urlscan.io logo urlscan.io
SecurityTrails logo

tickets.hrfhomelottery.com Open in urlscan Pro
52.60.164.60  Public Scan

Go To Rescan Add Verdict Report
URL: https://tickets.hrfhomelottery.com/
Submission: On January 31 via automatic, source certstream-suspicious — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 16 domains to perform 58 HTTP transactions. The main IP is 52.60.164.60, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is tickets.hrfhomelottery.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 3rd 2021. Valid for: a year.
This is the only time tickets.hrfhomelottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 52.60.164.60 16509 (AMAZON-02)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2 142.250.65.230 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 142.251.41.2 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 99.84.42.90 16509 (AMAZON-02)
2 184.85.206.51 16625 (AKAMAI-AS)
1 2607:f8b0:402... 15169 (GOOGLE)
1 192.28.144.124 15224 (OMNITURE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 13.249.184.19 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
4 20.62.48.180 8075 (MICROSOFT...)
1 2 20.36.253.92 8075 (MICROSOFT...)
1 13.225.214.103 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 52.18.237.171 16509 (AMAZON-02)
58 25
10    52.60.164.60 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
tickets.hrfhomelottery.com
6    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.65.230 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f6.1e100.net
4021906.fls.doubleclick.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
3    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
www.googleadservices.com
2    2607:f8b0:4006:822::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    99.84.42.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-90.ewr52.r.cloudfront.net
static.hotjar.com
2    184.85.206.51 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-206-51.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2607:f8b0:4023:1407::9b (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    192.28.144.124 (United States)

ASN15224 (OMNITURE, US)
525-szf-856.mktoresp.com
2    2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    13.249.184.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-184-19.bos50.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.com
4    20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e.clarity.ms
2    20.36.253.92 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    13.225.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-103.ewr50.r.cloudfront.net
vars.hotjar.com
3    2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    52.18.237.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-237-171.eu-west-1.compute.amazonaws.com
in.hotjar.com
Apex Domain
Subdomains		 Transfer
10 hrfhomelottery.com
tickets.hrfhomelottery.com
638 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
369 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 13
adservice.google.com — Cisco Umbrella Rank: 80
23 KB
6 clarity.ms
e.clarity.ms — Cisco Umbrella Rank: 2242
c.clarity.ms — Cisco Umbrella Rank: 917
24 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
in.hotjar.com — Cisco Umbrella Rank: 1810
65 KB
5 doubleclick.net
4021906.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
5 KB
4 google.ca
www.google.ca — Cisco Umbrella Rank: 7861
adservice.google.ca — Cisco Umbrella Rank: 12419
2 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
134 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
499 B
2 marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3672
6 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
1 mktoresp.com
525-szf-856.mktoresp.com
311 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
15 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
69 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1017 B
58 16
Domain Requested by
10 tickets.hrfhomelottery.com 1 redirects tickets.hrfhomelottery.com
6 www.google.com tickets.hrfhomelottery.com
www.gstatic.com
www.google.com
4 e.clarity.ms bat.bing.com
e.clarity.ms
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 www.google.ca tickets.hrfhomelottery.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
tickets.hrfhomelottery.com
2 in.hotjar.com script.hotjar.com
2 c.clarity.ms 1 redirects tickets.hrfhomelottery.com
2 www.facebook.com tickets.hrfhomelottery.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 munchkin.marketo.net tickets.hrfhomelottery.com
munchkin.marketo.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 4021906.fls.doubleclick.net 1 redirects www.googletagmanager.com
1 adservice.google.ca adservice.google.com
1 vars.hotjar.com static.hotjar.com
1 c.bing.com 1 redirects
1 adservice.google.com 4021906.fls.doubleclick.net
1 script.hotjar.com static.hotjar.com
1 525-szf-856.mktoresp.com munchkin.marketo.net
1 stats.g.doubleclick.net www.google-analytics.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com tickets.hrfhomelottery.com
1 fonts.googleapis.com tickets.hrfhomelottery.com
58 26

This site contains links to these domains. Also see Links.

Domain
hrfhomelottery.com
www.microsoft.com
www.mozilla.org
www.google.com
Subject Issuer Validity Valid
tickets.hrfhomelottery.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-02-03 -
2022-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-10 -
2022-02-08		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2021-03-29 -
2022-04-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh
*.mktoresp.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-30 -
2022-11-30		 a year crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01		 2021-07-27 -
2022-07-27		 a year crt.sh
*.google.ca
GTS CA 1C3		 2021-12-27 -
2022-03-21		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://tickets.hrfhomelottery.com/
Frame ID: 6C173E00D969B25EB728A7FC5FF8E624
Requests: 47 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Frame ID: 90781172ED6BEE29142E0E7B5944ABAC
Requests: 7 HTTP requests in this frame

Frame: https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Frame ID: 7EB2AE914E4FA03630FD2EF5E1FCC1C6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Frame ID: 6A4CA0C17A3E448622621C6255E2B536
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Frame ID: BC071AED1C085AE95B3CCE9B3AF7CF67
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ca/ddm/fls/i/dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Frame ID: 6550813D46C12C470DE0A7E28B098B9E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Order Form | Hospitals of Regina Foundation Home Lottery

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

58
Requests

97 %
HTTPS

56 %
IPv6

16
Domains

26
Subdomains

25
IPs

3
Countries

1380 kB
Transfer

2847 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415/?_=1643664390564 HTTP 302
  • https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415?_=1643664390564
Request Chain 15
  • https://4021906.fls.doubleclick.net/activityi;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F HTTP 302
  • https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Request Chain 42
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&RedC=c.clarity.ms&MXFR=0C6AD2ABC5B66BED2916C396C1B6652A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&MUID=176DA922638F6E253F67B81F62A56FA5

58 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tickets.hrfhomelottery.com/ 		137 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
825c4ed013dc433c81ed5c2c33a8f25c7ccf59200a9f961482ff65231efde88b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

server
nginx
date
Mon, 31 Jan 2022 21:26:30 GMT
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-frame-options
SAMEORIGIN
x-xxs-protection
1
x-content-type-options
nosniff
content-encoding
gzip
scss.php
tickets.hrfhomelottery.com/stylesheets/ 		172 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tickets.hrfhomelottery.com/stylesheets/scss.php?p=tickets-import.scss
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7454d79452a29c9ebe02d4f8c286e135d2a55ec1866d37696e73ae79e14eda6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 19:16:09 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"e6369646945620a041a6c576570a55ca"
vary
Accept-Encoding
content-type
text/css;charset=UTF-8
x-scss-cache
true
x-xxs-protection
1
api.js
www.google.com/recaptcha/ 		884 B
1000 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7b6a4f4fd9d6c21acdc2cc640c0c15c199c4d958c2c4fdf4a97d8f85330e2f9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2022 21:26:30 GMT
css2
fonts.googleapis.com/ 		3 KB
1017 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prompt:wght@400;500&display=swap
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f5b14f1c10b9fd6f21d30ee9149aab67ee57f68ffd6dd353958077448314169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 21:17:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 31 Jan 2022 21:26:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 31 Jan 2022 21:26:30 GMT
logo.png
tickets.hrfhomelottery.com/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.hrfhomelottery.com/images/logo.png
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5f128547f7eb344a49cf7f79f27b910e7607c6718eb21d1c3f5dc69639d47bc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 15:24:00 GMT
server
nginx
etag
"61b21f90-c749"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-xxs-protection
1
content-length
51017
ie.png
tickets.hrfhomelottery.com/images/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.hrfhomelottery.com/images/ie.png
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ebd3c3da505ae441e3a4ce0d921855bef6a77c9c08e65a936af9b8ddc081cd58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 15:24:00 GMT
server
nginx
etag
"61b21f90-2d65"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-xxs-protection
1
content-length
11621
firefox.png
tickets.hrfhomelottery.com/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.hrfhomelottery.com/images/firefox.png
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5318d3280a3d262fbe018e8b48d65fdd3210b3f1a21f71bb7865d61fac791f0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 15:24:00 GMT
server
nginx
etag
"61b21f90-4dee"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-xxs-protection
1
content-length
19950
chrome.png
tickets.hrfhomelottery.com/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tickets.hrfhomelottery.com/images/chrome.png
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
131bfb8ee3f4f04a2611853edd84a1a775dd5f41e0a47f8e28a2ab618a9213cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 15:24:00 GMT
server
nginx
etag
"61b21f90-234f"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-xxs-protection
1
content-length
9039
61f854063d415
tickets.hrfhomelottery.com/tickets-dependencies-js/ 		389 KB
390 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tickets.hrfhomelottery.com/tickets-dependencies-js/61f854063d415
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3f9d6827ea952251dcaa4726d22cecece3f44494a2252be22333dda7d44531eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
x-xxs-protection
1
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate
content-length
398819
expires
Thu, 19 Nov 1981 08:52:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ 		353 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7685361ecc63d9fa821a0528e98cba6290698725a92431d3fee4eb29b50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tickets.hrfhomelottery.com/
Origin
https://tickets.hrfhomelottery.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 18:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141772
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 18:40:13 GMT
gtm.js
www.googletagmanager.com/ 		193 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6061a148435468493d77e5b0d426d97bef46a15a82644accceeab797fc34584d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69853
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 31 Jan 2022 21:26:30 GMT
-W_8XJnvUD7dzB2Ck_kIaWMu.woff2
fonts.gstatic.com/s/prompt/v9/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v9/-W_8XJnvUD7dzB2Ck_kIaWMu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tickets.hrfhomelottery.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 00:12:44 GMT
x-content-type-options
nosniff
age
422026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17852
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:59:14 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 27 Jan 2023 00:12:44 GMT
fontawesome-webfont.woff2
tickets.hrfhomelottery.com/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tickets.hrfhomelottery.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/stylesheets/scss.php?p=tickets-import.scss
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://tickets.hrfhomelottery.com/stylesheets/scss.php?p=tickets-import.scss
Origin
https://tickets.hrfhomelottery.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Dec 2021 15:24:00 GMT
server
nginx
etag
"61b21f90-118d8"
x-frame-options
SAMEORIGIN
content-type
application/octet-stream
cache-control
max-age=31536000
accept-ranges
bytes
x-xxs-protection
1
content-length
71896
-W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v9/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/prompt/v9/-W__XJnvUD7dzB2KYNod.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Prompt:wght@400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tickets.hrfhomelottery.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 21:15:49 GMT
x-content-type-options
nosniff
age
432641
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17640
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 21:15:49 GMT
61f854063d415
tickets.hrfhomelottery.com/tickets-data-obj/default/
Redirect Chain
  • https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415/?_=1643664390564
  • https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415?_=1643664390564
30 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415?_=1643664390564
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Server
52.60.164.60 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-164-60.ca-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ff1a98dc2de6d1d0eca75a8f63d7e1239bf972e595f24078dc1639302dce3c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
x-xxs-protection
1
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json;charset=utf-8
cache-control
no-store, no-cache, must-revalidate
content-length
30592
expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
x-xxs-protection
1
server
nginx
x-frame-options
SAMEORIGIN
content-type
text/html;charset=UTF-8
location
https://tickets.hrfhomelottery.com/tickets-data-obj/default/61f854063d415?_=1643664390564
cache-control
no-store, no-cache, must-revalidate
content-length
3317
expires
Thu, 19 Nov 1981 08:52:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9078 		40 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
78247d299ba33dafd4fc2300159aaa505dd70d4793f6ef51453c3cb13385b2ab
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xXC1nOsOFQb2Y7B07D20Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 31 Jan 2022 21:26:30 GMT
content-security-policy
script-src 'report-sample' 'nonce-xXC1nOsOFQb2Y7B07D20Og' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20942
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
4021906.fls.doubleclick.net/ Frame 7EB2
Redirect Chain
  • https://4021906.fls.doubleclick.net/activityi;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F?
  • https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Fticke...
490 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f6.1e100.net
Software
cafe /
Resource Hash
0bd359ce1c3aab05105564aec6ff276922f67cde469ea5b04b9c0e4c9ea46977
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jan 2022 21:26:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jan 2022 21:26:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bat.js
bat.bing.com/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:29 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 442E022C1F724BE59C22B9B57372998B Ref B: YTO01EDGE0819 Ref C: 2022-01-31T21:26:30Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26236
x-xss-protection
0
pragma
public
x-fb-debug
cY7Pf1nROBT1xJNM9291x39JP4MRnGBwcUHdeR3yVRU0VpxBKTUMj/nfJ1PcH0+Nj9O37mCe3q2L+wZ46TlTQg==
x-fb-trip-id
2050670934
x-frame-options
DENY
date
Mon, 31 Jan 2022 21:26:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14860
x-xss-protection
0
server
cafe
etag
9607039154328110559
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 31 Jan 2022 21:26:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3879
date
Mon, 31 Jan 2022 20:21:51 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 31 Jan 2022 22:21:51 GMT
hotjar-2193280.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2193280.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-90.ewr52.r.cloudfront.net
Software
/
Resource Hash
4aaccda207ee3ad0b0b05501d2f5ec47dfc25d1ea09dba8358c084ebdb25fa99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
EWR52-C4
etag
W/d04ebcd3d3fa800b802f0764f4ce9747
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
content-length
1883
via
1.1 6afc1c7b9e6d4dbe30a0b3eae05d0f9e.cloudfront.net (CloudFront)
x-amz-cf-id
-HLz_kfJ9sZOEUvpwa_XouzDzC9_JXug8EK4-u2Gm0zmnB398-vJ1g==
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.85.206.51 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-206-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 21:26:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 29 Oct 2021 01:24:07 GMT
Server
AkamaiNetStorage
ETag
"461ce1cffaadfebf2e7659745618ba8e:1635470647.434977"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
753
styles__ltr.css
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 9078 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 17:07:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 17:07:06 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/ Frame 9078 		353 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004d7685361ecc63d9fa821a0528e98cba6290698725a92431d3fee4eb29b50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 18:40:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141772
x-xss-protection
0
last-modified
Mon, 31 Jan 2022 05:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Jan 2023 18:40:13 GMT
munchkin.js
munchkin.marketo.net/161/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/161/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.85.206.51 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-206-51.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 21:26:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 08 Sep 2021 00:38:21 GMT
Server
AkamaiNetStorage
ETag
"0e0eefac8daf874e8b1aa34aeb160c52:1631061501.737429"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4681
Expires
Wed, 11 May 2022 21:26:30 GMT
5317392.js
bat.bing.com/p/action/ 		684 B
780 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5317392.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
399a0e3ef1fcc4dbc095cc14738c68a53934ce360d7b8f16ecd725ef02d185a7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E9ABF8BB60B14DD4804475D3501E13A7 Ref B: YTO01EDGE0819 Ref C: 2022-01-31T21:26:30Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
587
0
bat.bing.com/action/ 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5317392&tm=gtm002&Ver=2&mid=e340a9cc-d8c4-47cc-a7c6-0679c4990046&sid=74f3cd5082dc11ecbb0397a776533b3d&vid=74f412a082dc11eca7a3f9f988bb7437&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&p=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&r=&lt=909&evt=pageLoad&msclkid=N&sv=1&rn=521947
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 516F2A3806B24EDB8A9D821BB29EC6D7 Ref B: YTO01EDGE0819 Ref C: 2022-01-31T21:26:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9078 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/1p3YWy80wlZ7Q8QFR1gjazwU/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 27 Jan 2022 17:24:45 GMT
x-content-type-options
nosniff
age
360105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 03 Feb 2022 17:24:45 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9078 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 11:41:34 GMT
x-content-type-options
nosniff
age
553496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 25 Jan 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9078 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 19:40:58 GMT
x-content-type-options
nosniff
age
438332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 26 Jan 2023 19:40:58 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.52
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20661
x-xss-protection
0
pragma
public
x-fb-debug
Nlg+CqhLyDRV4/NiaZeW69FzYFa3cYtI984ToJ9PJoVn6+1jIsTbHoRi4J9z0sA2hO3HIqQpf1rmSxX0/ewOdw==
x-frame-options
DENY
date
Mon, 31 Jan 2022 21:26:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
1782853901998570
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1782853901998570?v=2.9.52&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c7695340cc5121b56f856f210404409b82118257ede29a0ace5a4e9bc3f34eb
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
d6Qc5ghYgrWPjfhVcCJmrjNOj2W+GLIBYcAbp2NAVZzZ3RI8OaHswrXWUVDnWm6v9vpJe180RD+H1MqnIneivA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 31 Jan 2022 21:26:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=310269921&t=pageview&_s=1&dl=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&ul=en-us&de=UTF-8&dt=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1687555443&gjid=1026381207&cid=595543343.1643664391&tid=UA-643451-23&_gid=1100830452.1643664391&_r=1&gtm=2wg1q0TPB94W&z=1256465147
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.hrfhomelottery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 9078 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f419d5b373af8b96bee34857fcf7a19723430a2891f177d915f80213e2d8409c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfcK78aAAAAAFxZso16rBAzHjmLOIubNmtKnZ8j&co=aHR0cHM6Ly90aWNrZXRzLmhyZmhvbWVsb3R0ZXJ5LmNvbTo0NDM.&hl=en&v=1p3YWy80wlZ7Q8QFR1gjazwU&size=invisible&cb=nidcazapyw4f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 31 Jan 2022 21:26:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-643451-23&cid=595543343.1643664391&jid=1687555443&gjid=1026381207&_gid=1100830452.1643664391&_u=YEBAAEAAAAAAAC~&z=1238710304
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 31 Jan 2022 21:26:31 GMT
content-type
text/plain
access-control-allow-origin
https://tickets.hrfhomelottery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
visitWebPage
525-szf-856.mktoresp.com/webevents/ 		2 B
311 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://525-szf-856.mktoresp.com/webevents/visitWebPage?_mchNc=1643664390996&_mchCn=&_mchId=525-SZF-856&_mchTk=_mch-hrfhomelottery.com-1643664390995-55179&_mchHo=tickets.hrfhomelottery.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 31 Jan 2022 21:26:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
21002f82-bf0f-4a7e-af5f-2281bc6fcb2f
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990214547/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990214547/?random=1643664390998&cv=9&fst=1643664390998&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02e6e77c8380e333ba162c978827e9c098a865ef6f6e2ee8f3f3f721f7a37adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/990214547/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/990214547/?random=1643664391002&cv=9&fst=1643664391002&num=1&label=ete-CMbQkZIBEJPzldgD&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae3c519687a843c1d64ab5bee4e9a8c9679c86406cf0d30d232dbaa63183f637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.a389f57d0ad3cbd8094d.js
script.hotjar.com/ 		230 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2193280.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.184.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-184-19.bos50.r.cloudfront.net
Software
/
Resource Hash
c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 26 Jan 2022 14:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
457165
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61698
access-control-allow-origin
*
last-modified
Wed, 26 Jan 2022 14:26:35 GMT
etag
"924fdfe3dc65e55ee74f0fd0e4d06766"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e25fecbceb5ae1f8e9a1fbef5a6b3d7a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
BOS50-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Ayx6QSAnCA9ROJ3I1KKg7J2T6wIzXqpd98EIcbhk7IIkGk3Xir0NPA==
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1782853901998570&ev=PageView&dl=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&rl=&if=false&ts=1643664391039&sw=1600&sh=1200&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1643664391038.2129658755&it=1643664390875&coo=false&tm=1&rqm=GET
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 31 Jan 2022 21:26:31 GMT
dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
adservice.google.com/ddm/fls/i/ Frame 6A4C 		489 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Requested by
Host: 4021906.fls.doubleclick.net
URL: https://4021906.fls.doubleclick.net/activityi;dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
71434bf2c0c094914df18e0d50cf8671975ead737e2273b6db1f6194e0590068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://4021906.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jan 2022 21:26:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
386
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
clarity.js
e.clarity.ms/s/0.6.31/ 		52 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/5317392.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:31 GMT
content-encoding
br
etag
"1d811e72bf47200"
last-modified
Tue, 25 Jan 2022 12:29:18 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&RedC=c.clarity.ms&MXFR=0C6AD2ABC5B66BED2916C396C1B6652A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&MUID=176DA922638F6E253F67B81F62A56FA5
42 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&MUID=176DA922638F6E253F67B81F62A56FA5
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Server
20.36.253.92 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6E8F5BD478294BE9B829857689AAEB14 Ref B: YTO01EDGE0819 Ref C: 2022-01-31T21:26:31Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=D2880CB9E17B4A13988C6E2B35899753&MUID=176DA922638F6E253F67B81F62A56FA5
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
box-ad575b5823df97fc9725e14a57070642.html
vars.hotjar.com/ Frame BC07 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-ad575b5823df97fc9725e14a57070642.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2193280.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-103.ewr50.r.cloudfront.net
Software
/
Resource Hash
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/

Response headers

content-type
text/html
content-length
1050
date
Sat, 27 Nov 2021 03:15:58 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"a123045c9cc95cfe44d6b5d126b9f1a7"
last-modified
Tue, 23 Nov 2021 12:26:27 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 75e95d402c844985152ed9360801af06.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
u0E-JIS-4xip3gilRNVoIvPsWWRxvixQFE2SzVngdxwFIMVCap2EMg==
age
5681433
/
www.google.com/pagead/1p-user-list/990214547/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990214547/?random=1643664390998&cv=9&fst=1643662800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&async=1&fmt=3&is_vtc=1&random=3322264938&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990214547/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990214547/?random=1643664390998&cv=9&fst=1643662800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&async=1&fmt=3&is_vtc=1&random=3322264938&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/990214547/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/990214547/?random=1643664391002&cv=9&fst=1643662800000&num=1&label=ete-CMbQkZIBEJPzldgD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&async=1&fmt=3&is_vtc=1&random=2308113517&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.ca/pagead/1p-user-list/990214547/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/990214547/?random=1643664391002&cv=9&fst=1643662800000&num=1&label=ete-CMbQkZIBEJPzldgD&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1q0&sendb=1&frm=0&url=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&tiba=Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery&async=1&fmt=3&is_vtc=1&random=2308113517&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-643451-23&cid=595543343.1643664391&jid=1687555443&_u=YEBAAEAAAAAAAC~&z=75226849
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-643451-23&cid=595543343.1643664391&jid=1687555443&_u=YEBAAEAAAAAAAC~&z=75226849
Requested by
Host: tickets.hrfhomelottery.com
URL: https://tickets.hrfhomelottery.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 31 Jan 2022 21:26:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
adservice.google.ca/ddm/fls/i/ Frame 6550 		194 B
870 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/ddm/fls/i/dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJjWlIH33PUCFS2FgwgdotMKZw;src=4021906;type=Remar0;cat=remar0;ord=7516044372495;gtm=2wg1q0;auiddc=424901937.1643664391;~oref=https%3A%2F%2Ftickets.hrfhomelottery.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Mon, 31 Jan 2022 21:26:31 GMT
expires
Mon, 31 Jan 2022 21:26:31 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
visit-data
in.hotjar.com/api/v2/client/sites/2193280/ 		146 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2193280/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.237.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-237-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 21:26:31 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
collect
e.clarity.ms/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://tickets.hrfhomelottery.com
date
Mon, 31 Jan 2022 21:26:31 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
collect
e.clarity.ms/ 		0
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://tickets.hrfhomelottery.com
date
Mon, 31 Jan 2022 21:26:31 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
visit-data
in.hotjar.com/api/v2/client/sites/2193280/ 		146 B
320 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2193280/visit-data?sv=7
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.a389f57d0ad3cbd8094d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.237.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-237-171.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 31 Jan 2022 21:26:32 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1782853901998570&ev=Microdata&dl=https%3A%2F%2Ftickets.hrfhomelottery.com%2F&rl=&if=false&ts=1643664392544&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Order%20Form%20%7C%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery%22%2C%22meta%3Adescription%22%3A%22Purchase%20your%20tickets%20for%20%20Hospitals%20of%20Regina%20Foundation%20Home%20Lottery%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1643664391038.2129658755&it=1643664390875&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tickets.hrfhomelottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 31 Jan 2022 21:26:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 31 Jan 2022 21:26:32 GMT
collect
e.clarity.ms/ 		0
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.clarity.ms/collect
Requested by
Host: e.clarity.ms
URL: https://e.clarity.ms/s/0.6.31/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tickets.hrfhomelottery.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://tickets.hrfhomelottery.com
date
Mon, 31 Jan 2022 21:26:33 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer object| $jscomp function| addLoadingSection function| addFirstSection function| navigateSections function| waitlistedOrderSummary function| modifyQty function| compareQty function| compareQtyAsc function| getTotal function| getTotalSubscription function| makeOffer boolean| seenSubscriptionAlready function| presentSubscriptionOrderForm function| submitOrderWithSubscription function| noSubscription function| checkSubscription function| getTicketGroupFromId function| getGroupPriceTotal function| getGroupCartQtyTotal function| getGroupPriceTotalSubs function| moreInfo function| lessInfo function| carryValues function| bundleMobile function| colorCards function| disableDClick function| bottomSection function| clearMessage function| jackpotRoll undefined| inivio_suiteApt undefined| inivio_address undefined| inivio_address2 undefined| inivio_city undefined| inivio_province undefined| inivio_postal string| basePath string| inivioURL function| correctAddress function| addressAsIs function| makeAddressCorrections function| addressUseNew function| proceed function| checkPaymentOption function| addValidationMethods object| jqueryTicketValidateOpts object| jqueryTicketValidate object| jqueryBillingValidateOpts object| jqueryBillingValidate object| jquerySummaryValidateOpts object| jquerySummaryValidate function| populateForm function| getTotalCartQtyForTg function| getTotalCartQtySubsForTg function| checkCartEmpty function| ticketGroupValidCheck object| orderInfo function| updateOrderInfo function| fillOrderSummary undefined| finaltotal function| submitOrder function| sendFailedRequestAlert function| printConfirmation function| addGroupPurchasePlayer function| deleteGroupPurchasePlayer function| deleteAllGroupPurchasePlayer function| purchasersNameOnTicket function| getPackIdsWithGroupID function| gaTrackConversion function| getSaleTotal function| proceedPastWarning function| toTitleCase function| HandleResponse function| convertProvinceToAbbr object| html5 object| Modernizr function| $ function| jQuery function| Odometer object| ellipsis object| recaptcha object| closure_lm_465723 object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| _fbq_gtm_ids string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| UET function| UET_init function| UET_push object| ueto_9c003edcde object| uetq object| gaplugins object| gaGlobal object| gaData object| updatedOrderInfo string| globalPaymentType object| MunchkinTracker function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| clarity

27 Cookies

Domain/Path Name / Value
tickets.hrfhomelottery.com/ Name: PHPSESSID
Value: e7ba5b313eb96a5bb4eb7a06a5bc2ac0
.hrfhomelottery.com/ Name: _gcl_au
Value: 1.1.424901937.1643664391
.bing.com/ Name: MUID
Value: 176DA922638F6E253F67B81F62A56FA5
.bat.bing.com/ Name: MR
Value: 0
.hrfhomelottery.com/ Name: _uetsid
Value: 74f3cd5082dc11ecbb0397a776533b3d
.hrfhomelottery.com/ Name: _uetvid
Value: 74f412a082dc11eca7a3f9f988bb7437
.hrfhomelottery.com/ Name: _ga
Value: GA1.2.595543343.1643664391
.hrfhomelottery.com/ Name: _gid
Value: GA1.2.1100830452.1643664391
.hrfhomelottery.com/ Name: _gat_UA-643451-23
Value: 1
.hrfhomelottery.com/ Name: _mkto_trk
Value: id:525-SZF-856&token:_mch-hrfhomelottery.com-1643664390995-55179
.hrfhomelottery.com/ Name: _fbp
Value: fb.1.1643664391038.2129658755
.facebook.com/ Name: fr
Value: 0WlAWyX3PRBNjNQ2x..Bh-FQH...1.0.Bh-FQH.
.doubleclick.net/ Name: IDE
Value: AHWqTUmilwG1732bXoCX2VV5Dw9N64B1zRJ-t3B-IrqeOTTJvUfDZ26BlVlBlbvy
.hrfhomelottery.com/ Name: _hjSessionUser_2193280
Value: eyJpZCI6IjYwZjM5ZmQ5LTBlMDMtNTRmMy05YmVmLTk5OTFiNjZlNThkMyIsImNyZWF0ZWQiOjE2NDM2NjQzOTExNjQsImV4aXN0aW5nIjpmYWxzZX0=
.hrfhomelottery.com/ Name: _hjFirstSeen
Value: 1
tickets.hrfhomelottery.com/ Name: _hjIncludedInSessionSample
Value: 0
.hrfhomelottery.com/ Name: _hjSession_2193280
Value: eyJpZCI6IjFhZTExNDczLWI3MDgtNDg5My1hZTIwLTI0ZTk4NTY4OGY1NiIsImNyZWF0ZWQiOjE2NDM2NjQzOTExODIsImluU2FtcGxlIjpmYWxzZX0=
tickets.hrfhomelottery.com/ Name: _hjIncludedInPageviewSample
Value: 1
.hrfhomelottery.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 176DA922638F6E253F67B81F62A56FA5
.hrfhomelottery.com/ Name: _clck
Value: eegxeu|1|eyl|0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 176DA922638F6E253F67B81F62A56FA5
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.hrfhomelottery.com/ Name: _clsk
Value: 1d0qfr1|1643664391384|1|1|e.clarity.ms/collect

2 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W(Line 49)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPB94W(Line 49)
Message:
Unrecognized feature: 'conversion-measurement'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4021906.fls.doubleclick.net
525-szf-856.mktoresp.com
adservice.google.ca
adservice.google.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
e.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
munchkin.marketo.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
tickets.hrfhomelottery.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.225.214.103
13.249.184.19
142.250.65.230
142.251.41.2
184.85.206.51
192.28.144.124
20.36.253.92
20.62.48.180
2607:f8b0:4006:809::2002
2607:f8b0:4006:80c::2003
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2004
2607:f8b0:4006:817::2008
2607:f8b0:4006:81d::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:822::200e
2607:f8b0:4023:1407::9b
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
52.18.237.171
52.60.164.60
99.84.42.90
004d7685361ecc63d9fa821a0528e98cba6290698725a92431d3fee4eb29b50c
02e6e77c8380e333ba162c978827e9c098a865ef6f6e2ee8f3f3f721f7a37adc
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0bd359ce1c3aab05105564aec6ff276922f67cde469ea5b04b9c0e4c9ea46977
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
131bfb8ee3f4f04a2611853edd84a1a775dd5f41e0a47f8e28a2ab618a9213cd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
399a0e3ef1fcc4dbc095cc14738c68a53934ce360d7b8f16ecd725ef02d185a7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9d6827ea952251dcaa4726d22cecece3f44494a2252be22333dda7d44531eb
4aaccda207ee3ad0b0b05501d2f5ec47dfc25d1ea09dba8358c084ebdb25fa99
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
4f5b14f1c10b9fd6f21d30ee9149aab67ee57f68ffd6dd353958077448314169
5318d3280a3d262fbe018e8b48d65fdd3210b3f1a21f71bb7865d61fac791f0b
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f128547f7eb344a49cf7f79f27b910e7607c6718eb21d1c3f5dc69639d47bc9
6061a148435468493d77e5b0d426d97bef46a15a82644accceeab797fc34584d
71434bf2c0c094914df18e0d50cf8671975ead737e2273b6db1f6194e0590068
73b783357e1ed270e36ebc7846a8477f3d0d44e457405f46926ee2dc2a7db692
7454d79452a29c9ebe02d4f8c286e135d2a55ec1866d37696e73ae79e14eda6e
78247d299ba33dafd4fc2300159aaa505dd70d4793f6ef51453c3cb13385b2ab
7b6a4f4fd9d6c21acdc2cc640c0c15c199c4d958c2c4fdf4a97d8f85330e2f9d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
825c4ed013dc433c81ed5c2c33a8f25c7ccf59200a9f961482ff65231efde88b
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c7695340cc5121b56f856f210404409b82118257ede29a0ace5a4e9bc3f34eb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ae3c519687a843c1d64ab5bee4e9a8c9679c86406cf0d30d232dbaa63183f637
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c9af4a6f50315626992164b4a9af6226cecdd6ef5d125843eca426304f3fedfa
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846
ebd3c3da505ae441e3a4ce0d921855bef6a77c9c08e65a936af9b8ddc081cd58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f419d5b373af8b96bee34857fcf7a19723430a2891f177d915f80213e2d8409c
f56a1b71444d153f2f81146d9a0cca991518ebc72e0686f917470f8c522ee383
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
ff1a98dc2de6d1d0eca75a8f63d7e1239bf972e595f24078dc1639302dce3c2c