg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc6dc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_cash4life.jpg
lp.vg/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_cash4life.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de828d5cdce40f1fabe8672316f12ea3de0d6f618bbdd8244f8019dd63d7ed51

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
687167
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12938
cf-request-id
097d00841a0000c26de7a6c000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"f4a4e52c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IIxeGapvBmyYiAfCpU%2Fr4%2FsmugcXofXV3rR7yqY7riQKiWel%2BRBVQR9dlsCipKFnja7tUcx7lBQYtd73sFzoyJ79um4koGVlFyLV0aIPLRtyrQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc6ec26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_palottery.jpg
lp.vg/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_palottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad80b11133fcbc6748279b2beec8a18706385d860699b9370eeb14eb65cc9ef4

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
710430
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11292
cf-request-id
097d00841d0000c26d38950000000001
last-modified
Tue, 21 Aug 2018 21:01:50 GMT
server
cloudflare
etag
"347f462e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=goLxYrEOy7y%2BupSc2e3FKrZfhUolfNddKSLrKJ3FvKavLVYwS8K94A5DRx2xQQE1fEB%2Bq8aSElDLpd%2FCtEeqF1DtfEH%2F%2F6a8V6f92XdKzBaLoA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc72c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_fllottery.jpg
lp.vg/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_fllottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a569c37ba5146a48b1587d68580dc93c1b7389b0d2c60d6e4538859b9be67554

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
710430
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13481
cf-request-id
097d00841b0000c26d550f1000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"66181a2d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9eA9OOAoUI8kOpppvY1NhBY8hUF3wlrpc%2BSd3oUTbU8m%2F9PDCzh7KKmtGXDz3bfzlOPY1rJn2kVi9bm9ph2p8hqa9Rv4kZNzuKOWYHA1l4geiA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc73c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_nclottery.jpg
lp.vg/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_nclottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7869273f2cc1db168a0e59146a82bd84f224a151d0b476c58c00452a08f3b

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
936614
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18421
cf-request-id
097d00841d0000c26d3437b000000001
last-modified
Thu, 30 May 2019 20:30:41 GMT
server
cloudflare
etag
"13f6c48c2617d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=04VXnqoDOjV0Rs3ISJnf2MTNRDwnfuZ9O0QFQ%2BdxlhQad%2FcHGRa7HbhDc7nbkJboUf%2B6s%2FLKa5mec5Oiv82DnmCFFuU1eYoLo2ve85XN8R40RA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc74c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_calottomax.jpg
lp.vg/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_calottomax.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9386932ceb55b9f7241f1a9fb46c6d0d937deb19497ef389fcbadebd1a544d3

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
950370
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14678
cf-request-id
097d0084140000c26de69a5000000001
last-modified
Tue, 21 Aug 2018 21:01:47 GMT
server
cloudflare
etag
"4456b82c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jIVdxA7bdO%2F%2BZbFCFAGoGEE2K8ZJTWTqZITiGcL2c6%2BgsVSWLBBfLdHR1mxT7w8lwZtnrlGksEABmGzUFh14N2RSzXs%2FI86RhWX%2B%2Fhd%2B%2F3DvCA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc4dc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_ialottery.jpg
lp.vg/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_ialottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1374181
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14138
cf-request-id
097d0084140000c26d34379000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"46b6362d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i5%2BH9KhYNV10Ne86NzsYZ%2FiaHwEeK50At%2Bha62x3Hp%2Fh0c0UhcvTwJDUYPAUUKviu6A0m%2Bh7%2BuD2YIKRIqEG4bIloJpCWLDHHMRSr63SzHd3KQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc4ec26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fbf862e5bba81178f9115e527f2482c8b37b938caa2a8c0e87ccdcbb68945fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48639
x-xss-protection
0
server
cafe
etag
9412357587671050539
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 16 Apr 2021 15:58:11 GMT
advert.js
lp.vg/script/ 		70 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/script/advert.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084140000c26d0085a000000001
last-modified
Tue, 11 Feb 2020 14:29:00 GMT
server
cloudflare
etag
W/"6714389ae7e0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BJb%2BwH67ul%2B%2BL58IwuyvRDAvieAWe%2FlYfFhr4PwYVMIRmPpKLYoX1bDEjzMB1HlowNQCw5QA6xyAbPeTL0PqKfeOu5%2B6oPSewOTV0wbOyDjAAQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc49c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
640e9d19c8404e08-FRA
cf-request-id
097d00841e00004e088396a000000001
bgbody1.jpg
lp.vg/images/theme/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bgbody1.jpg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2922
cf-request-id
097d00841c0000c26d241b5000000001
last-modified
Thu, 11 Oct 2012 12:17:36 GMT
server
cloudflare
etag
"e828f165aaa7cd1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fx9VnJrZpm4ut1pgDe8owwakdIYPnjW4xgSaXGzm4BundvLP7JOVnheBxpVprk5u1YF%2BM7sfW1s8cU8iTPmUT68h%2BlxCfTU%2Fo2J2bL5S8IOVOA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc50c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gold-star.svg
lp.vg/images/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/gold-star.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084150000c26d550f0000000001
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"33c4be19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PQYg4ZBM062gdR8Iae06as2j0jK6vwm3%2Fo6LinpDiVYtNuU%2BqqXatbtFlUTZptqms7RkVhR4bhF5OdKNGdhBRqg0yS19ej0CXWdcr%2BviKnizIA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc53c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
books.svg
lp.vg/images/svg/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/books.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2755501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084150000c26d1ebcb000000001
last-modified
Tue, 24 Jul 2018 20:57:05 GMT
server
cloudflare
etag
W/"ba6cb7e09023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0sLvi%2F8Ok3DDNf7HMvezdiPUhmgKwZEGgMtV4OdcpDxqwD0O2%2Bnt3aupFRQFjqgdauKTMQU32XCGfjoPy9g0CePYWAYA0slLkPxMP9ieJrKrKA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc54c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
icon-gift-gold-64.png
lp.vg/images/theme/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/icon-gift-gold-64.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6609
cf-request-id
097d00841f0000c26de69a7000000001
last-modified
Mon, 23 Jul 2018 18:37:22 GMT
server
cloudflare
etag
"b5abe231b422d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=INCCfOETyMK6TBpPlaE7NqPnRWg4uIxbbhb1o%2FLTd7dXJhQpXrUY5iG0xEahJyEvh6pl2L3vdFAUKV7NxN9RaXKRuGEv6rIlEMMjlmQQ4WBhuw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d19bc56c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook.svg
lp.vg/images/svg/ 		332 B
959 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/facebook.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2755501
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084160000c26d57ad8000000001
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"d37a27e19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LbV4UqWyMwDcWi8E%2B2vRMcNnAw2C830o8RQfZ7BOPWEA3vspgolnH%2FB8iZ8rRQUt%2F%2BPASquMYIE3xCfi3cReyIaYQX6KGXwfTx5J7huvH%2FtCxw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc58c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
twitter.svg
lp.vg/images/svg/ 		370 B
1010 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/twitter.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
737082
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084160000c26d2bba5000000001
last-modified
Tue, 24 Jul 2018 20:57:07 GMT
server
cloudflare
etag
W/"eee315e29023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HF28pk9oucinLwpdfW3oYP7BE0GIT3oyA%2Fy4Uw8xYtXUnnkE%2BLO%2FQqeO%2FXYhvrEC1hMaIUzhFZGdQU2YtjT3NwfwHqD9EBb5dokFbE%2B6pRRLTw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc5bc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
youtube.svg
lp.vg/images/svg/ 		358 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/youtube.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084160000c26d33ad3000000001
last-modified
Sun, 28 Jul 2019 22:19:01 GMT
server
cloudflare
etag
W/"174bb1759245d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S4yn2yfjkuH%2BnRC5Zb9%2BRK6Pyy%2BSzGOY3%2BCyzUjyvr5jEnK7tRHKzeCLUSK00SIkK0TTXMCbLpaoEugZHdVxE4bK6oWwGnEyeARsOOAO18ZXsA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d19bc5cc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
pubads_impl_2021041501.js
securepubads.g.doubleclick.net/gpt/ 		299 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Apr 2021 08:41:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107555
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:11 GMT
truncated
/ 		46 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
amazon-logo.svg
lp.vg/images/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/amazon-logo.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d0084410000c26d42897000000001
last-modified
Sun, 17 Nov 2019 17:10:11 GMT
server
cloudflare
etag
W/"341238df699dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1kXS8vPtOfHVYqoevI95UIXKcOxsi9yXDcLFfMJf7afV7brnOUf27V%2FeIKwlY423yFS8wfbq9yFRzzr32xuDmCURaw3zUnDeEdw7K4%2FoWB1mEw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
640e9d1a0cc7c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
sprite-24-1.png
lp.vg/images/theme/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-24-1.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
344751
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138480
cf-request-id
097d0084430000c26defaf6000000001
last-modified
Sun, 06 Apr 2014 16:33:55 GMT
server
cloudflare
etag
"f04f9b0b651cf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tmJlBgeotzZac%2F9Ml6G5yfvqDoThZkWHjtxmaKvBVJBI64XEPHTKCM6BrCuW3vjbwsXrzOKdy6HgmDKS6kbgPzBZdqEFe0c5S44P9%2B8lkgfCQw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d1a0ccdc26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg-footerContent-2x.png
lp.vg/images/theme/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bg-footerContent-2x.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
375561
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30167
cf-request-id
097d0084470000c26d212a7000000001
last-modified
Thu, 19 Jul 2018 18:33:19 GMT
server
cloudflare
etag
"7355ef78e1fd41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2Bdz8chtXDxbsp2NR2cPDT1uatAVVD6lnQNG97guXoQzPzFwS54lq6v347MjgnfVtZCrXenbcob6fMup2C00qfjxgQPbFUENGSQF7MzYjJA5zA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d1a0cd5c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
SessionCount.aspx
lp.vg/services/ 		46 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/services/SessionCount.aspx?callback=jQuery22409373822330972585_1618588691616&_=1618588691617
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5f499e85796b50357302f1521cf59515cc9e438ba7dd05aee6d4411814b3b2e

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71
cf-request-id
097d0084a80000c26de53b1000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g34kRrL%2BYaVHSsYFYas8xTGqwKVjM5FVEgb2vFuHntcLzPgm7xAgtFYJOOfyCaQJujTC4LRdtDvqo7Hh6vnGeXTjYQeKU9qeVNbnTbCKMI39Lw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store,no-transform
cf-ray
640e9d1aadb1c26d-FRA
expires
-1
sprite-16-2.png
lp.vg/images/theme/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-16-2.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4397516
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76265
cf-request-id
097d0084ab0000c26d212ae000000001
last-modified
Tue, 13 May 2014 19:03:09 GMT
server
cloudflare
etag
"e0132fbdd6ecf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=31%2BvuGLM64POx4i5jNAT2saTS%2FuTapsK8JZgm8kCXOXnEvQUK3JhGcllTHQAh4Ep9LwAPeB%2B4MC2E%2FLgTlZz5YWlkCZiQ4CUf7OmjipGUElLIg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
640e9d1aadb4c26d-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2608
date
Fri, 16 Apr 2021 15:14:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Fri, 16 Apr 2021 17:14:43 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
etag
"9BXR5o2ektbbjpKQZDKFMQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 23 Apr 2021 15:58:11 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-61.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 18:06:02 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 31 Mar 2021 18:01:58 GMT
Server
AmazonS3
Age
1374730
ETag
W/"22e062f70826be118ae2cae04b9fa227"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 7e5377bfdf5e6ef7597f63d6648e4e9b.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
CPH50-C2
X-Amz-Cf-Id
M-4G0uf6aYnH68hXnHeFF00SyMWpRp4DwIvX2Us3jyOA13dJV6T9yg==
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:19 GMT
server
sffe
age
453273
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24064
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
bid
ap.lijit.com/rtb/ 		94 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.21.0
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
5d6e4b944d7dfa6d82cf80c5522e9622153cc142ee3b9c9cbed50d93be93fef0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Apr 2021 15:58:11 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
auction
c.deployads.com/openrtb2/ 		63 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_3.21.0&host=www.lotterypost.com
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.130.191 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
SortableCactus/1.0 /
Resource Hash
7d7a52054cbb290b9608fdb340f5b78cabfd59d8ea99b4e6a472350d9eb44966

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:11 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
63
prebid
prebid.media.net/rtb/ 		330 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4a95ecd5c8a3ad9a1ff6b159f0ea2ed7a735a2f8a248ba6ab6e2e5323a994a91

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:11 GMT
server
nginx
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://www.lotterypost.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
330
expires
Fri, 16 Apr 2021 15:58:11 GMT
cygnus
as-sec.casalemedia.com/ 		25 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=341167&v=7.2&r=%7B%22id%22%3A%221949cfb0d0fa7f2%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22203927ce33019ea%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341167%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22218fde29fe6cdec%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341166%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222232c8bd0862033%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222310a8ef5b7c4a5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2224dea4e3f989413%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341162%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lotterypost.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e0bb13b8d8358d1d0a6af8b5596624cfe3764c02fcb00a101a44010fd752d466

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:11 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
45
Expires
Fri, 16 Apr 2021 15:58:11 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lotterypost.com
date
Fri, 16 Apr 2021 15:58:10 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		612 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8ae388f642410634bc0c7557cb6dfb2557b2a8108dedf6a7e6aeb0933793d3dc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 16 Apr 2021 15:58:11 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.48:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ffda2159-2db1-4f28-8496-6420f1f947f4
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/ 		222 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84747
x-xss-protection
0
server
cafe
etag
7950800710615234990
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 16 Apr 2021 15:58:11 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/ Frame 1B0D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210414/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210414/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 16 Apr 2021 14:17:06 GMT
expires
Fri, 30 Apr 2021 14:17:06 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
6065
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
50593
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Fri, 16 Apr 2021 01:54:59 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b3f90546650bd51f97feaab85be34b1c.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
CPH50-C1
x-amz-cf-id
KMnDeKrlPgiP5-fgSd4LgyTvFfr4aaftqBpxxDr6M4gDFXNAM6m-ZA==
rules-p-7alUP9zu-TfBA.js
rules.quantcount.com/ 		3 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-7alUP9zu-TfBA.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:f600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 07:30:58 GMT
via
1.1 c2d95c8afa25ada08e1d1f590a03025a.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:09:04 GMT
server
AmazonS3
age
30434
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
6QZkz4bue2aMreSHtD_ZBmqKCCH_fNKQYoO-CgfBDKVfi-AtEJkkcA==
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=291140572&utmhn=www.lotterypost.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lottery%20Post&utmhid=81205269&utmr=-&utmp=%2F&utmht=1618588691795&utmac=UA-7096458-1&utmgtm=2wg472D86W&utmcc=__utma%3D130209170.2079754204.1618588692.1618588692.1618588692.1%3B%2B__utmz%3D130209170.1618588692.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2075867403&utmredir=3&utmu=qAAgAAAAAAAAAAAAAgAAAAAE~
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 16 Apr 2021 15:58:11 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pid=QazO1gM3HD6D7&cb=0&ws=1600x1200&v=7.63.00&t=900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_728x90%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_468x60%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Primary%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Secondary%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_120x600%22%7D%5D&cfgv=0&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.247.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-247-127.cph50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
CPH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
mM9iaG4Ew3WdYtYWxbp_QMNBxgyRAadC5hZAIXTxlW8NHiLJCmX6iw==
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lottery%20Post&time=1618588691803&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.lotterypost.com%2F&random_number=17609071992&sess_cookie=45619206178db676d5b4bc406e5&sess_cookie_flag=1&user_cookie=45619206178db676d5b4bc406e5&user_cookie_flag=1&dynamic=true&domain=lotterypost.com&account=6BUjg1asOv00UI&jsv=20130128&user_lang=en-US
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.139.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-139-122.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 02:20:45 GMT
Via
1.1 576e9a9724e7cec0e8a2c29aba5de9d8.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
49047
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
CPH50-C2
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
BL5GH2GbMi13JLAKKclUi5uISfk99nhEekn_WUAFXq_RpZK9VRddhw==
cookie.js
partner.googleadservices.com/gampad/ 		205 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lotterypost.com&callback=_gfp_s_&client=ca-pub-3077964989149008
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
271a7863742e3fe621ccd4e0d8df6ffbb2ff17c43a51c88d43d5eff88b1e1f09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 095D 		104 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
652c6793a9836f9767f624c9ff38f1d18291455cc3327ffa320ace07ce0f5fd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 16 Apr 2021 15:58:12 GMT
server
cafe
content-length
24657
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Apr-2021 16:13:11 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Apr 2021 15:58:12 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423639646658"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28266
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:11 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AE6B 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618588691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691747&bpp=2&bdt=337&idt=81&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=142145564397&frm=20&pv=1&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=85
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618588691&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691747&bpp=2&bdt=337&idt=81&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=142145564397&frm=20&pv=1&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=85
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 16 Apr 2021 15:58:11 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 16-Apr-2021 16:13:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 16 Apr 2021 15:58:11 GMT
cache-control
private
pixel;r=472130178;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-2048478153-1618588691834;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076b-20210414175820;cm=;gdpr=0;ref=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=472130178;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-2048478153-1618588691834;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=b0f2076b-20210414175820;cm=;gdpr=0;ref=;d=lotterypost.com;je=0;sr=1600x1200x24;dst=1;et=1618588691834;tzo=-120;ogl=image.https%3A%2F%2Flp%252Evg%2Fimages%2Flp_icon_310%252Epng%2Cimage%3Awidth.310%2Cimage%3Aheight.310%2Cimage%3Aalt.Lottery%20Post
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:11 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		159 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=752549818755032&correlator=2167248973847749&output=ldjh&impl=fifs&eid=31060836%2C31060505%2C31060830%2C31060831%2C31060832&vrg=2021041501&ptt=17&sc=1&sfv=1-0-38&ecs=20210416&iu_parts=13070090%2CLP_728x90%2CLP_468x60%2CLP_300x250_Primary%2CLP_300x250_Secondary%2CLP_120x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C120x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=5&cust_params=Device%3DComputer%26Content%3DAll%26Category%3DHome&cookie=ID%3D86e803ec4fcc24bb-22ee5fbe8da700a5%3AT%3D1618588691%3ART%3D1618588691%3AS%3DALNI_MaJaKylcdxIphdKu-z4evVjN9kx2g&bc=31&abxe=1&dt=1618588691995&dlt=1618588691410&idt=345&frm=20&biw=1600&bih=1200&oid=3&adxs=712%2C496%2C1140%2C1140%2C178&adys=10%2C513%2C194%2C1235%2C1271&adks=167273885%2C4006668155%2C1304712773%2C2713855732%2C267450723&ucis=1%7C2%7C3%7C4%7C5&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lotterypost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1300x0%7C804x3404%7C300x3588%7C300x3588%7C157x1953&msz=728x-1%7C468x-1%7C300x-1%7C300x-1%7C120x-1&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=true&fws=4%2C0%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
b4ca72b06095387d926d6dadb14258c12ad05ce85f4ac2b0365751f673ee73ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29754
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
31b4ea2bd2a51d39610fc8aa214e4119.js
www.gstatic.com/mysidia/ Frame 095D 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 02:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 01:23:38 GMT
server
sffe
age
49594
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2779
x-xss-protection
0
expires
Thu, 15 Jul 2021 02:11:38 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 095D 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:49:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:49:03 GMT
1dc2e4f8500f5ea3ee112dc62e2831d1.js
www.gstatic.com/mysidia/ Frame 095D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1dc2e4f8500f5ea3ee112dc62e2831d1.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cfc8ef12b90bdf4f0f5dbeb2761166126019187c4a2d80b5d5e6bd7ced904581
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 02:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Apr 2021 02:07:20 GMT
server
sffe
age
47011
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7310
x-xss-protection
0
expires
Thu, 15 Jul 2021 02:54:41 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 095D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7113
x-xss-protection
0
server
cafe
etag
11066897925667386271
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:53:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 095D 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 095D 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 095D 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:35 GMT
3483361337914824321
tpc.googlesyndication.com/icore_images/ Frame 095D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/3483361337914824321
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54cfeb312fbced92621fda8a14715ae02264d042b03d72f9e8a9b69a3037ac7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 11:47:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 17:50:22 GMT
server
sffe
age
101465
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18071
x-xss-protection
0
expires
Fri, 15 Apr 2022 11:47:07 GMT
14840365233170881944
tpc.googlesyndication.com/icore_images/ Frame 095D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/14840365233170881944
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1745a1401c5d91a731889be5f0ccb87d6f7bf36743c29d9c97f3aa6413a7fec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 21:02:45 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 May 2019 18:40:41 GMT
server
sffe
age
154527
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10258
x-xss-protection
0
expires
Thu, 14 Apr 2022 21:02:45 GMT
9303160021051614991
tpc.googlesyndication.com/icore_images/ Frame 095D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/9303160021051614991
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d67f4bc34a9dc92e61748a47bb2cc6eab7d3cdca7a5e7103614b454cb323ec22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 18:58:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 18:30:22 GMT
server
sffe
age
334778
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18768
x-xss-protection
0
expires
Tue, 12 Apr 2022 18:58:34 GMT
9760572908892644379
tpc.googlesyndication.com/icore_images/ Frame 095D 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/9760572908892644379
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a5425467472328a9743b7d4a74de926d54793cf0f9f29c5f72d41d7a1a2c05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 23:19:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 09:46:01 GMT
server
sffe
age
578330
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15049
x-xss-protection
0
expires
Sat, 09 Apr 2022 23:19:22 GMT
4373469000071295749
tpc.googlesyndication.com/icore_images/ Frame 095D 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/4373469000071295749
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
19a5ffd58944a450998c8d090041db7f1d81656bd62f6e8f7c1f88c3b5874226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 10 Jan 2021 02:49:50 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10240
x-xss-protection
0
expires
Sat, 16 Apr 2022 15:58:12 GMT
5850883232447501100
tpc.googlesyndication.com/icore_images/ Frame 095D 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/5850883232447501100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62b020621433d9b36c6cd205eef856aeeb0d1164f9a723ae76fc80a2f0aecda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:47:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 08 Mar 2018 00:58:06 GMT
server
sffe
age
97832
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15252
x-xss-protection
0
expires
Fri, 15 Apr 2022 12:47:40 GMT
10900990841930735044
tpc.googlesyndication.com/icore_images/ Frame 095D 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/10900990841930735044
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e55f397887c18ab8f9b2744024b99ab9715d67bef21f8d426075b5cd753ff77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 12:47:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 17:55:24 GMT
server
sffe
age
97832
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18442
x-xss-protection
0
expires
Fri, 15 Apr 2022 12:47:40 GMT
3990807869737975447
tpc.googlesyndication.com/icore_images/ Frame 095D 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/3990807869737975447
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa8a98815f30b08d5b9926baeeb77a563419be758831369e9dda940ab8bc843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 13:15:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 00:10:26 GMT
server
sffe
age
96152
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11763
x-xss-protection
0
expires
Fri, 15 Apr 2022 13:15:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqxUhE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxABIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmR8PFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=WdyQBTmL4sU&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CornjE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxACIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRwPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=gR-hjCX3L18&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDjzUE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxADIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmR0PFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=Bc13MaXRG-A&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CqjwnE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxAEIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRoPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=hh4Dnx5Vbsw&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ct7CJE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxAFIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRsPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=X_YyE8_VT2U&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Clu-aE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxAGIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRgPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=koEU5Qze0Qg&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=COvuAE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxAHIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRkPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=T99cDea98Ek&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 095D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1pxBE7R5YMeQNI2r-waUmpMopdWdsQWN3MK6nwKmnq2NaxAIIJKK8AIoCGCVAsgBAagDAcgDwQSqBJMBT9BPmRYPFkLOnzL7lTghFuq2fcFDoD2ZJY3QXp5IGsUZLpChG9h_uHN6BIFsGaldxV-R0N0Mj9rpX1pMClffl45ilwu0UTDFMftDImqoMS6OsYZObrsQPoEq-bGGtO2_BvQDYBQq7BzAAbOktoh_Qp1Zn5l-gZBlGcs8p3rL0rlc7Fp-dOQIOcxyBiuxa1pDlrfkwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOA&sigh=h0QY0fEVhTU&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 16 Apr 2021 15:58:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
truncated
/ Frame 095D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
399fe23830fef8f21ff2a1099c7bdbc32a428239628d0457209e44d5fe7a0ff3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210414&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
316d3c9b5cdc2fd4aa66557d67b2f0ef8b00a0c5690ec34ff6bbfce02c4e2f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6946
x-xss-protection
0
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 0FE5 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618588691&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1618588691737&bpp=10&bdt=327&idt=75&shv=r20210414&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=142145564397&frm=20&pv=2&ga_vid=2079754204.1618588692&ga_sid=1618588692&ga_hid=81205269&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3116&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079&oid=3&pvsid=752549818755032&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iB4TQSrLc6&p=https%3A//www.lotterypost.com&dtd=86
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:55:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
32539
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sat, 16 Apr 2022 06:55:53 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.lotterypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
640e9d1ddc124ec1-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
640e9d1dfc4e4ec1-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210414/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1D4F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Fri, 16 Apr 2021 15:57:34 GMT
expires
Sat, 16 Apr 2022 15:57:34 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
38
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame 1D4F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:55:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
32539
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sat, 16 Apr 2022 06:55:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210414&jk=752549818755032&bg=!i4iliMzNAAZUuIlwVLg7ACkAdvg8Wh0wgKV2tXqqEFZKaSOBH8LaHeLZYtvVS6lMGYzDlThMTdwspQIAAABEUgAAAAhoAQcKADYktTZIh7wSRW6nDB0D-TFpIeHRkBwkWOF9t6YSyAiBb_HMc2pY6KCkTwNaPiHPZYoMnps1pbGZAicfE1qfj9m5iiLJzdsvJuy5A6nE10fZWexbtiwBxPUIhXMsOS9Dj6Ljm2pv6x9SZ-qzctms91O2pubLNlyjPJGMeFPGpyNVApfyMedhprJGL9pCjShETY9d0g5KNk01YevMdf_fm2vBPAhTmqfobiwJrxwoeDW0w-HQupg5NUVAwFlX7iYKD-jaO69WM86dSAQnL4XqKjKUHLqt39Ec7z8C8hET1C9179E3uZYLeAtLkZfi99mOtAJJiAzBsR5Jo5zYB8RjBJNg3bJ2aHTp--f-W02iQhaErvG1_RoGYS3bhK3nysIxxPLHcRL5TFe14i-4dDxDWIwaejbXbQo394J8XwRrGsDDSWSn4UfNRPjrg5bW0Pl9lca4U5m6407ctdIFzXiDyCBJOBwXX5Y-tXxpTaglaeYNBFRfM1FtTI9ZhE1kT5RwPYGdoXO2FwjfP5ZKHGuM-5DONwX9M25OTOto1LikHg722BwPErObRCCMnc8a9xHoVQrR_pJ6QDViXTKDdtli3YtBvgaTPMRjx3Mp6ImeiIyzCBcfZG4tBd6zuOzHgBuBh_5OD2IXQDVf8kqVxZJU55F45FI7o_uLUxQlPEVF5vBFxMql1GS9udJRdFdFGsykTMyIYpgun7HyaXHE4WoqRPVB9tQA93bJrwuHmArCjJXDFE0126eGybbBqdh9ubcGSsty3u0PeQNqv--jEIKvGvcp5AvZLR7EonthOU3N3kJpHg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 2D4A 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17539
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 2D4A 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
437911
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 2D4A 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 2D4A 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 2D4A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
css
fonts.googleapis.com/ Frame 2D4A 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 14:14:15 GMT
server
ESF
date
Fri, 16 Apr 2021 15:58:12 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 15:58:12 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/16831446949679218559/ Frame 2D4A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16831446949679218559/downsize_200k_v1?w=195&h=102
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7950206a3bd6a920526b8f7af73c119f82fc3bed22e4ea062ff496561176f96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:24:59 GMT
x-content-type-options
nosniff
age
34393
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4925
x-xss-protection
0
last-modified
Thu, 15 Apr 2021 12:17:02 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 06:24:59 GMT
truncated
/ Frame 2D4A 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2D4A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a06ec437a9165cc72812142a0424ad9708841fd3d6aa40c10dc427ad18ca6a44

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D4A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D4A 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2D4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7TElFLR5YMDmBIubgQeS24vQBtaUgqlisOn-6qwNloLNhYgWEAEg8q2FHGCVgoCAsAegAcL9kfUCyAEJqQKgGID7mBi0PuACAKgDAcgDCqoE0QFP0N5TJGJ4AyzE0joL2VQrSozHXGWW-p9XftV4hPW5yyQzFJ4XN49Z6sPsmBzk5gYcXPGy-ywZagBhILy2wQ4VOmss4Ebg_3h_2Vv7uz-iLSdGs4-g52dU162sAmkNK_HG2uzW7XuG-X0xpv6SH3yaLtaxCy1s38vFV9OWjVlYgwBlEmRaMzuzJ3_XUGboHjYcKemtFdYB_TMW834xJIw6Zc8cqy9vRUw0Pj8Ol_9Z2WgHLl83iIYqGI-NRbeD5yjLed6TzH86Fqka3jvalos8JsAEp_DJsNAD4AQBkgUECAQYAZIFBAgFGASgBi6AB6aC7ooBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELbCCNIICQiA4YAQEAEYHYAKA8gLAdgTDYgUAbIXGgoYCAASFHB1Yi0xMTIxMjI4Mzc5ODM3Mjg5&sigh=ZxcMO934Ti8&template_id=484
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2D4A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
326544
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 2D4A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 21:15:48 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
326544
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Tue, 12 Apr 2022 21:15:48 GMT
container.html
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6D0E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 16 Apr 2021 15:58:12 GMT
expires
Sat, 16 Apr 2022 15:58:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame D9B6 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17539
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D9B6 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
437911
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D9B6 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D9B6 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame D9B6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9B6 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
truncated
/ Frame D9B6 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5af2a6285f74827dc882012e5118cfce59be0d9e07c63b29b57c9ab881d01ad1

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
18165128298033741445
tpc.googlesyndication.com/simgad/ Frame D9B6 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18165128298033741445?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnXkezJkHRXfE39Du51a3UpGPbOMQ
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
962dd15a30dc720be0367bb69ed96ea4fbc4575d981b0ce68014c3ea0ebd3a45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 14 Apr 2021 18:02:55 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 08:56:21 GMT
server
sffe
age
165317
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45225
x-xss-protection
0
expires
Thu, 14 Apr 2022 18:02:55 GMT
l
www.google.com/ads/measurement/ Frame D9B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWWkXMcynjGymhWQLjffO0prLx_bjtIBJcPid1xEc2Qhevw3l-DWbjPM31Pl80wloejHC7ssLEUlU37ZAB0AVe_EuUUA
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame D9B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiPmLFLR5YMPmBIubgQeS24vQBtLP-IZimILShp4Nv-EeEAEg8q2FHGCVgoCAsAegAeef07cCyAEC4AIAqAMByAMIqgTbAU_Qf6jpQzUnvJIVwdj4bLA6IfoCKefJHqobS2VATOSlCyjVBwjjZv0K5IoU2L33P0ZAblhz5tNmp85in09Q4aqEUpz2rdCwU6BGYANRRWD5VOUzTwdsvXrcxa1aqYkVhVHOwhhpooElBNeG5ZKK95WULdegVOzmpE2DRNnPDLskKiNFnZh4w6-cqcu9PwvYnAGulUKz4CGqBuOKSoZDn9TAi37G0vzFapWdLym6bzLiVy7qkyKBjXdDDUMBz1KHEz0dpMXz8GoUfPVkUuu6IS4iumDObnoFbJNTFsAE9v6BxrcD4AQBkgUECAQYAZIFBAgFGASgBgKAB63t98gBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOKHB9IICQiA4YAQEAEYHYAKA8gLAdgTArIXGgoYCAASFHB1Yi0xMTIxMjI4Mzc5ODM3Mjg5&sigh=bZV_83ylJIk
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 859B 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
17539
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 16 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 859B 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
437911
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 859B 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 859B 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 859B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
449756
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 859B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 859B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
truncated
/ Frame 859B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64cbefebb05811e3c7209d4f48e43973975994c09a33d31859cd284cd317e458

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
16445860223971556662
tpc.googlesyndication.com/simgad/ Frame 859B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16445860223971556662?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnyccryREvSwslG3iseKJy3LvJ6kA
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e7af089831c1d1b017486f70f4dc574e40dc4ddb021d24729c09a9e50726d53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:44:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 08:56:20 GMT
server
sffe
age
134022
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44790
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:44:30 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 859B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CfvpdFLR5YMLmBIubgQeS24vQBtLP-IZi8IHShp4Nv-EeEAEg8q2FHGCVgoCAsAegAeef07cCyAEC4AIAqAMByAMIqgTbAU_QRmNjSmKVqaGwimC2dsncy0MuxK7vq3Nn_cJb-gqCGpmO3cIix6L6fO3MaXZfnSFExBzuTfx7tn8TtPZ5ZqPIM9KEksxiOqIqbQ2a3YCUnhiTHaTMoobPY_MN37EhPg15u01MOA03bW2ZPFFcgHrtOBL_O9s3PUzPejPorWREkL_YQ68svL8fBv-Xl25jWJFcsel8YQ4_nKcvvgHFPlaitQLqJE3I2GWCb93d7fG4-ziLZPiIWGdf0gn6y-QqBUu8NQw96QqcKykm83DlWCO51X-t765TxbI7EsAE9v6BxrcD4AQBkgUECAQYAZIFBAgFGASgBgKAB63t98gBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPruDtIICQiA4YAQEAEYHYAKA8gLAdgTArIXGgoYCAASFHB1Yi0xMTIxMjI4Mzc5ODM3Mjg5&sigh=sfGs3AkgZ5E
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 56CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041501.js?31060836
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Fri, 16 Apr 2021 15:58:12 GMT
expires
Sat, 16 Apr 2022 15:58:12 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 6D0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CAu1wFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoEzQFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4RJ0FhJb2TdSeRZH7Ic-qKoYO4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAYAKA_oLAggBgAwBshcYChYSFHB1Yi0xMTIxMjI4Mzc5ODM3Mjg5&sigh=o8HeccUHRQM
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 6D0E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1he6hdgev1e9183bdtgcfkxd6ws2me8pna99gadv62b8racf4gn3gxdh929zd2m3n9sbq4d8j2stqdc90ps5ng50knkaxhb6fnx1gn5kgzztajc3ksw2p5w2dbnnfj6dbcrmk6ykb6d529nv5k4ct41gzq7tvb9914ag3eefs0fzktcac3mk4zapdmgkp596nyta1s2hmc2sc15f89gv4mvpcn4a1ds7sz6mreqjbk6s6b5mp7pqyt2nha0ay0e2dw21acabky4qdsdffatqfqd4ex7ckv6d6arzv2c1ykjpt05h3vgkhy872fjv40s37mxycf3r2c7pdwnqyj8mk6zrj12bnwmbtv488qfpg3q4wk5dmrw220rdvkz4jq9z67bcfemrz5xxttzb&b=YHm0FAABM0QK4E2LAALtknT3lxnKp4o-hJYh-w
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 15:58:12 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
ad4m.at/ad/ Frame DC9F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3d9bb0ba3773b81aa3b09d6e9c054344d1820643104e737fd37adc0fc544de
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d22aa3adc8701c1a8fbdbee127f3292051618588692; expires=Sun, 16-May-21 15:58:12 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7rdk
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
097d00890e00004ac29c19b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
640e9d21aff94ac2-FRA
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6D0E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:43 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A4E7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 16 Apr 2021 03:14:09 GMT
expires
Sat, 17 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
45843
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6D0E 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 6D0E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:35 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6D0E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 09:47:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22260
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 09:47:12 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D4A 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2D4A 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D9B6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame E4CF 		478 B
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnRXRpUHNTuISXeFiKgH9XsAH0rYvi7LAiAogmQtseh_AWIACSqNBpdeegzobY
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 16 Apr 2021 15:58:12 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 56CE 		22 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bf2-5a2SBYGpsm3_EWyT56nqfMdGTWsif9DT7J0yPYHF_e7hENfa5jwxl05pp1lXl7W8_fyQ4kRJvYDvif6QyzVHK-3SR_W3JWOJ-NZwcRuS1tC45qks3T_WfZVIYxGrQr990MiSNsZFiCNyb_fhsYVRzJCA&cry=1&dbm_d=AKAmf-AmkoV1K8caHl5guBMA9yC30WX09sNVIS9wIALa8MH-3O_YzZuCL8YXqcWksazsnUsD1GpCDXPvOnvAHbDHQWuKJ6QGn89W6VQc-9Bn0i-nDAksurlkxwvaYw5wN6EqEtRUzynHFeu8jbCHl2K8RUNKMJWKOvuvND7km0uApWDhXRDtJzaibLmxcy_cXwdg5QzeKxxMkinxRSRi-9m-HdPK3XhEjl58n35RdrNXzNrNLIE4BL_vtEw7FM9iqMUr44nnGmbKp7dnrzR8bboTgOkW-Od1jaWsQVReJMPIcG8HrZJGDjJ0QVnPNXqmKnBp7DD9OYaYE4qUCB2tOPbxEsMhJqyItX0LBFo9oXBGBqlXrEZhh1XS0Jgk9-GietJx45TQsUT0hzulNELSan4_h5pFZKtkAd7wYGwlizXMeOTf6503SK-DGVtH2WqDbAXQOHPF1JlhwkElIpe5rOQOiz6kZlsTpPnmNcdq3O_9BEZByooNUkrScONflyFUxyV-0eZWhFPhoLZ1xb_0BhPZiYmeHuMpmX40kGfWzHzmNmcJ_ZzcjimwRQHv6Fm-HIk5dxAUxb8N7wKTNWhVJd68U57nj3YcR2Pb1Iiov_4zIiEshBrAZGR2NXZ5ux-qxdgP7U95dMC3GoAj2NFR5EOleqBw3DE5LWiYczRmeKWxbosq_WArxJlJfx-mo8673K0cYK_7Z1PyKf79e1CckuEIwNTElmdtciJU4PkQqnHKdaf4LCGn2j9bxOijHCFqBms_R6mkVyyEmwaRnAnzB8ZHppWKR089wFiArAKAmTE-Rn9Pc33KDW09hyX5nWgz3z3BLLz4pO5j4ildFuxHH6RYEUqjXvacHTXlu-2dQQmeqx0w-7AM1tlQw0czTt41j3yrHqzeFrB2IqwvoRMkSRLvbd1Ikz52hJhubVfMuMNTuwyhBAZTeGe_ROdLhgXOkTvUbpFyOrp4I0eWp2ter3I9_xFPWfIyjem5UMtB8-0IX2xaOwYDG2dQiF96LMEAA1UP-gBCCmAyXNxvbEKSRT6rPBmjwZ4XS5S7suqngXTBM8Ul4uDsUyetbBlkHK5BgeytpgURdWiHvQ10z5ntM-lEaVEZKpymJxZgsfEt14ctiVVsqXVlroRubdYQnXIMdDd8RBKJEf3l8k9IDltKVXHXRsFFq-6kFjIiYRV3_7VMhTJJu34Dca7NHm5r8Hh6YH6EyCoL05SOju0d1169adu9GgvN0bOPitH2j-1aQH9ggygSe3y9dq0Nn9ojDVseuo88Zx_5Ttp8zTWBHd3OWeAg8D7Mw6fQwQJGFlf7MMYof4l29pWDzq_azSkjJ0aG-0pr2xxJOIDXJIURpF0iJiOlnH1iyvIYtmvQ5AV1PD5Qa0WSCQVNV_iqIaq2CqhP5cEtgLhmO-NIgo7Po5o9cKHSPRhdnwEqo23_1Zb3oWh3GrQCOA3a3tDnHc3xpCqiqJ9YshJ-8MCFGsMmLJedNstqzO6d742cF7_kgXcJedLDKKGdDt0vJT9Kraqr496tBpcPmeWSrKjWqRJceFhXpieCXCTLqBQyuXDPrSa8ej1q1PhkJhF6dItgFpwhK_4Klj3v0whBBnVE49GSoJAknlXD8TyMg5iBiBEZ65hATfY6sWMENi7J2eqMJeltjgRZka3vhTBlcVCIdtL0-dccP6ca45zb3hY1DXFFocDv0RVxbfVeQfndfhrGcuUm2_gPfgCNkg3z0kBe3imLKSYU4VypNw-bPvnoM9OL6zOXur7h9FMgHN6PiUiY-q9a6CoJte4Wgz_DzGXVKON2G3-GdsUPqHD22pyidYqIz_9aOJY4olwB6fe8G7ZjfGrew5rf2W-8Sh4dO6wAxacnfPcs6EgdD3FI_B8rRZqYhB2T4sSbI7E2vLMG-749LktAwpeAwLcVS2iOoj7q7PUzZ19_7ar5N2CffW3-BC15qfQIhOjkCuArcSoGhcNFMLe0Vl_8I2V9qr9ledbxHZu-YqMXPgsYiSOH1Vp0XNuuUJQR7QVWkqxJqTtWvgbuN1i5DwjxL3xvFvMZbI5oxjNcF9icpi-KJLKc6fH6N2zYNgbaIFzlQj1yIwc1c4LCSmEM9HnNpqm1dVd6noztwMVFVUR5AX9caNV-cGQzzIZ_YjBQEgFEOY63kmb5wU8gJ2dwabVRBRhJyJ68RkuQSN3fa9HMw8dwvQKU7FCtXRqZEqR8cOLYPZlAbhWcjn6b_G38zXUcA9-rEaL0PnQ9QmDW5e-Jfc5C8KEISpVYztJbosNePVP9rl4jwDo8WRloHidBmUNtZCrextkAU-KXD5-qQu7hCL5_wyYfzb5OwhOHl8srhYCREr_omCGEZbBBaD_tkU5Hfj55kaNkbrVMvOlVcHoJNpMonTnxO4GxoJwrkqRGFJYniwljT5FvJKVpzsPnkxZyUkxWugPv6PAcKeZc5o2VQLog_o8Bcpo8w1n6D0EC90KUzDOAfW2AxqbTKqDNuNwJX5a7Yvgfzkr-tf00ga2wnxd3UciAqZfX_ElF6KOFyQMBIdj-fmcrAp7OOduAbXoXLUuiy4vN2YbUmAdtuKGNu4SX-WHp_vMCgt80JYoKWj33tYz39tot5iIelnu3uNm4yVIS7tU_WY-pQol7K058lDGzEsQaV_KH2CsCLApIpGbY8xK6siJIpf_mC8CpkikJpw17e_OrPqlWSbBo6most5n1Xrjk5A363it_gpX1Cop-NW730r_sSIPGpj9SQZCrHraPiFVAJ_KN8j4JcVNMXdd29rQXsqvfw3sAnfIv2lUidHidt5HIrZ1QQu89yJC7WWSqzBI8chaPXMaBI_0FvWDs_94TsbNlnTkduBwNjip6JuaCLzRbD-BDhdB30TXN6kJ76X3kNuuvbZP8vJrRnIkv9EiOYymbAcr6_7hQf8DmvqaKFi_uwm2i1X43WzLekAOuY86mCAuj4omHpvDeH33Bn5sUPEMg1uLGEa89pVy9qKDsTnmyspudX-gTOs6nAuRXj3Cz-SmR_8EZtdNfbmuhrCgL_-NswIwytLfni-09xvNQxfCJNYQ&cid=CAASEuRorqN_Z9XgtsNRhocvRqbxVQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
667ddeb9cc4c08487f5d21dc754f41c0630c694d6d81ea4b541bb3776df1b3c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 56CE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CpnIELMTmU36d9ATDVM92NQsoKq5cJeVXe_qS_UwV9a--tFimnWaGNd1keuu9bMKBqMLrCYGToJs-wo2XdXIoDWGEa9MbPISwc6DgcI5CRZaHSYWY
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 56CE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
89
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:43 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56CE 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1618423651533291"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36717
x-xss-protection
0
expires
Fri, 16 Apr 2021 15:58:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/ Frame 56CE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210414/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
97
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5602
x-xss-protection
0
server
cafe
etag
7525161794280374107
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:35 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 859B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9B6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D9B6 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
16445860223971556662
tpc.googlesyndication.com/simgad/ Frame 859B 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16445860223971556662?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnyccryREvSwslG3iseKJy3LvJ6kA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e7af089831c1d1b017486f70f4dc574e40dc4ddb021d24729c09a9e50726d53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Apr 2021 02:44:30 GMT
x-content-type-options
nosniff
last-modified
Fri, 12 Mar 2021 08:56:20 GMT
server
sffe
age
134022
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44790
x-xss-protection
0
expires
Fri, 15 Apr 2022 02:44:30 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 859B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 16 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
4878
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 17 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 859B 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 15 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
63667
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 16 Apr 2021 22:17:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/ Frame 56CE 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210414/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bf2-5a2SBYGpsm3_EWyT56nqfMdGTWsif9DT7J0yPYHF_e7hENfa5jwxl05pp1lXl7W8_fyQ4kRJvYDvif6QyzVHK-3SR_W3JWOJ-NZwcRuS1tC45qks3T_WfZVIYxGrQr990MiSNsZFiCNyb_fhsYVRzJCA&cry=1&dbm_d=AKAmf-AmkoV1K8caHl5guBMA9yC30WX09sNVIS9wIALa8MH-3O_YzZuCL8YXqcWksazsnUsD1GpCDXPvOnvAHbDHQWuKJ6QGn89W6VQc-9Bn0i-nDAksurlkxwvaYw5wN6EqEtRUzynHFeu8jbCHl2K8RUNKMJWKOvuvND7km0uApWDhXRDtJzaibLmxcy_cXwdg5QzeKxxMkinxRSRi-9m-HdPK3XhEjl58n35RdrNXzNrNLIE4BL_vtEw7FM9iqMUr44nnGmbKp7dnrzR8bboTgOkW-Od1jaWsQVReJMPIcG8HrZJGDjJ0QVnPNXqmKnBp7DD9OYaYE4qUCB2tOPbxEsMhJqyItX0LBFo9oXBGBqlXrEZhh1XS0Jgk9-GietJx45TQsUT0hzulNELSan4_h5pFZKtkAd7wYGwlizXMeOTf6503SK-DGVtH2WqDbAXQOHPF1JlhwkElIpe5rOQOiz6kZlsTpPnmNcdq3O_9BEZByooNUkrScONflyFUxyV-0eZWhFPhoLZ1xb_0BhPZiYmeHuMpmX40kGfWzHzmNmcJ_ZzcjimwRQHv6Fm-HIk5dxAUxb8N7wKTNWhVJd68U57nj3YcR2Pb1Iiov_4zIiEshBrAZGR2NXZ5ux-qxdgP7U95dMC3GoAj2NFR5EOleqBw3DE5LWiYczRmeKWxbosq_WArxJlJfx-mo8673K0cYK_7Z1PyKf79e1CckuEIwNTElmdtciJU4PkQqnHKdaf4LCGn2j9bxOijHCFqBms_R6mkVyyEmwaRnAnzB8ZHppWKR089wFiArAKAmTE-Rn9Pc33KDW09hyX5nWgz3z3BLLz4pO5j4ildFuxHH6RYEUqjXvacHTXlu-2dQQmeqx0w-7AM1tlQw0czTt41j3yrHqzeFrB2IqwvoRMkSRLvbd1Ikz52hJhubVfMuMNTuwyhBAZTeGe_ROdLhgXOkTvUbpFyOrp4I0eWp2ter3I9_xFPWfIyjem5UMtB8-0IX2xaOwYDG2dQiF96LMEAA1UP-gBCCmAyXNxvbEKSRT6rPBmjwZ4XS5S7suqngXTBM8Ul4uDsUyetbBlkHK5BgeytpgURdWiHvQ10z5ntM-lEaVEZKpymJxZgsfEt14ctiVVsqXVlroRubdYQnXIMdDd8RBKJEf3l8k9IDltKVXHXRsFFq-6kFjIiYRV3_7VMhTJJu34Dca7NHm5r8Hh6YH6EyCoL05SOju0d1169adu9GgvN0bOPitH2j-1aQH9ggygSe3y9dq0Nn9ojDVseuo88Zx_5Ttp8zTWBHd3OWeAg8D7Mw6fQwQJGFlf7MMYof4l29pWDzq_azSkjJ0aG-0pr2xxJOIDXJIURpF0iJiOlnH1iyvIYtmvQ5AV1PD5Qa0WSCQVNV_iqIaq2CqhP5cEtgLhmO-NIgo7Po5o9cKHSPRhdnwEqo23_1Zb3oWh3GrQCOA3a3tDnHc3xpCqiqJ9YshJ-8MCFGsMmLJedNstqzO6d742cF7_kgXcJedLDKKGdDt0vJT9Kraqr496tBpcPmeWSrKjWqRJceFhXpieCXCTLqBQyuXDPrSa8ej1q1PhkJhF6dItgFpwhK_4Klj3v0whBBnVE49GSoJAknlXD8TyMg5iBiBEZ65hATfY6sWMENi7J2eqMJeltjgRZka3vhTBlcVCIdtL0-dccP6ca45zb3hY1DXFFocDv0RVxbfVeQfndfhrGcuUm2_gPfgCNkg3z0kBe3imLKSYU4VypNw-bPvnoM9OL6zOXur7h9FMgHN6PiUiY-q9a6CoJte4Wgz_DzGXVKON2G3-GdsUPqHD22pyidYqIz_9aOJY4olwB6fe8G7ZjfGrew5rf2W-8Sh4dO6wAxacnfPcs6EgdD3FI_B8rRZqYhB2T4sSbI7E2vLMG-749LktAwpeAwLcVS2iOoj7q7PUzZ19_7ar5N2CffW3-BC15qfQIhOjkCuArcSoGhcNFMLe0Vl_8I2V9qr9ledbxHZu-YqMXPgsYiSOH1Vp0XNuuUJQR7QVWkqxJqTtWvgbuN1i5DwjxL3xvFvMZbI5oxjNcF9icpi-KJLKc6fH6N2zYNgbaIFzlQj1yIwc1c4LCSmEM9HnNpqm1dVd6noztwMVFVUR5AX9caNV-cGQzzIZ_YjBQEgFEOY63kmb5wU8gJ2dwabVRBRhJyJ68RkuQSN3fa9HMw8dwvQKU7FCtXRqZEqR8cOLYPZlAbhWcjn6b_G38zXUcA9-rEaL0PnQ9QmDW5e-Jfc5C8KEISpVYztJbosNePVP9rl4jwDo8WRloHidBmUNtZCrextkAU-KXD5-qQu7hCL5_wyYfzb5OwhOHl8srhYCREr_omCGEZbBBaD_tkU5Hfj55kaNkbrVMvOlVcHoJNpMonTnxO4GxoJwrkqRGFJYniwljT5FvJKVpzsPnkxZyUkxWugPv6PAcKeZc5o2VQLog_o8Bcpo8w1n6D0EC90KUzDOAfW2AxqbTKqDNuNwJX5a7Yvgfzkr-tf00ga2wnxd3UciAqZfX_ElF6KOFyQMBIdj-fmcrAp7OOduAbXoXLUuiy4vN2YbUmAdtuKGNu4SX-WHp_vMCgt80JYoKWj33tYz39tot5iIelnu3uNm4yVIS7tU_WY-pQol7K058lDGzEsQaV_KH2CsCLApIpGbY8xK6siJIpf_mC8CpkikJpw17e_OrPqlWSbBo6most5n1Xrjk5A363it_gpX1Cop-NW730r_sSIPGpj9SQZCrHraPiFVAJ_KN8j4JcVNMXdd29rQXsqvfw3sAnfIv2lUidHidt5HIrZ1QQu89yJC7WWSqzBI8chaPXMaBI_0FvWDs_94TsbNlnTkduBwNjip6JuaCLzRbD-BDhdB30TXN6kJ76X3kNuuvbZP8vJrRnIkv9EiOYymbAcr6_7hQf8DmvqaKFi_uwm2i1X43WzLekAOuY86mCAuj4omHpvDeH33Bn5sUPEMg1uLGEa89pVy9qKDsTnmyspudX-gTOs6nAuRXj3Cz-SmR_8EZtdNfbmuhrCgL_-NswIwytLfni-09xvNQxfCJNYQ&cid=CAASEuRorqN_Z9XgtsNRhocvRqbxVQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:56:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8468
x-xss-protection
0
server
cafe
etag
17868783254023373946
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 30 Apr 2021 15:56:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 56CE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bf2-5a2SBYGpsm3_EWyT56nqfMdGTWsif9DT7J0yPYHF_e7hENfa5jwxl05pp1lXl7W8_fyQ4kRJvYDvif6QyzVHK-3SR_W3JWOJ-NZwcRuS1tC45qks3T_WfZVIYxGrQr990MiSNsZFiCNyb_fhsYVRzJCA&cry=1&dbm_d=AKAmf-AmkoV1K8caHl5guBMA9yC30WX09sNVIS9wIALa8MH-3O_YzZuCL8YXqcWksazsnUsD1GpCDXPvOnvAHbDHQWuKJ6QGn89W6VQc-9Bn0i-nDAksurlkxwvaYw5wN6EqEtRUzynHFeu8jbCHl2K8RUNKMJWKOvuvND7km0uApWDhXRDtJzaibLmxcy_cXwdg5QzeKxxMkinxRSRi-9m-HdPK3XhEjl58n35RdrNXzNrNLIE4BL_vtEw7FM9iqMUr44nnGmbKp7dnrzR8bboTgOkW-Od1jaWsQVReJMPIcG8HrZJGDjJ0QVnPNXqmKnBp7DD9OYaYE4qUCB2tOPbxEsMhJqyItX0LBFo9oXBGBqlXrEZhh1XS0Jgk9-GietJx45TQsUT0hzulNELSan4_h5pFZKtkAd7wYGwlizXMeOTf6503SK-DGVtH2WqDbAXQOHPF1JlhwkElIpe5rOQOiz6kZlsTpPnmNcdq3O_9BEZByooNUkrScONflyFUxyV-0eZWhFPhoLZ1xb_0BhPZiYmeHuMpmX40kGfWzHzmNmcJ_ZzcjimwRQHv6Fm-HIk5dxAUxb8N7wKTNWhVJd68U57nj3YcR2Pb1Iiov_4zIiEshBrAZGR2NXZ5ux-qxdgP7U95dMC3GoAj2NFR5EOleqBw3DE5LWiYczRmeKWxbosq_WArxJlJfx-mo8673K0cYK_7Z1PyKf79e1CckuEIwNTElmdtciJU4PkQqnHKdaf4LCGn2j9bxOijHCFqBms_R6mkVyyEmwaRnAnzB8ZHppWKR089wFiArAKAmTE-Rn9Pc33KDW09hyX5nWgz3z3BLLz4pO5j4ildFuxHH6RYEUqjXvacHTXlu-2dQQmeqx0w-7AM1tlQw0czTt41j3yrHqzeFrB2IqwvoRMkSRLvbd1Ikz52hJhubVfMuMNTuwyhBAZTeGe_ROdLhgXOkTvUbpFyOrp4I0eWp2ter3I9_xFPWfIyjem5UMtB8-0IX2xaOwYDG2dQiF96LMEAA1UP-gBCCmAyXNxvbEKSRT6rPBmjwZ4XS5S7suqngXTBM8Ul4uDsUyetbBlkHK5BgeytpgURdWiHvQ10z5ntM-lEaVEZKpymJxZgsfEt14ctiVVsqXVlroRubdYQnXIMdDd8RBKJEf3l8k9IDltKVXHXRsFFq-6kFjIiYRV3_7VMhTJJu34Dca7NHm5r8Hh6YH6EyCoL05SOju0d1169adu9GgvN0bOPitH2j-1aQH9ggygSe3y9dq0Nn9ojDVseuo88Zx_5Ttp8zTWBHd3OWeAg8D7Mw6fQwQJGFlf7MMYof4l29pWDzq_azSkjJ0aG-0pr2xxJOIDXJIURpF0iJiOlnH1iyvIYtmvQ5AV1PD5Qa0WSCQVNV_iqIaq2CqhP5cEtgLhmO-NIgo7Po5o9cKHSPRhdnwEqo23_1Zb3oWh3GrQCOA3a3tDnHc3xpCqiqJ9YshJ-8MCFGsMmLJedNstqzO6d742cF7_kgXcJedLDKKGdDt0vJT9Kraqr496tBpcPmeWSrKjWqRJceFhXpieCXCTLqBQyuXDPrSa8ej1q1PhkJhF6dItgFpwhK_4Klj3v0whBBnVE49GSoJAknlXD8TyMg5iBiBEZ65hATfY6sWMENi7J2eqMJeltjgRZka3vhTBlcVCIdtL0-dccP6ca45zb3hY1DXFFocDv0RVxbfVeQfndfhrGcuUm2_gPfgCNkg3z0kBe3imLKSYU4VypNw-bPvnoM9OL6zOXur7h9FMgHN6PiUiY-q9a6CoJte4Wgz_DzGXVKON2G3-GdsUPqHD22pyidYqIz_9aOJY4olwB6fe8G7ZjfGrew5rf2W-8Sh4dO6wAxacnfPcs6EgdD3FI_B8rRZqYhB2T4sSbI7E2vLMG-749LktAwpeAwLcVS2iOoj7q7PUzZ19_7ar5N2CffW3-BC15qfQIhOjkCuArcSoGhcNFMLe0Vl_8I2V9qr9ledbxHZu-YqMXPgsYiSOH1Vp0XNuuUJQR7QVWkqxJqTtWvgbuN1i5DwjxL3xvFvMZbI5oxjNcF9icpi-KJLKc6fH6N2zYNgbaIFzlQj1yIwc1c4LCSmEM9HnNpqm1dVd6noztwMVFVUR5AX9caNV-cGQzzIZ_YjBQEgFEOY63kmb5wU8gJ2dwabVRBRhJyJ68RkuQSN3fa9HMw8dwvQKU7FCtXRqZEqR8cOLYPZlAbhWcjn6b_G38zXUcA9-rEaL0PnQ9QmDW5e-Jfc5C8KEISpVYztJbosNePVP9rl4jwDo8WRloHidBmUNtZCrextkAU-KXD5-qQu7hCL5_wyYfzb5OwhOHl8srhYCREr_omCGEZbBBaD_tkU5Hfj55kaNkbrVMvOlVcHoJNpMonTnxO4GxoJwrkqRGFJYniwljT5FvJKVpzsPnkxZyUkxWugPv6PAcKeZc5o2VQLog_o8Bcpo8w1n6D0EC90KUzDOAfW2AxqbTKqDNuNwJX5a7Yvgfzkr-tf00ga2wnxd3UciAqZfX_ElF6KOFyQMBIdj-fmcrAp7OOduAbXoXLUuiy4vN2YbUmAdtuKGNu4SX-WHp_vMCgt80JYoKWj33tYz39tot5iIelnu3uNm4yVIS7tU_WY-pQol7K058lDGzEsQaV_KH2CsCLApIpGbY8xK6siJIpf_mC8CpkikJpw17e_OrPqlWSbBo6most5n1Xrjk5A363it_gpX1Cop-NW730r_sSIPGpj9SQZCrHraPiFVAJ_KN8j4JcVNMXdd29rQXsqvfw3sAnfIv2lUidHidt5HIrZ1QQu89yJC7WWSqzBI8chaPXMaBI_0FvWDs_94TsbNlnTkduBwNjip6JuaCLzRbD-BDhdB30TXN6kJ76X3kNuuvbZP8vJrRnIkv9EiOYymbAcr6_7hQf8DmvqaKFi_uwm2i1X43WzLekAOuY86mCAuj4omHpvDeH33Bn5sUPEMg1uLGEa89pVy9qKDsTnmyspudX-gTOs6nAuRXj3Cz-SmR_8EZtdNfbmuhrCgL_-NswIwytLfni-09xvNQxfCJNYQ&cid=CAASEuRorqN_Z9XgtsNRhocvRqbxVQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 12:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12886
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Apr 2022 12:23:26 GMT
truncated
/ Frame 6D0E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42e9ebca41921709f72efe4ebb20e7dd260056b5d65e308cc173fa0efcb9994a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
default.css
ad4m.at/0.1.122-318/style/one-ad/ Frame DC9F 		58 KB
59 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/0.1.122-318/style/one-ad/default.css
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=hiljLg==, md5=+lvqF0TsKKKClDdg0n1GpA==
date
Fri, 16 Apr 2021 15:58:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2783105
cf-polished
origSize=59196
x-guploader-uploadid
ABg5-Uwujar11Vkwh6U6n2MXFne7AWYJGqCzROZDlvajsE11nvMJCQziEfwndO5biOTHJ84pHc8ApwhyUSOSXqNIPW1AgPvCqQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58969
cf-request-id
097d00898c0000145aab11e000000001
last-modified
Mon, 15 Mar 2021 10:52:33 GMT
server
cloudflare
etag
"fa5bea1744ec28a282943760d27d46a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KWBp9%2Fk%2BfKX1fAFLDoNUruuAl8Nh5YZvBltiefFpz35Fbw7aAz8OPiE5TdgVoOXhFizq9S%2BRBEaikW2vC%2BLwxnkdCkzd6kP0dgaQbstI%2BWWzBS%2Fi"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1615805553645751
content-type
text/css
expires
Tue, 15 Mar 2022 10:53:07 GMT
cache-control
public, max-age=31536000, no-transform
x-goog-stored-content-length
6688
accept-ranges
bytes
cf-ray
640e9d227bd6145a-FRA
cf-bgj
minify
r62eglto.js
ad4m.at/ Frame DC9F 		57 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: ad4m.at
URL: https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc115a46ce156710a19ed06e0af00a44e29981f1d99643b926543e7eed1449dd

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=lJtetw==, md5=okexh2AmNv8BhTOt1CmD5w==
date
Fri, 16 Apr 2021 15:58:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
18754
cf-polished
origSize=58852
x-guploader-uploadid
ABg5-UwMN9IdrYdt59QFbdoxR25tYqgyP0pv3-9b04kHRH1N-i2iOrCI3Y5IHXPAyWU3VNdkSWJmmvYuSnkPAgQ7ovXZ0QXGEA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
097d00898b0000145a7aa63000000001
last-modified
Fri, 16 Apr 2021 10:45:22 GMT
server
cloudflare
etag
W/"a247b187602636ff018533add42983e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X53CT9TAMaq%2BNL%2Bgw8Dt929Iyi3mm2KooA5qwb7LgUup%2FAgV2YsDdPPwLr7VHRWelM8kt9Zgq3gdXd525FbA4Jf0%2FraYScWoNSdRp32rz63KZS93"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1618569922568835
content-type
application/javascript; charset=utf-8
expires
Fri, 16 Apr 2021 10:45:38 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
15264
cf-ray
640e9d227bd2145a-FRA
cf-bgj
minify
pixel
cm.g.doubleclick.net/ Frame E4CF 		170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E4CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:12 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E4CF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YHm0FMZwI8k9OSaFU6B79QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYrsjFlQEwAQ&v=APEucNWnuSeFU-idG6-bJ6P2DywIEOeHHVGWUodanSnYuohJw6fnb0vzd91ix-bw7Omr3LQ79KkqcNvhIEJAtXgCkihmP5XCWylQPQM_Jlxzg_y1rnolyE03ap2oZiSJguQtJ0fdHwp0RJvIIPR0_RprKu6E8bsZ7pYRQbttfCjOfMUuWvcJXMGfgj-pKP_4Yps-c9JMJmnDC7RnFQcXhrb-9vTstiHgxg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:12 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:12 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENDBDZd4dHfV5y8U71zKjY0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A4E7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1&google_push=AQvitULvQwffaej99l1Dghqgl2VcUSZkOd3vcy4HJy_s-3WQ1WyNkEdPY6vQ79FjQWWH_9w53q4ElmOsbWUdPg8nodk20oGnqZoK5Q
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyMzg5ODM2MDU0NTI3ODc1Ng==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame A4E7 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEP4eCvJNMUMTw1LB6I7F-wc&google_cver=1&google_push=AQvitUL6nvHVChXkBC9zMQn9hkZR8XiW-xguxSmDLyzN1UoYXd-EdDuV5E29skJO9yBNzM3YSVNq8sDyKDViy1Sf4ZvU2ErAGhJ8
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame A4E7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDlxaQl8FG7FTJUOsMOCUBM&google_cver=1&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqo...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqoWyoea5eoPqOg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqoWyoea5eoPqOg
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 15:59:40 GMT
Server
MT3 3660 495c301 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUKXuBvpUA5TPRZLmCED8IdHZ-M8doYxfC650IDAxvtQODSipIF5SDsl7NeYhgjsbQajuRcvYu-xcKoqopqoWyoea5eoPqOg
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 15:59:39 GMT
pixel
cm.g.doubleclick.net/ Frame A4E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_push=AQvitUI6tEI4lOVIMUKn8GjPwgmlc27HPbd8M_QPQxsMQMJREJQf0Ji25-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_push=AQvitUI6tEI4lOVIMUKn8GjPwgmlc27HPbd8M_QPQxsMQMJREJQf0Ji25-2h67dDHcO15ToH0p50lIUkq6LgHHjmR2SBr1FbEWPy
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1618588693.909856,VS0,VE89
x-served-by
cache-hhn4074-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_push=AQvitUI6tEI4lOVIMUKn8GjPwgmlc27HPbd8M_QPQxsMQMJREJQf0Ji25-2h67dDHcO15ToH0p50lIUkq6LgHHjmR2SBr1FbEWPy
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A4E7 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECMtiRbYCZsRkZCxG0ax3N8&google_cver=1&google_push=AQvitUIDrJKk2hy_ywcNjcuXRUIZu6ThslepoLDG29Oj83aIhpw4yJNbbJd9P_FN9amZ8lVhHaS2Yu52FM_dg5-HVC2Rf_8Yz7hYHA
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame A4E7
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEIPqlMkn84yc_na3qNTFpTI&google_cver=1&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C53...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uL8qOzJ3Qia6pHeAFIdVYA2&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C5304678GfdPiN_Aw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uL8qOzJ3Qia6pHeAFIdVYA2&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C5304678GfdPiN_Aw
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 16 Apr 2021 15:58:12 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=uL8qOzJ3Qia6pHeAFIdVYA2&google_push=AQvitUIdZgj2TbxHyMVrBxGsqBpr_Y6XMfx0Gd9o-ak4btZS8uLtMzjRzrwRLQf1Z1pEtUloavHssi5hcwur4C5304678GfdPiN_Aw
x-host
tde-deliveryengine-production-58667bd6-6p97r
alt-svc
clear
content-length
0
dot.gif
s0.2mdn.net/ Frame A4E7 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGRv-2Ncyx-DHF1LIC3E2lw&google_cver=1&google_push=AQvitULatBk7266TILctRzJ0Z_LxZbjrtvHrd5yl2bRikOzyAB6GNUdOn51vhyljSUEWuJAbW0Z5EfFmzXS2fmbyZRPcc-f0KC2eug
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 17 Apr 2021 15:58:12 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A4E7 		0
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2DifbMK4aKdIvqxbN8IW-RA8gInoBWb4oQc90_cSxD9NI-vh07yGlx9pbzxPoDw5LNAAN
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C272 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 16 Apr 2021 15:30:55 GMT
expires
Sat, 16 Apr 2022 15:30:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1637
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
7s5aqbwk6y4k
hal9000.redintelligence.net/zone/ Frame 56CE 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/7s5aqbwk6y4k?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
8715fdb98d9047f23ebb06c6b27092e37698aa9b55752be3fd78ca5ae984cf16

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:12 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3836
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame DC9F 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: ad4m.at
URL: https://ad4m.at/0.1.122-318/style/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Referer
https://ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
3041
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
cf-request-id
097d0089c900002bd61a131000000001
last-modified
Thu, 08 May 2014 12:48:39 GMT
server
cloudflare
etag
"536b7d27-cbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZvvN63ItJEDJG8e2%2BQijj1ImQM0Ov4J0eVqIvN3GbryX62pllmlrKXOlTCRpoqytguT1a50ucJFTiq3D%2FVcWYbhsSfxhzCUUqZbcDgSiT66uBO79wW94L26FtAsvpDVS8g%3D%3D"}],"max_age":604800}
content-type
image/png
cache-control
max-age=7200
accept-ranges
bytes
cf-ray
640e9d22dbc32bd6-FRA
frame.html
ad4m.at/ Frame 23E3 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-type
text/html
set-cookie
__cfduid=d596b5c1dcbb42ebb75f2c98500c58f691618588692; expires=Sun, 16-May-21 15:58:12 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
x-guploader-uploadid
ABg5-Uzi-1_7uN1L8Go-AcToEKZJyXjllwzgePCBHnWKzncHxGLbW1M4lc91qTv6-AdP5Mr6zohgm6Oj3Mxhx9DFytM
expires
Fri, 16 Apr 2021 16:58:12 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
cache-control
public, max-age=3600
age
2201917
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
HIT
cf-request-id
097d0089bb0000145a47b2d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eguNmi3fV6a%2BDgk4dBoPUIVXyAHhDWklIyY3TFJk%2FhxMBz99hD%2F6mdtsCkQ2t%2BZf8wIZSeutE2D%2BmS8PlP0vbfDr5Go8Jvr6QTdsM%2FvfKA5DXmqK"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
640e9d22cc7b145a-FRA
content-encoding
br
aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
pagead2.googlesyndication.com/bg/ Frame C272 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aTo5JV-AjziuZNTa8Sp43jLVG8qXCwH7OYU06B-2QbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 06:55:53 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
32539
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5682
x-xss-protection
0
expires
Sat, 16 Apr 2022 06:55:53 GMT
request.php
hal900012.redintelligence.net/ Frame 56CE
Redirect Chain
  • https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
484ceb31010afab0e404c529944acf5f2a292df0568236cd715bd46f6e5bbae4

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:13 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
52110700156516500710578011566012
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1001
Expires
Fri, 16 Apr 2021 16:58:13 +0200

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 16 Apr 2021 16:58:13 +0200
frame.html
ad4mat.net/ Frame BA72 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4mat.net/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:aa7a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964

Request headers

:method
GET
:authority
ad4mat.net
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:12 GMT
content-type
text/html
set-cookie
__cfduid=dfa59249142d9b6b4cd3cd9dff054471f1618588692; expires=Sun, 16-May-21 15:58:12 GMT; path=/; domain=.ad4mat.net; HttpOnly; SameSite=Lax; Secure
last-modified
Thu, 12 Apr 2018 07:50:15 GMT
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400
cf-cache-status
HIT
age
3054
cf-request-id
097d0089fd00002bd61d0df000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G78AVaA0nbLp1lzaLSgxqZ6EpeDSmsNMNmw4rt1rjHmEb6HjGX18pQ4SRJDHNhy7qzjrgLHnw5kr0dzP3nKW%2Bc9PtOCBJguUh2WSAkQHPQSKmQK9OlBC"}],"max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
vary
Accept-Encoding
server
cloudflare
cf-ray
640e9d232c622bd6-FRA
content-encoding
br
gen_204
pagead2.googlesyndication.com/pagead/ Frame C272 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBxiZFLR5YNrjLqHF7_UP-4Ws0A0AAAAAOAHgBAI&bg=!ODulO3_NAAZUuIlwVLg7ACkAdvg8WgthK3GC7mbMHspdNkBBQhGeiP8X0xeLXxh4Vyxz0s9JMsUokAIAAABbUgAAAApoAQcKARx4GgsoZvJaYb3URgRrh7KrWclu594iz0iTaufQowwJdDl4Rll1jQ_Hcn8-wy81bB8pl_hCUIlS3-5-Q8RBXOZaCImexa7D4TJ-pCEhGENgd6-ZkZIUItb8rK7nMt2Q5jrhVw73mxEZhMhrDIpOdvMXspSsFgF7ay6bbDWkKnubk-fUGlNmwvL5ajRdx_eT3M970O-M6Q3jLP4iHReHb55gwKuOqHfHbewuL4pfXuGDIB0oIQp7jeinJmChOQRjx0MHzIPfnak5jB8qs3PmHbvHELM0X7oyGT6AMlY2rELprpFVtIk93eZThWPX5y5UczGc6mTXBi6Wr2_3Juo7i9009d8LSGeSOjXmd8OClWi6Hfi_loD9zoGYFpzVFJkCZIXU-LtAJC6RVLUR86wK0Grsk0TMr31XWFi9y7O-lUtkB0gad6dM_hn5sQ3lQGiW9zGD8JvZ_jQto9msTxQPV9tptr1ofvSN9UxS8Rb0v4jixISn7WKAxoNk2RCTezIzAe7a46Nk-sCEiUjAuFjVnryml5uqfz6MglILte_1t31ag0jvxI4-tMcUR_8CdMO2MZnRcqIHTXRwzC-QnmtihXA_2Uihf5-hY5rudHjvOS4QekIDAFYn0C8xlVb6jDLRBM7m7HTtC256boL991gn8maaHELAQAVeRlL3m-9gi3ySXbKG0z2FqHmyxB5PIdnT-RN1TiQP0s1ZgBszlWv16cKPz0jHVlMNqVrruEETEHZzHd0s8Fwja5LT_3jjpN8a-MAG_-fp7jNPpbJS6LrqY5W0kzOeCDwdQNnNwzBl3GoBEZuS7br8YooqJBhqyMz0a04wVF1tD_40aqXP03kWJCNezGNLW4qhs8AYNrSz3hDXf9FOQ6HRJBAxTRnvMpq_vZLM5FJLVjsD16rqg5t8XmVm94wu55vY-GPO16G3w3AWBsHWAYVnAdM_Ndf4fBD-kkuzOuariQb9BDX-lxrMwSUPJyET8O99drz2OkaAnPecv6ArHhsBjppeqpigXtitMVn2ZBQupingQKvplZWuQP9nQrK2RSgIs4M9iO-73gyPrZDevLjELOR3B3f4auV85HfcoeYXmQfXehLkoPWacY6gHzPlAawbphqJ8oZYNv8bZmIIX-4UFTSn9n1l6mjkZH2IAtkkkgLNpEnCxd-1b5l7RZ-DbsoWIRarhB1WK2JgXKT5QQ
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
pb.media01.eu/ Frame A951
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=52110700156516500710578011566012&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
0
607 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Kassel, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Fri, 16 Apr 2021 05:58:13 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=bcy51wgl4rwkp5wqdsuvt14k; path=/; secure; HttpOnly DTU=3D4AD86712F96845F3DB72EA6896815C; expires=Sun, 16-Apr-2023 15:58:13 GMT; path=/; SameSite=None; secure; HttpOnly
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Fri, 16 Apr 2021 15:58:12 GMT
content-length
0

Redirect headers

server
nginx/1.17.5
date
Fri, 16 Apr 2021 15:58:13 GMT
content-type
text/html; charset=UTF-8
location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=52110700156516500710578011566012&actionid=731824&produktid=businessgiro&dt_url=
x-powered-by
PHP/7.2.21
access-control-allow-origin
*
access-control-allow-methods
GET,PUT,POST,DELETE,OPTIONS
access-control-allow-headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
access-control-allow-credentials
true
set-cookie
trscj=MTYxODU4ODY5M3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRNekJoTjJSbU9HUmxaR0UwWVdFMlAzTjFZbWxrUFRVeU1URXdOekF3TVRVMk5URTJOVEF3TnpFd05UYzRNREV4TlRZMk1ERXlKblE5YUhSc2NBPT18YUhSMGNITTZMeTh4TXpRMFpqUmhZV1l6TVRZMFl6TTJNRGt5TWpOaE16WXhabVUzTW1ZMk5DNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D; expires=Sat, 16-Apr-2022 15:58:13 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure
strict-transport-security
max-age=63072000;includeSubdomains;preload
activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818
8019191.fls.doubleclick.net/ Frame 73AC
Redirect Chain
  • https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
  • https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
7a5e9157b6a2438323892c0ec7c9f26776530322f598bd45275b640854fb5db0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8019191.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnRXRpUHNTuISXeFiKgH9XsAH0rYvi7LAiAogmQtseh_AWIACSqNBpdeegzobY; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Apr 2021 15:58:13 GMT
expires
Fri, 16 Apr 2021 15:58:13 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Fri, 16 Apr 2021 15:58:13 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900012.redintelligence.net/ Frame FF3A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request.php?zone=7s5aqbwk6y4k&nw=20&renderingType=javascript&namespace=ff8b364f79&subid=&uid=871bd363a335a174&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=468x18&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCi8w2FLR5YMHmBIubgQeS24vQBo_g-IZTtbWLpMoM8C4QASDyrYUcYJWCgICwB8gBCakCoBiA-5gYtD6oAwGqBMkBT9AdbI9UmFds7nkqL6D_d2kizQYOiMt2-RbkUsIfead6qMBMJGECExwWBKLajaxi05H3S6UOmqxIZDJHzCZ4L_R9XDeBbMFrOkPKZDd-NRCZrIomByp8cxQcSoxoYba3LiJeHKAjkpHCjQo87z0e3y_aX7mVNk-aOs6pWC2UKXknu-_pcsFFKNO4U4noZ-1ScdfGOxiPArA6wC7gQfvQKsUsDZMsPDaqBajkRtU9oQpip4pDR-S_wdXvoapIaLCFl_KDYnlZuxdMwAS78ajAzwHgBAOQBgGgBk2AB-vn6F6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7NUbqAfulrECqAemvhuoB-zVG6gH89EbqAeW2BvYBwDSCAkIgOGAEBABGB2ACgOYCwHICwGADAGwE8Ka2grQEwDYEwPYFAE%26ae%3D1%26num%3D1%26cid%3DCAASEuRorqN_Z9XgtsNRhocvRqbxVQ%26sig%3DAOD64_31u2TKomedo_Px8QXcphHk3QAi-A%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-D3F6xX81SDdtmpgGcNKGZeR2s8iHRLY1ks2MROKxnd7K9WIBWNGeSo5LLUaLoYx9T7OI6Yvec943yVYKUbHmmdogRrnUGWp_KRD2y7WOV-Q-BzqJbb3M4CdFWMaECYTIwx5BaeOJ0o3lGzCwbk0ivw0jnTjQ%26cry%3D1%26dbm_d%3DAKAmf-D2C6MxB2FU1miz-aBmdmHRhJ_r7wf-WL0bHA2xiDS3tCEm9erNInYBjETxdPYaDy0m5CuLo1zFJVBH_lcrm6dia6UnPWTRTKywUlq68V8kM76iVYCM4U0xTVY6JOXXaJ6MISnR8roJt48zsJoJ83V6UE-X2fTL_ceS2nanwCk6xz_sIaiTjGaSZinO_2QQX-_SBUSMu-PiRey9nvV58-kj1xUD-Whdw7912Ml72WNpYnIesmkRUJcm2jYh8XG1bqa7PJnm4pQt9IsHmWfoEYry7-y-uAB1pn_HUCDsJSlbb-aJgv9ufc8yb5IedQlZIwm-tgo5ZKNkptsykebCNLxZ8YyYInvopSh1vSJnqpzBFuOXipOA1Se-TFd15zYJbF1QDMmW6452Sq0N2wThZXdLbYTaYf1l7JAQS936-DXbnCEQE8L5-VLx5ZR94nO9uaT9bbBf%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=9703883826829&isIframe=1&container=&adPos=0x14&adPosCheck=1x15&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
eee40e48d32ec12b924e18f55d0e2dfa977b5662f573920bb610a4240b050ffb

Request headers

Host
hal900012.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=e9c67b58668814d8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 16 Apr 2021 16:58:13 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1644
Connection
close
Content-Type
text/html; charset=utf-8
native.png
ad-server.eu/wm/pb/ Frame 56CE
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=52110700156516500710578011566012
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 16:00:08 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

location
https://ad-server.eu/wm/pb/native.png
date
Fri, 16 Apr 2021 15:58:13 GMT
server
nginx/1.17.5
x-powered-by
PHP/7.2.21
strict-transport-security
max-age=63072000;includeSubdomains;preload
content-type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E596 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 16 Apr 2021 03:14:09 GMT
expires
Sat, 17 Apr 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
45844
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 56CE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db755419f84b079b5121b93d0ae0e0732cf8276009771b00a5639e87845dee6a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E596
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1&google_push=AQvitUJY6S0uU2Tp4NKXbQthw5Tj6g09Z29bwu2dNOOhBLC3pGJozs_9QusuapdE132v_WT6SMMC9SFZTNwzHC7-_nGqS_ldhOHR
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzAyMzg5ODM2MDU0NTI3ODc1Ng==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEAzs_ntJByXyke_n18Ssn40&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E596
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0hyVGNoVVoxTHhxUmY1&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0hyVGNoVVoxTHhxUmY1&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQMgZi7ZR97J5P42depuJ4bEHqtZ_q_qtABBIRpXpsgN_4v3TiUiIt0
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-09324c87255a730c5@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=d0hyVGNoVVoxTHhxUmY1&google_gid=CAESEPUyAGuwrnYq-alANOogLI0&google_cver=1&google_push=AQvitUIXWFSO7gnpaG0sBC9hxPOO2FoVcJZZjK32bhBnuPQMgZi7ZR97J5P42depuJ4bEHqtZ_q_qtABBIRpXpsgN_4v3TiUiIt0
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E596
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhtMEZBQUFLcEpzU0FCZw==&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitULjBqxOH_ZetPBTZ0gW6zQrc0oQWe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhtMEZBQUFLcEpzU0FCZw==&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitULjBqxOH_ZetPBTZ0gW6zQrc0oQWePIFO7fq7cLNL1lWcWZXPt9A_5PqraPZ_QLVdWfQ22T9l6eSgvZ-rtqiYInubMI3jN2
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618588693.159549,VS0,VE0
x-served-by
cache-hhn4074-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WUhtMEZBQUFLcEpzU0FCZw==&google_gid=CAESEFRdQA4P07gC-XkYsPjpEqI&google_cver=1&google_push=AQvitULjBqxOH_ZetPBTZ0gW6zQrc0oQWePIFO7fq7cLNL1lWcWZXPt9A_5PqraPZ_QLVdWfQ22T9l6eSgvZ-rtqiYInubMI3jN2
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame E596
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEM4L-a3VejRjyGDjJO7tlR8&google_cver=1&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKE...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKEDpNSpe8OuTm6gzkvJ&google_hm=Mk4lg0vjQo2Lx2dSda8KKFk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKEDpNSpe8OuTm6gzkvJ&google_hm=Mk4lg0vjQo2Lx2dSda8KKFk
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:12 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AQvitUL_BMe3cvXRl_PhK1rsD3FvLOL8gH59KqiU-0znhOBhQpsNKRH-ZQIlpAtq0Jfsfka5LYPQ1ZJxAKEDpNSpe8OuTm6gzkvJ&google_hm=Mk4lg0vjQo2Lx2dSda8KKFk
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
dot.gif
s0.2mdn.net/ Frame E596 		43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEGRv-2Ncyx-DHF1LIC3E2lw&google_cver=1&google_push=AQvitULrDHU08psZHgK-vf_r4FRleQFpAJrfDFLPyY-dNC9Le81nOump2PPfPEHI5UC3sRaS9xxCLi0bAQMBXAwSluyer0miDfzk
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sat, 17 Apr 2021 15:58:13 GMT
pixel
cm.g.doubleclick.net/ Frame E596
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHm0FMZwI8k9OSaFU6B79QAABHMAAAIB&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_push=AQvitULuw0AZx2ZRiDN6I-EDnhLuQogEcbVIyvR3foL29jtt1V0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHm0FMZwI8k9OSaFU6B79QAABHMAAAIB&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_push=AQvitULuw0AZx2ZRiDN6I-EDnhLuQogEcbVIyvR3foL29jtt1V03Q_riapJlcKLKRJFd0CW4nHEI_IUQ0EtNuQkIHBSAq_ur3zlk&google_cver=1
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YHm0FMZwI8k9OSaFU6B79QAABHMAAAIB&google_gid=CAESEOnDe4d4v33n5khOo7z6e58&google_push=AQvitULuw0AZx2ZRiDN6I-EDnhLuQogEcbVIyvR3foL29jtt1V03Q_riapJlcKLKRJFd0CW4nHEI_IUQ0EtNuQkIHBSAq_ur3zlk&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Fri, 16 Apr 2021 15:58:13 GMT
pixel
cm.g.doubleclick.net/ Frame E596
Redirect Chain
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2Ot...
  • https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2Ot...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2...
  • https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEEjZ9MCUFchpn75auyiJEXg&google_cver=1&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YzcyYzFjNC05ZWNjLTExZWItODZlOS0wNjg4NzAyNjYxYzY%3D&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YzcyYzFjNC05ZWNjLTExZWItODZlOS0wNjg4NzAyNjYxYzY%3D&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA4YzcyYzFjNC05ZWNjLTExZWItODZlOS0wNjg4NzAyNjYxYzY%3D&google_push=AQvitUJizAJnQ2Qo3CUcrTQbNwBPFr3bNU2T7ptwaOZUw98jpdgRQ2OtlN_Ev1mb3Kqtz5dh5v5gfdG-FlIG_yQsYYUzwshh4z60YA
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame E596 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjdEmiLZ4ekU7Go2PhT8C2bX2TMzfxs41Q_XxIWFd2Ej1WBMA7zw3PP4jbyBLeF2DsCdpWIw
Requested by
Host: 1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
URL: https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:13 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame FF3A 		4 KB
648 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 16 Apr 2021 14:12:23 GMT
server
ESF
date
Fri, 16 Apr 2021 15:58:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 16 Apr 2021 15:58:13 GMT
/
hal9000.redintelligence.net/scale/ Frame FF3A 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=114&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/laptop_1200x627.jpg
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
a4b9fdbd114f960595d9115c1f69122cbfc092eb201dac21dd4a06d06379f676

Request headers

Referer
https://hal900012.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:13 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15186
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal900012.redintelligence.net/ Frame FF3A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=52110700156516500710578011566012&a=7379a095&vb=m
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:13 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame FF3A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hal900012.redintelligence.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
age
453275
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame FF3A 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://hal900012.redintelligence.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
age
453275
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818
adservice.google.com/ddm/fls/z/ Frame 73AC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818
Requested by
Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CIOs4eCQg_ACFffnuwgd-JMHdA;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9869084236748.818?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8019191.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2D4A 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsut0CWFF4ABUUQpge127WN__C5gFBXv6maUEiakiMSettB3ziYcFIg5p2_mdFR-seahET2oeWQ4NscC6-Xv7MLbPauASHipj8Ga6N3smgiftuAPRp6qLU5PmmYGMA&sai=AMfl-YSefvL5nWbzZE_Z3bsiiFvgNyLLOX6cv7uC3BymmkLx9Sbp7DEu1UBMctE846XXewxaSzmYFEM1KILTBNtY5a3obPzZy-xODiQdiAD_ctbT8-L6EtzlGfGOwJsU&sig=Cg0ArKJSzFtyQz2nRABREAE&cid=CAASF-RomI78GZoYPq2y1tCM2LhgutYtoBce&id=ampim&o=712,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=165&tls=1166&g=100&h=100&tt=1166&r=v&avms=ampa&adk=167273885
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 859B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIuFq1D-10GJsXLy02bwDAKOY2wXZPC3qLtjvyhYSxwr5NuPNy5GJWyi7IThUBogCInFP1fbZJQimyJURuNDBQEDQQLBcACqD0_LY3CY8ANbHlaI2EokwD_agcFg&sai=AMfl-YSMHYmEPYC1RmzOrqUmJXIwvpJpkFgRcrvShmupuxqXeuApReKJaEE2iVoZzl5dBnbx-X4DAriSiNfsCm2AWPJtSrJnXblTdJ0s5VVjKF-NzAUotS2YVVpR2gzy&sig=Cg0ArKJSzH94_AnGpcMDEAE&cid=CAASF-Ro6vQXbA0IEMKbWfiAr09DMb4sSKRL&id=ampim&o=1140,194&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=157&tls=1157&g=100&h=100&tt=1157&r=v&avms=ampa&adk=1304712773
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56CE 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNuGoep4nKi89OuSUXV8r43cR1BV7_bsM93Og4PAt2zaKiP99i-78kyoB0IRmBmuYWJeN7RQZ4uFv7veaQdZgINiqkIW39Zmg4NhRwmweKYIiB&sai=AMfl-YSLVzioqWw0Wx5YSEDhaZP_-oIzPJKs9kf9XOowc0CPhkHW6XnEyMUtc57uWXvfCu7MksJcyDIs_YHvO6qqhlvW0nroRFDdl6LRnXJFTsWPCkTPaZoemcNWiM9g&sig=Cg0ArKJSzOSZgII9E2dwEAE&cid=CAASEuRorqN_Z9XgtsNRhocvRqbxVQ&id=lidar2&mcvt=1000&p=513,496,577,964&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210414&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&app=0&itpl=20&adk=4006668155&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618588692642&dlt=29&rpt=2&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900012.redintelligence.net/ Frame FF3A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900012.redintelligence.net/viewability?s=52110700156516500710578011566012&a=7379a095&vb=v
Requested by
Host: hal900012.redintelligence.net
URL: https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal900012.redintelligence.net/request_content.php?s=52110700156516500710578011566012&a=64637693
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:14 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
rs
ad4m.at/ Frame DC9F 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ecc1b1c9164d85f071f98f143bbd8154a19fbf3857cde122243adf3dc2f8094

Request headers

Referer
https://ad4m.at/ad/dr?ed=1jt92n02s829jvrwa2xbyfasa3c28mdzf9zd5h4d79q6cygjz0cp4kygsnamn9t2nrkapp7b40afthn01xjzs0h4xn64nfv62gyxfr0rqcn5hbsqetqyn2jfjabd0k1zk2kpvmwvgyjy05va828een30h05dgs32mkf5rh34c9n7cawh3c9665a1br8bq0mjp3evqs03jsd88ggd09v8h5530raf9saxe15qtybatx7qa50p0by09hcqy7mbjd1w1f9xkvyj5bs3ftwcfwdqn5zvqj6cdmr44ksycc7dbjqd8r2m9a1cqejshqd5w6e7xn6najnmqqdjnx6d9h0ay2ky84kjebrtq9r9k21sd64x0s6nqr2nsxzht0dbbzh1v712eh6977gxkgds5g&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%26num%3D1%26sig%3DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%26client%3Dca-pub-1121228379837289%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Apr 2021 15:58:15 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-backend-server
rs-rvz5
cf-request-id
097d00921200004ac243b27000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q9%2FyrMLQ83ofvgtTpGJ4ILuMZ18ycD92mnDK68ADX91%2BWj17y7UOS6CQQUToB3qS2gUwCtD%2Bm46vgtrzo%2BngBRqVGA%2FkMd%2B9hJzMfmb1T1Oiq%2FDG"}],"max_age":604800,"group":"cf-nel"}
content-type
text/plain
access-control-allow-origin
https://ad4m.at
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
640e9d3019dd4ac2-FRA
rar
as.ad4m.at/ad/ Frame 6364 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97be87f9fefee747a77b8ba2e766c8ca5a49ac3bc1e19ae7dd1905d7549f1af
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:15 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d3305f0b3bf90a57fb1659e63616d7dfe1618588695; expires=Sun, 16-May-21 15:58:15 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
097d00924000004ac268059000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
640e9d306a7e4ac2-FRA
content-encoding
br
default.css
as.ad4m.at/ad/style/0.1.3/one-ad/ Frame 6364 		58 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.3/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:15 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
701911
cf-polished
origSize=59219
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
cf-request-id
097d00927c0000145a5e2d8000000001
cf-ray
640e9d30cef6145a-FRA
expires
Fri, 16 Apr 2021 16:58:15 GMT
C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
assets.ad4m.at/logo/ Frame 6364 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/C35143419725FFAB72E7F85B0896E2CE1CF38E8530EF6A0FABB9A59404159EF275766FB79658D3B5D6644C20EACFACC3D3AEC4962CC34DBF676104F9A9E97E4B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=L9xAnQ==, md5=7eHZFVWQuqeYNRiE/JSb0A==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159869
cf-polished
qual=85, origFmt=jpeg, origSize=42488
x-guploader-uploadid
ABg5-UyKkyCKHkQTuBpC6ojJAJPacp0rL3gXYsZZ0_pnVLo-RCEnBHssmdyuOaPZuYkrERlH0_wK54RYfQZqoSW5JA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12110
cf-request-id
097d00928400004ac2430ed000000001
last-modified
Thu, 25 Jun 2020 11:29:58 GMT
server
cloudflare
etag
"ede1d9155590baa798351884fc949bd0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nZdxVr4H%2FOTLa592Vm5RnNUcsT%2B%2BdY30l%2BtFXc6TwyLOHovUvk96kHe4IQcqXs8yqtjPkybLb%2BT31fXSA7kr%2B%2FSNKPAVCmqKzV1iIAbVLONPdcaXCfNyEt0tnA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1593084598972955
content-type
image/webp
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
42488
accept-ranges
bytes
cf-ray
640e9d30db9e4ac2-FRA
cf-bgj
imgq:85,h2pri
923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
assets.ad4m.at/product_image/ Frame 6364 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/923D00671464A79AB8F5A4D24C6EC1A73106E56CEC9EDBA6FEF5B85C7B989BE16BF3D56DE07928CA9478BB4C2FED672AA5830E4C9B7151DF5F61E460DF9EF305
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=15VnvA==, md5=DWn9kTb7sWn6Y1aNbHZabA==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
157529
cf-polished
qual=85, origFmt=jpeg, origSize=12438
x-guploader-uploadid
ABg5-Uy76jGOmIeWoMzfwzdNXg0SsZzzSpxA1Zn1k_IfsvaaxGxWbJrPtcKP3T_4qMlzzm1szmb_KY56fc8kx_kz24M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10372
cf-request-id
097d00928300004ac26b0a8000000001
last-modified
Fri, 18 Sep 2020 09:05:40 GMT
server
cloudflare
etag
"0d69fd9136fbb169fa63568d6c765a6c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vm2eRimhxXm1dIT3kEYlMEjzato%2BLAoB8HspK%2BbKz7SSqOeCASb%2BVI6nzO1cBW0%2BNZZ4lKcZN%2BPu%2BfnSCxYpI9ct6P%2F16fh1Yb5mSn35MGM33fsDE%2F4xyrFiVQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1600419940053465
content-type
image/webp
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
12438
accept-ranges
bytes
cf-ray
640e9d30db9a4ac2-FRA
cf-bgj
imgq:85,h2pri
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 6364 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
660064
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ABg5-UxQBpR50aLTfOHTnSolKDlUk4esqIgcvgor__-JXe_yS5iySdGbUs6i2A3EHDTR6EQTlF7njUYFEOs7OJevlQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39202
cf-request-id
097d00928400004ac2a6ba4000000001
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=couM%2FIIekRJuMs8Yacx5h2LEIwta%2FOd0aeGO9iOn%2FJivG5OD3pSoqfjZj7HyHlEuOIqE9vIk8tQUBn1RHD0XTDH3UNhVhbR6rhlOuIhy7972U2MhbFZvB12JZA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
640e9d30dba04ac2-FRA
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 6364 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304164
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ABg5-UxlJ0Zw2gfcJi9DtvvT8nwBXuqyCM0cxwmyRUd_5bNbBX6sVkGPju3OoSeipdGwxST92NcXepZxHhFSpLFvqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
115268
cf-request-id
097d00928300004ac25f2c6000000001
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2%2FymOAdjhnjpoZsAZRDZ%2Bn4LzkwY%2B9jcXX%2B20XQho4IpATcIbked6v7JAZWVvWVcMmSvie1srmuz2olGRe3i2X4eMvpQPetCO6Vb64FSuUDz9d%2FYZlZ1BSwWoQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
640e9d30db9b4ac2-FRA
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 6364 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneidPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkGoneid__suite_Netmix_Reach43_Monat&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:15 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 6364 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
153929
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ABg5-UzoVAfxQFgz6L9HcmHPW2e7eCBHNd0a2b8Kvrug8-8oPgzdAE-ChRdy7eBzZNRyXD7MxjB9gF3gK83zeR6hUB0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
cf-request-id
097d00928300004ac293204000000001
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IaHMkiF99mqnK4QeBoP%2F8af0pnAe6cqDE6eHLRQIarX2AGVaMzS9WDW%2FO0rN7mpIIZmMlvVT%2BcrmenFjha%2F9U1pwSdCuRD%2BMYilS3MvOqVUUsTKsXeC2KNWucg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
640e9d30db9c4ac2-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 6364 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c02e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Fri, 16 Apr 2021 15:58:15 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
288927
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ABg5-UxhW6sKGL1c2jInPII1J935sSbSV0DB0T-8fgBRZsD5cCQGuK6UCWTsje9QOtexmnxRi37xZPi9M795fv_WpSbNUyAf7w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85604
cf-request-id
097d00928400004ac2b398f000000001
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MWRlzW9O8znMilK%2BROPM3ztWu2oWsncGXe3xNKUJ%2BPuBcTzgplZDKyBWiQcxWEMCUpFg2aUXliTuiciRupIe4LYUmHTvJ%2FkwIgR8ngKIMWpqgqiGL09nO8PwBA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sat, 17 Apr 2021 15:58:15 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
640e9d30db9d4ac2-FRA
cf-bgj
imgq:85,h2pri
link.html
track.webgains.com/ Frame 6364 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
270d5b6e43b6139c4e15ad287facf84a1727695097d28ad8930c805662a58f14

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:15 GMT
Last-Modified
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 6364 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
6fbd64eb7de128a1f41e865dbd9aec4acb396c6b930006c83f2ce6727d56dfa5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:15 GMT
Last-Modified
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 6364 		60 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-61.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:05:01 GMT
via
1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)
last-modified
Thu, 15 Apr 2021 11:04:49 GMT
server
AmazonS3
age
17594
etag
"3cdddcb8ff5d7e818040764d312aec0c"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
61104
x-amz-cf-id
bQ4GB5uwA7OqxPN_C_HniDBldDjNWsEaoBHFRd1pX7cCon1iM32vuQ==
hit
diapi.webgains.com/2.0/ Frame 6364 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=.8a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TdijJ6NmF5iLs2dI_AIQjvEodUW2vqCRc7L1eLY6ReQs.BN1eN1RJ0mcK4rTOyQez9QrgPuVr914VecL57GY5BNv_2TjV.0X2&wgcookie=%7B%22wgifp12607%22%3A%5B%221384975%22%2C%2212607%22%2C%22713569%22%2C%22%22%2C%221618588695%22%2C%22%22%2C%22%22%2C%22%22%2C%221774108695%22%2C%22oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=a7cbc9281829dbb9ae095f9d4295934d&userIP=195.181.174.89&doAffectv=1&wgtime=1618588695
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&clickref=oneid8QjCDfM8FKRWagHJHEtqCkr3hwtwT1Moneid__suite_Netmix_Reach43_Monat&viewref=oneidz4pFRfEYabqxtpHBHMtqtzX4sbtwTrkoneid__suite_Netmix_Reach43_Monat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 6364 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidk8Zh5fQRkdu9d1f4HwHetBtV8GuPtjTgQoneid__adf_Netmix_Reach18_Singlesite&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:15 GMT
Last-Modified
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
hit
diapi.webgains.com/2.0/ Frame 6364 		79 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://diapi.webgains.com/2.0/hit?callback=hitCallback&wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TdijJ6NmTkA_i.uJtHoqvynx9MsFyxYM914Ve_clrKU.0Y.KI.IXVDK1civnEnSMtITxYMJ5tFFg4K1kl1BNlY6RcQpw.6VP&wgcookie=%7B%22wgifp280795%22%3A%5B%221384975%22%2C%22280795%22%2C%223247721%22%2C%22%22%2C%221618588695%22%2C%22%22%2C%22%22%2C%22%22%2C%221626364695%22%2C%22oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat%22%5D%7D&wgchecksum=b8139e9ee0b9d7be4685921f95c5bc62&userIP=195.181.174.89&doAffectv=1&wgtime=1618588695
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=3247721&wgcampaignid=1384975&js=1&nw=1&clickref=oneidX4dFzfPrHQ8ds6H4Het1CY8ph8tkTRMoneid__suite_Netmix_Reach43_Monat&viewref=oneid64rFefw3feAxfeHmHYtktxVmsmt1Tjgoneid__suite_Netmix_Reach43_Monat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.29.72.47 Leeds, United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
81-29-72-47.servers.dedipower.net
Software
Apache /
Resource Hash
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Connection
close
Content-Length
79
Content-Type
text/javascript;charset=utf-8
link.html
track.webgains.com/ Frame 6364 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneidgMza8frfdQxcBCbH8t5t2WGC9tQTmponeid__asuid7nqFF-O4Iwn6sVCCNvh_v2HPAKLXXXOmasuid__Stroeer_RON_160x600&wglinkid=3247721
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=43784%2C823%2C24673&b=64rFefw3feAxfeHmHYtktxVmsmt1Tjg%2CPJ4HBfEbaVkc9HjHbtMtVm1Fbt9TkG%2Cz4pFRfEYabqxtpHBHMtqtzX4sbtwTrk&f=X4dFzfPrHQ8ds6H4Het1CY8ph8tkTRM%2CbwqTQfYZs3JfYHbHzt8CjWYtetJTJP%2C8QjCDfM8FKRWagHJHEtqCkr3hwtwT1M&c=120&d=600&e=&g=07e7dec48f10c48df29fe0cd8e8c0654%2F10208301072749830684&i=27720%2C9719%2C20430&j=21%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_Monat&h=https%3A%2F%2Fad4m.at%2Fdct%3Fed%3D232gbr4v50j3csnbsg0m0tyhhgxz93mnpmyfn7ne70sy00sdvpznfbftf39jxeg4csm5dzktx0gm7d8g0nd99bpnbj6f3b742vhhyeb0dwpterxe1wkafphrs7a4kejr0dvjkh34ccwex1k5exhfex50swpgfq7jrsqnnxb42dthj2z7nxaze0gv66hzy6hg5srjc4hwvs5k4qd1nj330xexyz62xrye7g4e402syw0t6vvn2xpnhea0d2wa3maynr9zt%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCO5uqFLR5YMTmBIubgQeS24vQBpDhgYRctqjCivACwI23ARABIABglYKAgLAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQKgGID7mBi0PuACAKgDAaoE0AFP0BM7-La3KRYS0QcWKLEYjVAchHVFul-Kkf2juSsZwWVmZLErbGwjGpmg0UR4Tq3nd7WbHIMnhx3HDSXGZ8Y2IpJP5gJtkMtzCAKA1HvEKxDnLJ9mFenKhYR7D6V1seKOoqXCcNoEVgmJQH8eRaanFHMJf2BcwkY24Btb8PplYxZaFT8c4X5pR4wm3YoJ5yVibY3BXqocoLqp0PKwA0DP_u8ySCktnnAM6LnIyp-4AbpSsZ9WW0vX9aM4Bp8IFkEjypRWwtlt-4Y42L8aBDSk4AQBgAa-re3UsvPt13igBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgb2AcA0ggHCIDhgBAQAfoLAggBgAwB%2526num%253D1%2526sig%253DAOD64_1HJUsx1ph5qiGcSz01aNvkbRfE9g%2526client%253Dca-pub-1121228379837289%2526adurl%253D&y=0&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:16 GMT
Last-Modified
Fri, 16 Apr 2021 15:58:16 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fp_decode.html
track.webgains.com/ Frame 6364 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TdijJ6Nl_9iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB0D9.tJ9XvjBzCpU_CvqCSFQ_01kKJA237lY5BSmWjMk.6Ep
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
fp_decode.html
track.webgains.com/ Frame 6364 		63 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/fp_decode.html?wgpayload=s0a44iFBBNlY5Du4UXuKrnZ2CI9XkPrwVL6tqAhbrmQmkqlE4Ww.GEFF0Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6STpjB9TjQDKMhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt.gEngMQEjZr_WhXTA2s.XTVV26y8GGEDd5ihORoVyFGh8cmvSuCKzIlnY6xljQlpRDuxfTNJxTqRejPm8LKfAaZ4ySy.aPjftcktBttIVugwcAuyPBDjaY2ftckuyPBB2SCX0iakJ0TdijJ6Nl_0iLs2dI_AIQjvEodUW2vqCRc7L1eLY6Rhw.5B0KB0D9.tJ9XvjBzCpU_CvqCSFQ_01kKJA237lY5BSmWjMk.CBH
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN24931 (DEDIPOWER, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e

Request headers

Accept
application/json
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 16 Apr 2021 15:58:15 GMT
Server
Apache
Connection
close
Keep-Alive
timeout=1, max=100
Content-Length
63
Content-Type
application/json
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22314202cdc84c2aefd4f87a815f2c77f570597df6988c5f5f275179a9b864f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 16 Apr 2021 15:58:16 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tracking-event
api.webgains.io/ Frame 6364 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Apr 2021 15:58:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tech-essence-clk.min.js
analytics-wg.webgains.io/ Frame 6364 		44 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics-wg.webgains.io/tech-essence-clk.min.js
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.245.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-245-61.cph50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 11:05:02 GMT
via
1.1 c4cfd693df2d3c329a667c606d9185f1.cloudfront.net (CloudFront)
last-modified
Tue, 02 Feb 2021 10:42:29 GMT
server
AmazonS3
age
17600
etag
"8c03dbb33c82f21c7644b0fbe99c300a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
45522
x-amz-cf-id
ZoqO-A7DXU17zYcHSjjKNFjpRv19O5DRzQ8uhkc4l9ERxGLyy3vu7g==
tracking-event
api.webgains.io/ Frame 6364 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PHP/7.3.27
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 16 Apr 2021 15:58:16 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.3.27
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
52.213.184.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 16 Apr 2021 15:58:16 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
tag
w-it.m-t.io/ Frame 6364 		18 B
205 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/tag?type=impr&date=1618588696321
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:16 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
x-cloud-trace-context
ad57aafe855a31ee6784374e1c14dfa3
cache-control
private
content-length
38
track
w-it.m-t.io/ Frame 6364 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://w-it.m-t.io/track?campaignId=1384975&clickId=280795_1384975_16185886952644_b2e66e3296&programId=280795&expiry=1626364695&acc=wg&scriptTag=&type=postview&indicator=e5ac9fe9715a5705db8acd899076e7ed&
Requested by
Host: analytics-wg.webgains.io
URL: https://analytics-wg.webgains.io/tech-essence-clk.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-cloud-trace-context
d0c6dac61347f6235d1d132c8b53bde2
server
Google Frontend
date
Fri, 16 Apr 2021 15:58:16 GMT
content-length
0
content-type
application/javascript;charset=utf-8
ixmatch.html
js-sec.indexww.com/um/ Frame CDCE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 16 Apr 2021 15:58:17 GMT
Content-Length
1151
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9B23 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131446
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:17 GMT
Connection
keep-alive
Vary
Accept-Encoding
Cookie set beacon
ap.lijit.com/ Frame 537C
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13414900
  • https://ap.lijit.com/beacon?informer=13414900&dnr=1
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13414900&dnr=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b02ce4b4fb56f84ab77471619eb323073304ccab86813fffa85fe1e9484f8dea

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=235675bcc26f1dc16132face
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Server
nginx
Date
Fri, 16 Apr 2021 15:58:17 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxlkDkSgEAIBP%2BysQHsweHXLP9uuWVCGzbHMMPVtJ1qGuZL0o9mtjk9o7%2FcK46KrpWXCCoq2Pj0NcfcfRzITP9VAprwGLgRcBkTvMDMzH046vb9bGhs9pppQG9Cbya%2BhvnFvFId3Q%2F2lleX;Path=/;Domain=.lijit.com;Expires=Sat, 16-Apr-2022 15:58:17 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=235675bcc26f1dc16132face;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

Server
nginx
Date
Fri, 16 Apr 2021 15:58:17 GMT
Content-Length
0
Set-Cookie
ljt_reader=235675bcc26f1dc16132face;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13414900&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
checksync.php
contextual.media.net/ Frame 6670 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e0a0e8674efc69641d7f56aeb43202e89fe413a4498e95ea0c88b354749372f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 18 Oct 2021 15:58:17 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 18 Apr 2021 15:58:17 GMT
date
Fri, 16 Apr 2021 15:58:17 GMT
content-length
7622
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9C17 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 16 Apr 2021 15:58:17 GMT
Age
29846035
X-Served-By
cache-lga21949-LGA, cache-fra19157-FRA
X-Cache
HIT, HIT
X-Cache-Hits
652004, 556558
X-Timer
S1618588698.965542,VS0,VE0
Vary
Accept-Encoding
bounce
secure.adnxs.com/ Frame 9C17
Redirect Chain
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
0
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.29:80
AN-X-Request-Uuid
5bf1d8ed-9077-4219-883a-c21409529909
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.219:80
AN-X-Request-Uuid
4ecad9b6-8f20-41f3-a887-2e184be4ef9e
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 02FD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5bdb573856189434fab1ab335af9aa777e5ccceab6aaa028db84e95a62659ddb

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHm0GVWjPNrF95VifP7QXQAA; CMPS=5221
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|45|152|190|81|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1711
Expires
Fri, 16 Apr 2021 15:58:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Set-Cookie
CMID=YHm0GVWjPNrF95VifP7QXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:58:18 GMT CMPS=5221;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:58:18 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:58:18 GMT CMST=YHm0GmB5tBoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 17 Apr 2021 15:58:18 GMT CMRUM3=516079b41a05a0&f16079b41a05a0&2e6079b41a05a0&e66079b41a27600&be6079b41a05a0&2d6079b41a05a0&986079b41a05a00&276079b41a0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:58:18 GMT

Redirect headers

Server
Apache
Content-Length
342
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 16 Apr 2021 15:58:18 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Set-Cookie
CMID=YHm0GVWjPNrF95VifP7QXQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 16 Apr 2022 15:58:17 GMT CMPS=5221;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 15 Jul 2021 15:58:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9B23 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=7588192&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6cd7211819bf8d7a3dccff19e5b3589417006d21a049191e5dad658a3cb9bbb4

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:16 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 537C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl&google_tc=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
reporting
ap.lijit.com/dsp/google/ Frame 537C
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=MjM1Njc1YmNjMjZmMWRjMTYxMzJmYWNl
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tum
ums.acuityplatform.com/ Frame 537C 		0
0
sync
x.bidswitch.net/ Frame 537C 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0
43 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0
Date
Fri, 16 Apr 2021 15:58:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Tengine
ETag
OPTOUT
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=2159827870193185418
43 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=2159827870193185418
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=2159827870193185418
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:17 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 537C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
10af108baa8103fb427a2cc0433d74a0
Content-Type
image/gif
generic
data.adsrvr.org/track/cmf/ Frame 537C 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.19.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=LgUIFmioj1QiqIzGjWlC&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LgUIFmioj1QiqIzGjWlC&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LgUIFmioj1QiqIzGjWlC&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT, Fri, 16 Apr 2021 15:58:18 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 537C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
no_match_opted_out
um.simpli.fi/ Frame 537C
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1618588697989&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 16 Apr 2021 15:58:18 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Thu, 15 Apr 2021 15:58:18 GMT
svr
match.prod.bidr.io/cookie-sync/ Frame 537C 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.158.183 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:19 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 537C 		45 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=sov&ovsid=235675bcc26f1dc16132face&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1023%263pid%3D%24%7BUSER%7D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.144.24 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 16 Apr 2021 15:58:18 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 16 Apr 2021 15:58:18 GMT
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=235675bcc26f1dc16132face&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 15:59:45 GMT
Server
MT3 3660 495c301 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 15:59:44 GMT
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=235675bcc26f1dc16132face/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=235675bcc26f1dc16132face/pv=y?https://ce.lijit.com%2Fmerge%3Fpid%3D5001%263pid%3D%24%7Bprofile_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=e14c7fe12f0f47473fdd1d0b4543958a&gdpr=1&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=e14c7fe12f0f47473fdd1d0b4543958a&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=e14c7fe12f0f47473fdd1d0b4543958a&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.7.8
content-length
0
expires
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 537C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=Ho8Dcpxi67mb&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=Ho8Dcpxi67mb&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=Ho8Dcpxi67mb&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-p7n7w
expires
-1
iu3
aax-eu.amazon-adsystem.com/s/ Frame 537C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:19 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=n80t7MvJK7SEzCq2m8g34MjFebeExCm3kMsDgT3j
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=n80t7MvJK7SEzCq2m8g34MjFebeExCm3kMsDgT3j
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=n80t7MvJK7SEzCq2m8g34MjFebeExCm3kMsDgT3j
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 537C
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=235675bcc26f1dc16132face&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:d6277069e0a14a362e5e07d5b2593d86
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:d6277069e0a14a362e5e07d5b2593d86
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:d6277069e0a14a362e5e07d5b2593d86
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-20-9.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
Cookie set merge
ce.lijit.com/ Frame 5616
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3980366426717056038&gdpr=1&gdpr_consent=
43 B
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3980366426717056038&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=235675bcc26f1dc16132face; ljtrtbexp=eJxlkDkSgEAIBP%2BysQHsweHXLP9uuWVCGzbHMMPVtJ1qGuZL0o9mtjk9o7%2FcK46KrpWXCCoq2Pj0NcfcfRzITP9VAprwGLgRcBkTvMDMzH046vb9bGhs9pppQG9Cbya%2BhvnFvFId3Q%2F2lleX
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Fri, 16 Apr 2021 15:58:18 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_1=3980366426717056038;Path=/;Domain=.lijit.com;Expires=Sat, 16-Apr-2022 15:58:18 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDkSgEAIBP%2BysQHsweHXLP9uuWVCGzbHMMPVtJ1qGuZL0o9mtjk9o7%2FcK46KrpWXCCoq2Pj0NcfcfRzITP9VAprwGLgRcBkTvMDMzH046vb9bGhs9pppQG9Cbya%2BhvnFvFId3Q%2F2lleX;Path=/;Domain=.lijit.com;Expires=Sat, 16-Apr-2022 15:58:18 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=235675bcc26f1dc16132face;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=3980366426717056038; Domain=.turn.com; Expires=Wed, 13-Oct-2021 15:58:18 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=3980366426717056038&gdpr=1&gdpr_consent=
content-length
0
date
Fri, 16 Apr 2021 15:58:17 GMT
cm
us-u.openx.net/w/1.0/ Frame 385E
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
ead00f4a33e0a41d92d28a5d9c2fe376ef4f317bdb703e51eb715333929e23ba

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=5c9142de-f016-03be-2842-98e83d9368da|1618588698
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=5c9142de-f016-03be-2842-98e83d9368da|1618588698; Version=1; Expires=Sat, 16-Apr-2022 15:58:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618588698|gekin0vNiygu; Version=1; Expires=Sat, 01-May-2021 15:58:18 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
text/html
content-length
477
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=5c9142de-f016-03be-2842-98e83d9368da|1618588698; Version=1; Expires=Sat, 16-Apr-2022 15:58:18 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Fri, 16 Apr 2021 15:58:18 GMT
content-length
0
via
1.1 google
alt-svc
clear
0608867b
rtb.gumgum.com/usync/ Frame 0E30 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
aa6343f449592ee4dfaa04183db7b2226ad1e8559d95f9f262d9e15c1fae7d39

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb; Domain=.gumgum.com; Expires=Sat, 16-Apr-2022 15:58:18 GMT; Path=/; Secure; SameSite=None
etag
W/"093cf825bb9fdc72fed528c89ab069ff5"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 787F 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=136139
Expires
Sun, 18 Apr 2021 05:47:17 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1883 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=136139
Expires
Sun, 18 Apr 2021 05:47:17 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 02FD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YHm0GVWjPNrF95VifP7QXQAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.19.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 02FD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEO2yp7EnNSGTzEOjpvq5CjE&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEO2yp7EnNSGTzEOjpvq5CjE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEO2yp7EnNSGTzEOjpvq5CjE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 02FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YHm0GVWjPNrF95VifP7QXQAABHMAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 02FD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHm0GVWjPNrF95VifP7QXQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkjVwcNJvp69pUa7KKPcTY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkjVwcNJvp69pUa7KKPcTY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPkjVwcNJvp69pUa7KKPcTY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 02FD
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a919b4a-1b6b-448a-9c18-b141d4515617
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a919b4a-1b6b-448a-9c18-b141d4515617
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:18 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0a919b4a-1b6b-448a-9c18-b141d4515617
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
getuid
ib.adnxs.com/ Frame 02FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 02FD
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=G7cBbU-zBzUAtgY3H7IbYUy_VTYAvgU2FLEkbUI1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=G7cBbU-zBzUAtgY3H7IbYUy_VTYAvgU2FLEkbUI1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 15:58:18 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=G7cBbU-zBzUAtgY3H7IbYUy_VTYAvgU2FLEkbUI1
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
secure.adnxs.com/ Frame 02FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 02FD 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHm0GVWjPNrF95VifP7QXQAA%261139
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2461
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 16 Apr 2021 16:39:19 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E24D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131445
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync.aspx
dis.criteo.com/dis/ Frame 58E7 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=7588192&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 16 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1272
date
Fri, 16 Apr 2021 15:58:17 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B827
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5849338472973247117
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5849338472973247117
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=7588192&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 16 Apr 2021 15:58:19 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-5849338472973247117; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 16-May-2021 15:58:19 GMT; path=/ PugT=1618588699; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 16-May-2021 15:58:19 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 15-Jul-2021 15:58:19 GMT; path=/
X-lat
lhrpug009:0:309
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5849338472973247117
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TNgSeon3SfCusQvHJGSAEQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=136139
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 18 Apr 2021 05:47:17 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9B23 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=4CD8127A-89F7-49F0-AEB1-0BC724648011
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
640e9d436acb2b7d-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
097d009e1f00002b7dc8158000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 9B23
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:15 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:15 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=4CD8127A-89F7-49F0-AEB1-0BC724648011&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CD8127A-89F7-49F0-AEB1-0BC724648011&addseg=19,36,42
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CD8127A-89F7-49F0-AEB1-0BC724648011&addseg=19,36,42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=4CD8127A-89F7-49F0-AEB1-0BC724648011&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
Pug
image2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NENEODEyN0EtODlGNy00OUYwLUFFQjEtMEJDNzI0NjQ4MDEx&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:19 GMT
X-lat
lhrpug009:0:447
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV5ewDW1V7aXe-FmLgD11M&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV5ewDW1V7aXe-FmLgD11M&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:19 GMT
X-lat
lhrpug014:0:440
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHV5ewDW1V7aXe-FmLgD11M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 9B23 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 15 Apr 2021 15:58:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4de3eb87-d40a-4664-b3c9-0690918ecffd
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4de3eb87-d40a-4664-b3c9-0690918ecffd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
X-lat
lhrpug020:0:441
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=4de3eb87-d40a-4664-b3c9-0690918ecffd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3908127221052500125
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3908127221052500125
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
X-lat
lhrpug018:0:351
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3908127221052500125
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
X-lat
lhrpug008:0:352
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 16 Apr 2021 15:59:45 GMT
Server
MT3 3660 495c301 master cdg-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 15:59:44 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3529291659560817583&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3529291659560817583&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:19 GMT
X-lat
lhrpug016:0:524
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 722.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.164:80
AN-X-Request-Uuid
0dfe7269-94e6-43bd-8700-b10a70de6f6d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3529291659560817583&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=d12c6f2f-bf34-49c0-9249-d4ccffd42f72
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=fe7dd501-df4a-4c0e-bbfc-7eb3e828e9b0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d12c6f2f-bf34-49c0-9249-d4ccffd42f72&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d12c6f2f-bf34-49c0-9249-d4ccffd42f72&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
X-lat
lhrpug020:0:338
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d12c6f2f-bf34-49c0-9249-d4ccffd42f72&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
4CD8127A-89F7-49F0-AEB1-0BC724648011
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9B23 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/4CD8127A-89F7-49F0-AEB1-0BC724648011?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 9B23
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=4CD8127A-89F7-49F0-AEB1-0BC724648011&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1Yjcj65E2uWgHEe4_Z9f_dPy_0tF8.Y-~A&gdpr=0&gdpr_consent=
0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1Yjcj65E2uWgHEe4_Z9f_dPy_0tF8.Y-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Fri, 16 Apr 2021 15:58:17 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8

Redirect headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1Yjcj65E2uWgHEe4_Z9f_dPy_0tF8.Y-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame C119 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131445
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 0E30
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=3529291659560817583
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=3529291659560817583
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:21 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:21 GMT
X-Proxy-Origin
195.181.174.89; 195.181.174.89; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.88:80
AN-X-Request-Uuid
356495c9-776a-49a0-ab39-35acab8815c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=3529291659560817583
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 0E30 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.172.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
redirectObuid
sync.outbrain.com/ Frame 0E30 		0
0
usersync
rtb.gumgum.com/ Frame 0E30
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=7800d9f7-7184-041f-15ef-40ed91e45a61
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=7800d9f7-7184-041f-15ef-40ed91e45a61
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=7800d9f7-7184-041f-15ef-40ed91e45a61
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
sync.srv.stackadapt.com/ Frame 0E30 		0
0
usersync
rtb.gumgum.com/ Frame 0E30
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-QH6fcOdE2peGZDVQXMdxFrtzay0AKjCGgqHD~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-QH6fcOdE2peGZDVQXMdxFrtzay0AKjCGgqHD~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-QH6fcOdE2peGZDVQXMdxFrtzay0AKjCGgqHD~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
generic
sync.ipredictive.com/d/sync/cookie/ Frame 0E30 		0
0
services
sync.technoratimedia.com/ Frame 0E30 		0
0
142
match.deepintent.com/usersync/ Frame 0E30 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 0E30 		0
0
server_match
ad.360yield.com/ Frame 0E30 		0
0
usersync
rtb.gumgum.com/ Frame 0E30
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=953925536
  • https://sync.1rx.io/usersync/tradedesk/4de3eb87-d40a-4664-b3c9-0690918ecffd
  • https://sync.targeting.unrulymedia.com/csync/RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-8b6de941-2dc2-406a-bc98-f4147fef577c-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
Tengine
ETag
RX8b6de9412dc2406abc98f4147fef577c003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-8b6de941-2dc2-406a-bc98-f4147fef577c-003
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame 0E30
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=XHNChX4tr4Th&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=XHNChX4tr4Th&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=XHNChX4tr4Th&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-bknrw
expires
-1
merge
ce.lijit.com/ Frame 0E30 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame B0E2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
552 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
text/html
content-length
552
server
nginx

Redirect headers

Date
Fri, 16 Apr 2021 15:59:45 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master cdg-pixel-x25
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=11246079-b41a-4f00-9e39-ea7a0c9a182a&gdpr=1&gdpr_consent=
Expires
Fri, 16 Apr 2021 15:59:44 GMT
usersync
rtb.gumgum.com/ Frame AACD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg
  • https://rtb.gumgum.com/usersync?b=atm&i=YHm0GgAAKr7IcgBg&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg
0
0
pixel
cm.g.doubleclick.net/ Frame A255 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV85MTdjOTY3Ni03Y2IwLTRmMzMtOGU3Yi02MzlmYzU3NzhlZWI=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV85MTdjOTY3Ni03Y2IwLTRmMzMtOGU3Yi02MzlmYzU3NzhlZWI=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl8K7hqMLfmdYzjNg1rivubQfB-KOSvs4QobbHo0yAoa8PzZcfZKGK636Kp5lg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Fri, 16 Apr 2021 15:58:18 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1423 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=136139
Expires
Sun, 18 Apr 2021 05:47:17 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame E449 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.19.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TDID=4de3eb87-d40a-4664-b3c9-0690918ecffd; TDCPM=CAEYBSgCMgsItLy-6-W-wDkQBTgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame EA62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Fri, 16 Apr 2021 15:58:21 GMT
content-length
0
idsync
tg.socdm.com/aux/ Frame 8166 		0
0
usersync
rtb.gumgum.com/ Frame 1103
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870193185418
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=2159827870193185418
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=2159827870193185418
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Fri, 16 Apr 2021 15:58:18 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAADvEyGtoZmhhamFhZmlhaGCxSgyJb2RgBACzechXIAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 May 2022 15:58:18 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzC0NDa0MDUxtBDiM9TNN7FM9kl1y800rPCS4jU0A8pYWJhZWhgamAMA9DGoGDQAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 11 May 2022 15:58:18 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzC0NDa0MDUxtBDiM9TNN7FM9kl1y800rPACAFE0buslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=2159827870193185418
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 1FA1
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.236.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Fri, 16 Apr 2021 15:58:18 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Fri, 16 Apr 2021 15:58:18 GMT Fri, 16 Apr 2021 15:58:18 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=LgUIFmioj1QiqIzGjWlC&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
merge
ce.lijit.com/ Frame 385E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=e3d3a347-b325-0644-3528-e6a621056475&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 16 Apr 2021 15:58:18 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 385E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=11246079-b41a-4f00-9e39-ea7a0c9a182a
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=11246079-b41a-4f00-9e39-ea7a0c9a182a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 16 Apr 2021 15:59:45 GMT
Server
MT3 3660 495c301 master cdg-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=11246079-b41a-4f00-9e39-ea7a0c9a182a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 16 Apr 2021 15:59:44 GMT
sd
us-u.openx.net/w/1.0/ Frame 385E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=StmD-B7dhaBR2ISiTtyZ9B3R16NR0IejRd8ohZj5
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=StmD-B7dhaBR2ISiTtyZ9B3R16NR0IejRd8ohZj5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=StmD-B7dhaBR2ISiTtyZ9B3R16NR0IejRd8ohZj5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 385E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3908127221052500125
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3908127221052500125
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3908127221052500125
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 385E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=8f3d7d87-5991-3c49-7294-500059b45b27&gdpr=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.19.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 385E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTM1MmFlNGQtOTBlNi02MmVkLTY3NzQtMGFiOTkzNTY5NTQ3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 385E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKC7Rzfw493B6PLl0V23NdI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKC7Rzfw493B6PLl0V23NdI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 16 Apr 2021 15:58:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKC7Rzfw493B6PLl0V23NdI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1835 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131445
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:18 GMT
Connection
keep-alive
Vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 9B23 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157856&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:19 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
showad.js
ads.pubmatic.com/AdServer/js/ Frame E24D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223; KRTBCOOKIE_27=16735-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&16736-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23019-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23114-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a; PUBMDCID=3; KRTBCOOKIE_466=16530-d12c6f2f-bf34-49c0-9249-d4ccffd42f72; KRTBCOOKIE_391=22924-3908127221052500125&KRTB&23263-3908127221052500125; KRTBCOOKIE_377=6810-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&22918-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&23031-4de3eb87-d40a-4664-b3c9-0690918ecffd; KRTBCOOKIE_336=5844-5849338472973247117; PugT=1618588699; KRTBCOOKIE_80=16514-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&22987-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&23025-CAESEHV5ewDW1V7aXe-FmLgD11M; KRTBCOOKIE_57=22776-3529291659560817583; SPugT=1618588699; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131442
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame E24D 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=28269239&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:20 GMT
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame C119 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223; KRTBCOOKIE_27=16735-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&16736-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23019-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23114-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a; PUBMDCID=3; KRTBCOOKIE_466=16530-d12c6f2f-bf34-49c0-9249-d4ccffd42f72; KRTBCOOKIE_391=22924-3908127221052500125&KRTB&23263-3908127221052500125; KRTBCOOKIE_377=6810-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&22918-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&23031-4de3eb87-d40a-4664-b3c9-0690918ecffd; KRTBCOOKIE_336=5844-5849338472973247117; PugT=1618588699; KRTBCOOKIE_80=16514-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&22987-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&23025-CAESEHV5ewDW1V7aXe-FmLgD11M; KRTBCOOKIE_57=22776-3529291659560817583; SPugT=1618588699; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131442
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame C119 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64621772&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:19 GMT
Content-Length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1835 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=4CD8127A-89F7-49F0-AEB1-0BC724648011; chkChromeAb67Sec=1; DPSync3=1619740800%3A201_227_226_221; SyncRTB3=1619740800%3A56_7_161_3_21_13_54_220_71%7C1619827200%3A35%7C1619395200%3A63%7C1619136000%3A223; KRTBCOOKIE_27=16735-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&16736-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23019-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a&KRTB&23114-uid:11246079-b41a-4f00-9e39-ea7a0c9a182a; PUBMDCID=3; KRTBCOOKIE_466=16530-d12c6f2f-bf34-49c0-9249-d4ccffd42f72; KRTBCOOKIE_391=22924-3908127221052500125&KRTB&23263-3908127221052500125; KRTBCOOKIE_377=6810-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&22918-4de3eb87-d40a-4664-b3c9-0690918ecffd&KRTB&23031-4de3eb87-d40a-4664-b3c9-0690918ecffd; KRTBCOOKIE_336=5844-5849338472973247117; PugT=1618588699; KRTBCOOKIE_80=16514-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&22987-CAESEHV5ewDW1V7aXe-FmLgD11M&KRTB&23025-CAESEHV5ewDW1V7aXe-FmLgD11M; KRTBCOOKIE_57=22776-3529291659560817583; SPugT=1618588699; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=131442
Expires
Sun, 18 Apr 2021 04:29:03 GMT
Date
Fri, 16 Apr 2021 15:58:21 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 1835 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=55956631&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 16 Apr 2021 15:58:21 GMT
Content-Length
0
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=235675bcc26f1dc16132face&gdpr=1&gdpr_consent=
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=e_917c9676-7cb0-4f33-8e7b-639fc5778eeb&gdpr=1&gdpr_consent=&us_privacy=
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/usersync?b=atm&i=YHm0GgAAKr7IcgBg&gdpr=1&gdpr_consent=&_test=YHm0GgAAKr7IcgBg
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
cloudflareinsights.com
URL
https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| LPPreInit object| googletag function| pbBds object| pbjs object| apstag object| dataLayer object| adsbygoogle object| ggeac object| google_js_reporting_queue object| google_tag_manager function| $ function| jQuery string| dataSpace string| dataSpaceStyle string| dataSpaceAnimated object| effect function| effectsEffectSlide object| LP object| LPCookie object| LPErrorType object| LPError object| SW object| gL object| mL object| _gaq object| _qevents object| _atrk_opts number| curtop function| pbjsChunk object| _pbjsGlobals number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter string| google_user_agent_client_hint boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _gat object| gaGlobal function| atrk boolean| _atrk_fired function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired string| pubcidCookie function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager number| panelWidth object| $cols

16 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnH3S5WidvVEODRyGQhzcCesmDKmRanXJg_qC_uLp4aldgA0Pqe7Qs7XV5G2lk
.lotterypost.com/ Name: __gads
Value: ID=86e803ec4fcc24bb-22ee5fbe8da700a5:T=1618588691:RT=1618588691:S=ALNI_MaJaKylcdxIphdKu-z4evVjN9kx2g
.lotterypost.com/ Name: __qca
Value: P0-2048478153-1618588691834
.lotterypost.com/ Name: __utmt_UA-7096458-1
Value: 1
.lotterypost.com/ Name: __asc
Value: 45619206178db676d5b4bc406e5
.lotterypost.com/ Name: __utmz
Value: 130209170.1618588692.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.lotterypost.com/ Name: __utma
Value: 130209170.2079754204.1618588692.1618588692.1618588692.1
.lotterypost.com/ Name: __cf_bm
Value: 228c8e6ff775a537b2ec477af172ef11c693b8c4-1618588691-1800-AUSyvAjmHul814somRdR9tz5C5/s39eVkl8iJmH9zB2wsbvA8adGR9qZxrZvjh2MA59cObrlyxRPN5yh8NFjZns=
.lotterypost.com/ Name: f
Value: a=44302.4987421991
.lotterypost.com/ Name: __utmb
Value: 130209170.1.10.1618588692
www.lotterypost.com/ Name: ASP_Session
Value: AGQRCCSR/IKNAGCJAKDHOLCOJEEFCLDEA
.lotterypost.com/ Name: __auc
Value: 45619206178db676d5b4bc406e5
www.lotterypost.com/ Name: tz
Value: 1
www.lotterypost.com/ Name: g
Value: a=44302.4987421991&b=44302.512631088&c=%2f&d=
.lotterypost.com/ Name: __utmc
Value: 130209170
.lotterypost.com/ Name: __cfduid
Value: d48b791783a756e0ee84b8adcc2e10a081618588691

5 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]
console-api log URL: https://analytics.webgains.io/pvClk.min.js(Line 1)
Message:
Webgains [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1344f4aaf3164c3609223a361fe72f64.safeframe.googlesyndication.com
8019191.fls.doubleclick.net
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-server.eu
ad.360yield.com
ad.turn.com
ad4m.at
ad4mat.net
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics-wg.webgains.io
analytics.webgains.io
aorta.clickagy.com
ap.lijit.com
api.webgains.io
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
bh.contextweb.com
c.amazon-adsystem.com
c.deployads.com
c1.adform.net
cdn.ampproject.org
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cloudflareinsights.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
d.turn.com
d5p.de17a.com
data.adsrvr.org
dclk-match.dotomi.com
diapi.webgains.com
dis.criteo.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900012.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
lp.vg
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.media.net
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tpc.googlesyndication.com
track.webgains.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
w-it.m-t.io
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lotterypost.com
www.lotterypost.us
x.bidswitch.net
ad.360yield.com
b1sync.zemanta.com
cloudflareinsights.com
match.deepintent.com
rtb.gumgum.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
ums.acuityplatform.com
104.108.144.24
104.111.239.217
13.33.139.122
13.33.139.61
142.250.186.134
142.250.74.194
143.204.245.61
143.204.247.127
151.101.114.49
151.101.13.108
159.253.128.183
172.217.16.130
176.9.26.250
178.250.0.163
18.156.0.31
18.195.155.181
184.30.20.198
184.30.20.241
185.184.8.30
185.29.135.233
185.33.220.243
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.64.190.81
193.0.160.128
198.148.27.139
2001:678:cb4:bbbb::11
213.155.156.164
213.19.147.150
216.52.2.48
216.58.212.162
2600:1901:0:76b9::
2600:9000:215d:f600:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:3031::ac43:c203
2606:4700:3032::ac43:aa7a
2606:4700:3039::6815:c02e
2606:4700::6810:5e41
2606:4700::6812:12ad
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1450:4001:801::2001
2a00:1450:4001:801::2006
2a00:1450:4001:802::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::2013
2a00:1450:400c:c0d::9b
2a02:fa8:8806:12::1370
3.121.49.210
3.126.63.176
34.253.111.115
35.158.172.137
35.186.193.173
35.190.0.66
35.201.96.126
35.244.159.8
37.157.2.239
37.252.172.249
46.228.164.11
46.228.164.13
46.236.13.147
51.38.145.136
52.17.19.0
52.21.173.249
52.213.184.2
52.30.130.191
52.57.110.162
52.95.118.60
54.154.158.183
54.229.236.120
54.236.220.178
54.239.17.112
54.76.176.197
66.155.71.25
69.173.144.165
72.251.249.14
77.243.60.138
8.43.72.97
81.29.72.47
88.198.250.30
94.130.102.164
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0aa8a98815f30b08d5b9926baeeb77a563419be758831369e9dda940ab8bc843
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
107fdfb8c09e15d086a022f0fd713de430c49e6a2b6d5055479a4fdb9ba83831
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
11d5cc5bb3db6c56fb91f9068e7f4741f6212c8e2e5546b17039c1c58720fb83
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f
1745a1401c5d91a731889be5f0ccb87d6f7bf36743c29d9c97f3aa6413a7fec1
17b47a1ed2cd2e1ec86f4735497e2956eb34be0a66fc20b427148f65c6ebaca5
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19a5ffd58944a450998c8d090041db7f1d81656bd62f6e8f7c1f88c3b5874226
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
21684099693050fe6fecb937bb35c94dac2dc990158ed38a53d44ae28fd9c6e8
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
231064110361844d6320331a5c35979c2a492a546604d97181eb6cf7aa4ae1cd
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
270d5b6e43b6139c4e15ad287facf84a1727695097d28ad8930c805662a58f14
271a7863742e3fe621ccd4e0d8df6ffbb2ff17c43a51c88d43d5eff88b1e1f09
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
316d3c9b5cdc2fd4aa66557d67b2f0ef8b00a0c5690ec34ff6bbfce02c4e2f97
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96
399fe23830fef8f21ff2a1099c7bdbc32a428239628d0457209e44d5fe7a0ff3
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd
3e55f397887c18ab8f9b2744024b99ab9715d67bef21f8d426075b5cd753ff77
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42e9ebca41921709f72efe4ebb20e7dd260056b5d65e308cc173fa0efcb9994a
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da
47ec02e18941bc1fe215e0bf1b47eaef6dd674b8adfb18d17e980203a94b9ff4
4832f5768a8d71f5e7504a48274d822a72e79b39fe43a071c13852097da8ec6b
484ceb31010afab0e404c529944acf5f2a292df0568236cd715bd46f6e5bbae4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf094bb5fdbb58ada2fe3c5241c7ebde724561c670eb2d84c18aa8a4768f9c
4905a742ec40bb99e91d6877bae12d79284ba3e1e8a42399f7bb2c3781fd3ae6
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046
494627acb3c86254c238efaf66afcaf30d4293c7512a37a72b51a380d55e3880
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a5425467472328a9743b7d4a74de926d54793cf0f9f29c5f72d41d7a1a2c05f
4a95ecd5c8a3ad9a1ff6b159f0ea2ed7a735a2f8a248ba6ab6e2e5323a994a91
4b2ce80074776f789855beb57b80e9f164b76d64decdc94ba8f19891a3c5877c
4bcba6ca13d0bf1606176d2408363d0370505b999089d312da533a86406ba2e3
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e7af089831c1d1b017486f70f4dc574e40dc4ddb021d24729c09a9e50726d53
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320
5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8
52c1c34e49518a13cabcf9797deadbc90494c121b932055f4e76df3e41246539
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54cfeb312fbced92621fda8a14715ae02264d042b03d72f9e8a9b69a3037ac7f
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
5af2a6285f74827dc882012e5118cfce59be0d9e07c63b29b57c9ab881d01ad1
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
5bdb573856189434fab1ab335af9aa777e5ccceab6aaa028db84e95a62659ddb
5c353a7df4509c03ee62b7a07151c20d68aa8f4b751aa46c99124e06d1836ad8
5d3d9bb0ba3773b81aa3b09d6e9c054344d1820643104e737fd37adc0fc544de
5d6e4b944d7dfa6d82cf80c5522e9622153cc142ee3b9c9cbed50d93be93fef0
5ecc1b1c9164d85f071f98f143bbd8154a19fbf3857cde122243adf3dc2f8094
5fbf862e5bba81178f9115e527f2482c8b37b938caa2a8c0e87ccdcbb68945fe
5fd55da8747d933410bb637571802aca2eedf3314039722e2b9d6f37afdad97e
611c31ecafe54c74f78e765296e1b04c0e51ecdc5f7d62c0c3441732aca01964
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6185c80f7b41f9421d3dc1422ac5ad210f66469912f6a002065c9c34db986aff
62b020621433d9b36c6cd205eef856aeeb0d1164f9a723ae76fc80a2f0aecda7
640369f6c6077f653b23e771413d37faa76a6ec7d06bc240313dd974fbe02cad
64cbefebb05811e3c7209d4f48e43973975994c09a33d31859cd284cd317e458
652c6793a9836f9767f624c9ff38f1d18291455cc3327ffa320ace07ce0f5fd9
667ddeb9cc4c08487f5d21dc754f41c0630c694d6d81ea4b541bb3776df1b3c6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
693a39255f808f38ae64d4daf12a78de32d51bca970b01fb398534e81fb641b3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6cd7211819bf8d7a3dccff19e5b3589417006d21a049191e5dad658a3cb9bbb4
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6fbd64eb7de128a1f41e865dbd9aec4acb396c6b930006c83f2ce6727d56dfa5
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74e1cf077493c33fe895c7ce5732cda76b195e2d357d928f094bc3367cc7a75f
76d293cad87de584b5105472b9672fb1460dcf35f82079e274e44a47860bf700
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7a5e9157b6a2438323892c0ec7c9f26776530322f598bd45275b640854fb5db0
7d7a52054cbb290b9608fdb340f5b78cabfd59d8ea99b4e6a472350d9eb44966
7e0a0e8674efc69641d7f56aeb43202e89fe413a4498e95ea0c88b354749372f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f8704bdc07ab2809b5a9dd028ef0c9e0001bd0b21c32fc06c18231069a581e
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8715fdb98d9047f23ebb06c6b27092e37698aa9b55752be3fd78ca5ae984cf16
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae388f642410634bc0c7557cb6dfb2557b2a8108dedf6a7e6aeb0933793d3dc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
962dd15a30dc720be0367bb69ed96ea4fbc4575d981b0ce68014c3ea0ebd3a45
97cfbffddbcbf00dcf4b38e122383cbc49f8bde482552271ef0a127ea03e5ae5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a06ec437a9165cc72812142a0424ad9708841fd3d6aa40c10dc427ad18ca6a44
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22314202cdc84c2aefd4f87a815f2c77f570597df6988c5f5f275179a9b864f
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9fdbd114f960595d9115c1f69122cbfc092eb201dac21dd4a06d06379f676
a569c37ba5146a48b1587d68580dc93c1b7389b0d2c60d6e4538859b9be67554
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
aa6343f449592ee4dfaa04183db7b2226ad1e8559d95f9f262d9e15c1fae7d39
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa
ad80b11133fcbc6748279b2beec8a18706385d860699b9370eeb14eb65cc9ef4
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c
b02ce4b4fb56f84ab77471619eb323073304ccab86813fffa85fe1e9484f8dea
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4ca72b06095387d926d6dadb14258c12ad05ce85f4ac2b0365751f673ee73ac
b7950206a3bd6a920526b8f7af73c119f82fc3bed22e4ea062ff496561176f96
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c97be87f9fefee747a77b8ba2e766c8ca5a49ac3bc1e19ae7dd1905d7549f1af
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccdc57deac17eacca1bdc9d551d7bf10f71201f913a7f8490f13abf9db868e4d
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1
ce2216da03d856edb71b34855ce2c67476f6053791b3e85da74477d9a37360a9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc8ef12b90bdf4f0f5dbeb2761166126019187c4a2d80b5d5e6bd7ced904581
d04fe3e6d57be524334f1688f690be20fb65e09d806c549e1f78aa8d3f7dbae7
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d67f4bc34a9dc92e61748a47bb2cc6eab7d3cdca7a5e7103614b454cb323ec22
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
db755419f84b079b5121b93d0ae0e0732cf8276009771b00a5639e87845dee6a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de828d5cdce40f1fabe8672316f12ea3de0d6f618bbdd8244f8019dd63d7ed51
e0bb13b8d8358d1d0a6af8b5596624cfe3764c02fcb00a101a44010fd752d466
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f499e85796b50357302f1521cf59515cc9e438ba7dd05aee6d4411814b3b2e
ea3d0687c8ec9ae8abfef997cfefcf86b646f753120de737c1914653b729ecc2
ea4b60f85a4346bdff1e8c38698690a43d7daacf46be720dea7e1e820403e4a1
ead00f4a33e0a41d92d28a5d9c2fe376ef4f317bdb703e51eb715333929e23ba
eee40e48d32ec12b924e18f55d0e2dfa977b5662f573920bb610a4240b050ffb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f8e7869273f2cc1db168a0e59146a82bd84f224a151d0b476c58c00452a08f3b
f9386932ceb55b9f7241f1a9fb46c6d0d937deb19497ef389fcbadebd1a544d3
f981ac999350c901e815738482797ae651bd0d240aae589d56f5b027ad9715da
f9e8ff6dae89d558983d8bec55fb809060faae27608a21cb96b6ff203280189d
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fc115a46ce156710a19ed06e0af00a44e29981f1d99643b926543e7eed1449dd