ohiolottery.com Open in urlscan Pro
72.9.55.134 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email-ohiolottery.com/?qs=dde2da5b69f4c3c9466ba9e845f3de78baa76725fc905f027df06243b0ad1ce792cb5403496cfab9eb53dfe0cd0c...
Effective URL:
https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Submission: On May 15 via manual (May 15th 2023, 1:20:15 pm UTC) from US — Scanned from DE

Summary HTTP 50 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 17 domains to perform 50 HTTP transactions. The main IP is 72.9.55.134, located in Dayton, United States and belongs to DATAYARD, US. The main domain is ohiolottery.com. The Cisco Umbrella rank of the primary domain is 405830.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 13th 2022. Valid for: a year.

This is the only time ohiolottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.71.11 13.111.71.11	22606 (EXACT-7) (EXACT-7)
18	72.9.55.134 72.9.55.134	14131 (DATAYARD) (DATAYARD)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	52.222.236.87 52.222.236.87	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 4	50.16.67.160 50.16.67.160	14618 (AMAZON-AES) (AMAZON-AES)
2 3	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1 1	104.18.12.14 104.18.12.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
50	20

1 13.111.71.11 (Garfield, United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s11.exacttarget.com

click.email-ohiolottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 72.9.55.134 (Dayton, United States)

ASN14131 (DATAYARD, US)
PTR: marcus-webcluster01.sys.svc

ohiolottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-87.fra56.r.cloudfront.net

trackit.ktxlytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.16.67.160 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-67-160.compute-1.amazonaws.com

c2.ktxlytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.20 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.14 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a4.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	ohiolottery.com ohiolottery.com — Cisco Umbrella Rank: 405830	881 KB
5	ktxlytics.io 1 redirects trackit.ktxlytics.io — Cisco Umbrella Rank: 43458 c2.ktxlytics.io — Cisco Umbrella Rank: 37098	99 KB
5	gstatic.com fonts.gstatic.com	96 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 817 s.tribalfusion.com — Cisco Umbrella Rank: 2073 a4.tribalfusion.com — Cisco Umbrella Rank: 28379	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	219 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 385 fonts.googleapis.com — Cisco Umbrella Rank: 50	33 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 stats.g.doubleclick.net — Cisco Umbrella Rank: 91	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	239 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	114 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5171	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 690	395 B
1	t.co t.co — Cisco Umbrella Rank: 510	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 718	15 KB
1	email-ohiolottery.com 1 redirects click.email-ohiolottery.com	253 B
50	17

	Domain	Requested by
18	ohiolottery.com	ohiolottery.com
5	fonts.gstatic.com	fonts.googleapis.com
4	c2.ktxlytics.io	1 redirects trackit.ktxlytics.io ohiolottery.com
3	ib.adnxs.com	2 redirects ohiolottery.com
3	www.googletagmanager.com	ohiolottery.com www.googletagmanager.com
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.facebook.com	ohiolottery.com
2	connect.facebook.net	ohiolottery.com connect.facebook.net
2	fonts.googleapis.com	ohiolottery.com
1	a4.tribalfusion.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.google.de	ohiolottery.com
1	www.google.com	ohiolottery.com
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.twitter.com	ohiolottery.com
1	t.co	ohiolottery.com
1	trackit.ktxlytics.io	ohiolottery.com
1	static.ads-twitter.com	ohiolottery.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	a.tribalfusion.com	ohiolottery.com
1	ajax.googleapis.com	ohiolottery.com
1	click.email-ohiolottery.com	1 redirects
50	23

This site contains links to these domains. Also see Links.

Domain
ohio.gov

Subject Issuer	Validity	Valid
*.ohiolottery.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-06-13` - `2023-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-05-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.ktxlytics.io Amazon RSA 2048 M02	`2023-02-22` - `2023-08-02`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Frame ID: 2C84B082D6446B999A8F9EAB06ADE0CA
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Club Promotions :: The Ohio Lottery

Page URL History Show full URLs

http://click.email-ohiolottery.com/?qs=dde2da5b69f4c3c9466ba9e845f3de78baa76725fc905f027df06243b0ad1ce792cb5403... HTTP 302
https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey Page URL

Detected technologies

Kentico CMS (CMS) Expand

Overall confidence: 100%
Detected patterns

/CMSPages/GetResource\.ashx

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

50
Requests

96 %
HTTPS

59 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

1488 kB
Transfer

4072 kB
Size

18
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://ohio.gov/
Title: Ohio.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email-ohiolottery.com/?qs=dde2da5b69f4c3c9466ba9e845f3de78baa76725fc905f027df06243b0ad1ce792cb5403496cfab9eb53dfe0cd0c2e4df53d2ffef4e8925436054bb06d5b1002 HTTP 302
https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://ib.adnxs.com/getuid?https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=3055459&dsp_type=adnxs&p=web&dsp_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc2.ktxlytics.io%2Fcom.snowplowanalytics.iglu%2Fv1%3Fschema%3Diglu%3Aio.kortx%2Fdsp_sync%2Fjsonschema%2F1-0-0%26aid%3D3055459%26dsp_type%3Dadnxs%26p%3Dweb%26dsp_uid%3D%24UID HTTP 302
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=3055459&dsp_type=adnxs&p=web&dsp_uid=980932942745059626 HTTP 302
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=980932942745059626&aid=3055459&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs

Request Chain 47

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223959365427%22%2C%22th%22%3A7112039884%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22admneM1VBwnqZbV5b35WUfZb1pMlTROOg8%22%2C%22url%22%3A%22https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey%22%2C%22clientName%22%3A%22Ohio%2520Lottery%22%2C%22clientID%22%3A794433%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22Homepage%22%7D HTTP 302
https://a4.tribalfusion.com/ipg?ip6=2a03:1b20:6:f011::2e&kv=%7B%22ord%22%3A%206435210%2C%20%22clientID%22%3A%20794433%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request MLR-Club-Member-Survey Show response
ohiolottery.com/MyLotto-Rewards/Club-Promotions/
Redirect Chain

http://click.email-ohiolottery.com/?qs=dde2da5b69f4c3c9466ba9e845f3de78baa76725fc905f027df06243b0ad1ce792cb5403496cfab9eb53dfe0cd0c2e4df53d2ffef4e8925436054bb06d5b1002
https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

68 KB
21 KB

1065ms
186ms

Document
text/html

72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

b079d43af570a828cd338c98f10a2faedfb8d0cc92fde08f7764d080852db33b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: deflate
Content-Length: 20744
Content-Type: text/html; charset=utf-8
Date: Mon, 15 May 2023 13:20:08 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-Powered-By: ASP.NET
X-UA-Compatible: IE=Edge

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 195
Content-Type: text/html; charset=utf-8
Date: Mon, 15 May 2023 13:20:06 GMT
Location: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

GET
H/1.1 200
OK stylesheet.min.css
ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/ 1 MB
152 KB 117ms
117ms Stylesheet
text/css 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

380331c066988856258eb137d2a8e7961683e0216b9d2533acbd23cd84565297

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 16:49:00 GMT
Server: Microsoft-IIS/8.5
ETag: "02687a6f184d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 155330

GET
H/1.1 200
OK GetResource.ashx
ohiolottery.com/CMSPages/ 399 B
701 B 332ms
113ms Stylesheet
text/css 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/CMSPages/GetResource.ashx?_webparts=677

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

ba4abd5671f0a688d7370f7edce099678a509870131afcb845f8db09500e6157

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: deflate
Last-Modified: Mon, 20 Jun 2016 12:26:38 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
ETag: "webpart|SearchBox"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Cache-Control: public, must-revalidate
Content-Disposition: attachment; filename="SearchBox.css"
Content-Length: 215
Expires: Tue, 23 May 2023 13:20:09 GMT

GET
H/1.1 200
OK WebResource.axd Show response
ohiolottery.com/ 23 KB
6 KB 337ms
113ms Script
application/x-javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZAGeIAzy0b0T8v-Yuzz7e20kUfuf-bxKdqrcdfQ1zw4Wf5Q3BQ2&t=637814473746327080

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Feb 2022 09:42:54 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 6007
Expires: Tue, 14 May 2024 07:30:14 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
ohiolottery.com/ 87 KB
27 KB 460ms
127ms Script
application/x-javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/ScriptResource.axd?d=x6wALODbMJK5e0eRC_p1LaS7korACIqRGn9H-wipgxZd5pLJoTTsFdNc7MfelNGOEnuf46LpjBw-lUqvoMsGWFrEDc_jzh2iNoKkNtDHieWXkPl80&t=7c776dc1

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 09:31:57 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 27722
Expires: Tue, 14 May 2024 09:31:57 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
ohiolottery.com/ 36 KB
10 KB 460ms
126ms Script
application/x-javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/ScriptResource.axd?d=P5lTttoqSeZXoYRLQMIScBUQj-rcxr-Nvi3csr-MJOV_FdorBrEdS5wYLktjmnnTcH4oWfMrM6Ehly4cJFFXG5PeCuhOWznLR9YtbWp6jUnqRuf40&t=7c776dc1

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 07:30:14 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Cache-Control: public
Content-Length: 9936
Expires: Tue, 14 May 2024 07:30:14 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
ohiolottery.com/ 18 KB
5 KB 475ms
141ms Script
text/javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/ScriptResource.axd?d=NHo7rzvB81m25b5lv-ojMQ20yLePYgSSyMkK9L-QDYDB77Pw9FY0VHY9BRA8rASl9Voc31iJ4H5sNK9uzf0g1vnKQjZd7EO2UfG2QjQJ8lFXuxeQ0&t=7c776dc1

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

5a2bfafaae624bf22eada3a71ec9be1b9ee03e68fbbd36ac5924b381b96525e7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:08 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 07:30:14 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Content-Length: 4998
Expires: Tue, 14 May 2024 07:30:14 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
ohiolottery.com/ 21 KB
6 KB 561ms
113ms Script
text/javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/ScriptResource.axd?d=G7OZOzpYF9XwHB8eN29Yb3pUrErNeiDV6HHuW-dHZAxSZGQ7v_f1Y6InaQ5GuwNOFyFXWTQ3CnwNeI0uu3a2BAV-sNkHceqktqDSgH_QVr_rmAKDbfoOLOrt9ARPJ0ldR9Ep9Q2&t=7c776dc1

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

339cf00d7bd0e014b4b15a8afb0e9c4667604aa843cee1d23c6c3b79c0d4830b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 07:30:14 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Content-Length: 5646
Expires: Tue, 14 May 2024 07:30:14 GMT

GET
H/1.1 200
OK ScriptResource.axd Show response
ohiolottery.com/ 6 KB
2 KB 605ms
113ms Script
text/javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/ScriptResource.axd?d=Y4RJC2UgV6Ws3MXxk43ByWNgIxo4SI_SlG9C4Jf-86JZ4eNbSUmUWFWhLke6gUIDfrHpkR1hTTZAHSyKU0f-TkNkxrOMwrugBO9oPo_twPVfIvRKXWjmodLLXLyeVYLnuVHEfA2&t=7c776dc1

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

32f55c50d21c4372bca6312f7f3667173fdb77c5f72f1ff8754204c6a20b7835

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 07:30:14 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: public
Content-Length: 1562
Expires: Tue, 14 May 2024 07:30:14 GMT

GET
H/1.1 200
OK logo-OH-Lottery-119x82.png
ohiolottery.com/ohiolottery/media/site-design/logos/ 3 KB
3 KB 116ms
114ms Image
image/png 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiolottery.com/ohiolottery/media/site-design/logos/logo-OH-Lottery-119x82.png

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

8351ea3ab750838c2c91015e7122ac3fda4be0f7d34bb10c2ff77e67ded1e169

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Tue, 24 Nov 2020 14:56:03 GMT
Server: Microsoft-IIS/8.5
ETag: "1291bee71c2d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 2906

GET
H/1.1 200
OK print.css
ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/ 10 KB
3 KB 113ms
113ms Stylesheet
text/css 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/print.css

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

f8244a72deda63eda6ab61ae3073b73154d10c15269ead36d86ac4fc855f879f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Jun 2018 12:44:57 GMT
Server: Microsoft-IIS/8.5
ETag: "80eaf47fdd3d41:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 2356

GET
H/1.1 200
OK olc20518-03_Segmentation_ClubPromo_864x400_v02AR_20230509.jpg
ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/ 231 KB
231 KB 123ms
122ms Image
image/jpeg 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/olc20518-03_Segmentation_ClubPromo_864x400_v02AR_20230509.jpg?ext=.jpg

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6cea96aa23127e5be75f72082ed35713470d932b4fd75333d56a4862858e91b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Fri, 12 May 2023 18:58:25 GMT
Server: Microsoft-IIS/8.5
ETag: "2a195bb385d91:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 236239

GET
H/1.1 200
OK olc20518-03_Segmentation_ClubPromo_550x550_v02AR_20230509.jpg
ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/ 148 KB
148 KB 123ms
121ms Image
image/jpeg 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/olc20518-03_Segmentation_ClubPromo_550x550_v02AR_20230509.jpg?ext=.jpg

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

69d28af2bdb49660acb90a59ee1960163719e1abf398c676bf50577481b9cd4f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Fri, 12 May 2023 18:58:25 GMT
Server: Microsoft-IIS/8.5
ETag: "2f7c7bb385d91:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 151574

GET
H/1.1 200
OK LivingLucky-LogoPromo.png
ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/SecondChance/ 56 KB
57 KB 123ms
122ms Image
image/png 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiolottery.com/ohiolottery/media/ContentImages/MyLottoRewards/SecondChance/LivingLucky-LogoPromo.png

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

4e4925d53ed61232ec2a6cfe07dbbdc11cedb3e4288eca86bffac7fb03357ecb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Thu, 20 Apr 2023 20:20:26 GMT
Server: Microsoft-IIS/8.5
ETag: "cb217a8bc573d91:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 57647

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:38:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 12:38:44 GMT

GET
H/1.1 200
OK jquery-ui-1.13.0.min.js Show response
ohiolottery.com/scripts/ 249 KB
67 KB 114ms
114ms Script
application/javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/scripts/jquery-ui-1.13.0.min.js

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c0a33cf2049758345983331bf6cb15325ed868472d19da9a34786b3333c33dba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 18:35:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0a2f78aabbd71:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 67961

GET
H/1.1 200
OK scripts.min.js Show response
ohiolottery.com/scripts/ 564 KB
137 KB 123ms
122ms Script
application/javascript 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/scripts/scripts.min.js?v=20230512

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

cdd45f97ab6278844fa00205c13cdf49f47fdba4ce43c9a7b6edd659ea0aa853

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 May 2023 17:01:00 GMT
Server: Microsoft-IIS/8.5
ETag: "06eae53f384d91:0"
X-Powered-By: ASP.NET
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 139425

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Ohio%20Lottery/794433/ 8 KB
2 KB 208ms
170ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Ohio%20Lottery/794433/pixel.js
Requested by: Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74a1f189cdd4155c26093e2c47cbbad06b0703cb4f99f41551b53425eb58d169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2003
x-function: 151
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 730
etag: 7780390916043407999
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 7c7bad3bcb441e60-FRA
expires: Mon, 15 May 2023 14:20:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 37 KB
2 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700|Roboto+Condensed:300,400,700|Roboto:100,300,400,500,700,900|Roboto+Slab:100,300,400,700|Rokkitt:100,400,700,900

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2a98fee143809659894610515788efcb58ef1840d10e8502b4eb0d8dcf518847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:20:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 13:20:09 GMT

GET
H2 200 css2
fonts.googleapis.com/ 715 B
781 B 131ms
47ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Timmana&display=swap

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9466ca8a1649184d42934943f6c5dcb7258b7814c92a2270af6a68f52908372f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 13:20:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 13:20:09 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 13:20:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: k0lY+NZm/kzZNVZINur/4IVTa4yRqKezXamcXKyduN7KnJ3k1yTr5wt2G31Pg5nWquDbLJyHdzJ17dSHgBM6Ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), hid=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 292 KB
92 KB 163ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVQSWB

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c39c84b285eefe91c60eb75632b68a5cd1f3851b1d7f1de9e1da5751558192c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93714
x-xss-protection: 0
last-modified: Mon, 15 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 13:20:09 GMT

GET
H/1.1 200
OK logo-ohlottery.gif
ohiolottery.com/ohiolottery/media/site-design/logos/ 2 KB
2 KB 507ms
112ms Image
image/gif 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ohiolottery.com/ohiolottery/media/site-design/logos/logo-ohlottery.gif

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

1d1d3cca7cce487ce3420e7bd63e15a5a982470f450430ef4374d7a945e1e922

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Tue, 24 Nov 2020 14:56:03 GMT
Server: Microsoft-IIS/8.5
ETag: "97c618ee71c2d61:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 1612

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 122ms
37ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:300,400,700|Roboto+Condensed:300,400,700|Roboto:100,300,400,500,700,900|Roboto+Slab:100,300,400,700|Rokkitt:100,400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:24:53 GMT
x-content-type-options: nosniff
age: 165316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 15:24:53 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 131ms
47ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 02:06:17 GMT
x-content-type-options: nosniff
age: 299632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 02:06:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 163ms
80ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 159354
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 17:04:15 GMT

GET
H2 200 BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v25/ 34 KB
34 KB 177ms
93ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotoslab/v25/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 13:31:14 GMT
x-content-type-options: nosniff
age: 172135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34432
x-xss-protection: 0
last-modified: Tue, 02 May 2023 17:01:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 13:31:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 201ms
118ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 144993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 21:03:36 GMT

GET
H/1.1 200
OK Flaticon.woff
ohiolottery.com/CMSTemplates/OhioLotteryAspx/fonts/ 4 KB
4 KB 315ms
114ms Font
application/x-font-woff 72.9.55.134
DATAYARD

General

Check archive.org

Show headers Download Go to

Full URL

https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/fonts/Flaticon.woff

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

72.9.55.134 Dayton, United States, ASN14131 (DATAYARD, US),

Reverse DNS

marcus-webcluster01.sys.svc

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

2a9493c348bc7c3f939787f82ed5355cf0b860790f18d332fd2c3d964a9123d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ohiolottery.com/CMSTemplates/OhioLotteryAspx/css/stylesheet.min.css?v=20230512
Origin: https://ohiolottery.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Mon, 15 May 2023 13:20:09 GMT
Last-Modified: Thu, 03 Jan 2019 20:15:00 GMT
Server: Microsoft-IIS/8.5
ETag: "0fada0a1a3d41:0"
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-font-woff
Cache-Control: public,max-age=691200
Accept-Ranges: bytes
Content-Length: 3792

GET
H2 200 1370040239761866 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 68ms
67ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1370040239761866?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52a7c04fe3620f5811a864df5924f1bc438904743d694446963fdb3540c52d7d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 15 May 2023 13:20:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: sCbuRvL/OdNBO5xp3Zeh7yOU6UxSCY172O6KvEO/KFqdLj0etm3MxrUEfL9byxEnGm5zJMTJ86rCv+2/aG+AUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370040239761866&ev=PageView&dl=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&rl=&if=false&ts=1684156809680&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684156809679.1584795876&it=1684156809586&coo=false&rqm=GET

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 13:20:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 124ms
39ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQSWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 12:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2670
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 14:35:39 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1027683138/ 3 KB
2 KB 166ms
81ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1027683138/?random=1684156809801&cv=11&fst=1684156809801&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&hn=www.googleadservices.com&frm=0&tiba=Club%20Promotions%20%3A%3A%20The%20Ohio%20Lottery&auid=1571923247.1684156810&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQSWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bffd8c7cd4e68ed725b2320d45b030df7c74e514cf41d4b11bc4983b7b07617e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 30ms
7ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230096-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 121 KB
47 KB 57ms
57ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12333953

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQSWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9399906db5c49aab65e360c365ad4c41eb8eb6cf727e61f040da69f0b01ab045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48171
x-xss-protection: 0
last-modified: Mon, 15 May 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 13:20:09 GMT

GET
H/1.1 200
OK ktxevents.v1.js Show response
trackit.ktxlytics.io/ 98 KB
98 KB 33ms
8ms Script
application/javascript 52.222.236.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trackit.ktxlytics.io/ktxevents.v1.js
Requested by: Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-87.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5669edd3b221f82c626766804db887678c78c575a973d38b098753ec73a42b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: 8nobErucU.TGbL_HVc3JJOzAiDrdj9pU
Date: Mon, 15 May 2023 01:31:00 GMT
Via: 1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
Last-Modified: Wed, 23 Oct 2019 19:11:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P4
Age: 42550
ETag: "5350ce54b7969cfe1e9a0314b25964b6"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99889
X-Amz-Cf-Id: BATtMN1PSJPK9JniHB5teZnp2u8Yn-2X5uTaFZNzcoNWFiDEWaHiMQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
80 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KM8WJ8C3TH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVQSWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ac0ee84eb75b13c8b381c7aa270b13187409f24042cbb002332f3a225481eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82078
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 13:20:09 GMT

GET
H2 200 adsct
t.co/i/ 43 B
377 B 162ms
120ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=ddb325e9-e5bf-485e-9467-c6724cd3301d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f1d95236-e045-4661-9b05-8145e85549dd&tw_document_href=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzzgd&type=javascript&version=2.3.29

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 112
date: Mon, 15 May 2023 13:20:09 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fa7d5750933b0bc3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 9fb6bcc9001a1895a6091cc4b7b359e984be3f6541b0ace3dee4593fef30f670
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 147ms
122ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=ddb325e9-e5bf-485e-9467-c6724cd3301d&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=f1d95236-e045-4661-9b05-8145e85549dd&tw_document_href=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzzgd&type=javascript&version=2.3.29

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 116
date: Mon, 15 May 2023 13:20:09 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 647ff287b9d9ea5e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cc0102578e671d33564ee023c05c15bbf7415cb2943179b989faee5142dbdb15
content-length: 43

OPTIONS
H2 200 tp2
c2.ktxlytics.io/com.snowplowanalytics.snowplow/ 0
0 336ms
108ms Preflight 50.16.67.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.ktxlytics.io/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.67.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-67-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ohiolottery.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://ohiolottery.com
access-control-max-age: 600
content-length: 0
date: Mon, 15 May 2023 13:20:10 GMT
server: nginx

POST
H2 200 tp2 Show response
c2.ktxlytics.io/com.snowplowanalytics.snowplow/ 2 B
335 B 109ms
109ms XHR
text/plain 50.16.67.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.ktxlytics.io/com.snowplowanalytics.snowplow/tp2
Requested by: Host: trackit.ktxlytics.io
URL: https://trackit.ktxlytics.io/ktxevents.v1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.67.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-67-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://ohiolottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://ohiolottery.com
date: Mon, 15 May 2023 13:20:10 GMT
access-control-allow-credentials: true
content-type: text/plain; charset=UTF-8
server: nginx
content-length: 2
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2

200

v1
c2.ktxlytics.io/com.snowplowanalytics.iglu/
Redirect Chain

https://ib.adnxs.com/getuid?https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=3055459&dsp_type=adnxs&p=web&dsp_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc2.ktxlytics.io%2Fcom.snowplowanalytics.iglu%2Fv1%3Fschema%3Diglu%3Aio.kortx%2Fdsp_sync%2Fjsonschema%2F1-0-0%26aid%3D3055459%26dsp_type%3Dadnxs...
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&aid=3055459&dsp_type=adnxs&p=web&dsp_uid=980932942745059626
https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=980932942745059626&aid=3055459&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs

43 B
387 B

110ms
110ms

Image
image/gif

50.16.67.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=980932942745059626&aid=3055459&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
Requested by: Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey
Protocol: H2
Server: 50.16.67.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-67-160.compute-1.amazonaws.com
Software: nginx /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

Redirect headers

date: Mon, 15 May 2023 13:20:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
location: https://c2.ktxlytics.io/com.snowplowanalytics.iglu/v1?dsp_uid=980932942745059626&aid=3055459&n3pc=true&schema=iglu:io.kortx/dsp_sync/jsonschema/1-0-0&p=web&dsp_type=adnxs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 53ms
21ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KM8WJ8C3TH&gtm=45je35a0&_p=1225385008&cid=1814715050.1684156810&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684156809&sct=1&seg=0&dl=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&dt=Club%20Promotions%20%3A%3A%20The%20Ohio%20Lottery&en=page_view&_fv=1&_nsi=1&_ss=1&ep.debug_mode=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM8WJ8C3TH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiolottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 45ms
44ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1225385008&t=pageview&_s=1&dl=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&ul=en-us&de=UTF-8&dt=Club%20Promotions%20%3A%3A%20The%20Ohio%20Lottery&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1702560106&gjid=244510181&cid=1814715050.1684156810&tid=UA-12491689-2&_gid=288549239.1684156810&_r=1&_slc=1&gtm=45He35a0n71NVQSWB&cd1=0&z=1714381089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiolottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiolottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1027683138/ 42 B
455 B 141ms
52ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1027683138/?random=1684156809801&cv=11&fst=1684155600000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&frm=0&tiba=Club%20Promotions%20%3A%3A%20The%20Ohio%20Lottery&fmt=3&is_vtc=1&random=471166155&rmt_tld=0&ipr=y

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1027683138/ 42 B
455 B 134ms
49ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1027683138/?random=1684156809801&cv=11&fst=1684155600000&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&frm=0&tiba=Club%20Promotions%20%3A%3A%20The%20Ohio%20Lottery&fmt=3&is_vtc=1&random=471166155&rmt_tld=1&ipr=y

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ 679 B
710 B 180ms
166ms Script
application/x-javascript 2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7112039884
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Ohio%20Lottery/794433/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 889a472b24e8561447810d15cd5ce405fe26724dbff54e63871600ebbb6625f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 13:20:10 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-function: 153
last-modified: Fri, 17 Feb 2023 18:04:49 GMT
server: cloudflare
x-reuse-index: 45
vary: Accept-Encoding
content-type: application/x-javascript
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: private
cf-ray: 7c7bad3e8ed21e60-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 334
expires: Sun, 13 Aug 2023 13:20:10 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
345 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-12491689-2&cid=1814715050.1684156810&jid=1702560106&gjid=244510181&_gid=288549239.1684156810&_u=YADAAAAAAAAAAC~&z=2141021480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ohiolottery.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 15 May 2023 13:20:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ohiolottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223959365427%22%2C%22th%22%3A7112039884%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22admneM1VBwnqZbV5b35WUfZb1pMlTROOg8%22%2C%22url%22%3A%22ht...
https://a4.tribalfusion.com/ipg?ip6=2a03:1b20:6:f011::2e&kv=%7B%22ord%22%3A%206435210%2C%20%22clientID%22%3A%20794433%7D&redirect=https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b...
https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

HTTP/1.1

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 15 May 2023 13:20:10 GMT
AN-X-Request-Uuid: fa8bde49-87fb-4526-9796-858f7c9dcbaa
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.141; 185.213.155.141; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 13:20:10 GMT
cf-cache-status: DYNAMIC
x-function: 201
server: cloudflare
x-reuse-index: 47
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=305&code=$TF_USER_ID_ENC$
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7c7bad411ea79b74-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370040239761866&ev=Microdata&dl=https%3A%2F%2Fohiolottery.com%2FMyLotto-Rewards%2FClub-Promotions%2FMLR-Club-Member-Survey&rl=&if=false&ts=1684156810183&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtClub%20Promotions%20%3A%3A%20The%20Ohio%20Lottery%5Cn%22%2C%22meta%3Adescription%22%3A%22Welcome%20to%20MyLotto%20Rewards%20Club%20Promotions.%5Cn%22%2C%22meta%3Akeywords%22%3A%22%20club%20promotions%2C%20games%2C%20my%20lotto%20rewards%2C%20ohio%20lottery%2C%20ohio%20lottery%20cash%20explosion%2C%20ohio%20lottery%20games%20%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A1611%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%22logo%22%3A%22%2Fohiolottery%2Fmedia%2Fsite-design%2Flogos%2Flogo-OH-Lottery-119x82.png%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FOrganization%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.104&r=stable&ec=1&o=30&fbp=fb.1.1684156809679.1584795876&it=1684156809586&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: ohiolottery.com
URL: https://ohiolottery.com/MyLotto-Rewards/Club-Promotions/MLR-Club-Member-Survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ohiolottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 15 May 2023 13:20:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

226 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ohiolottery.com/	1970-01-20 20:36:19	Name: CMSPreferredCulture Value: en-US
ohiolottery.com/	1969-12-31 23:59:59	Name: CMSCsrfCookie Value: tX0lOHg/306r3mebW8qCJnOLs69Su7QRfdjTEpsV
ohiolottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: lldhlccd0ynwawq4gdclv021
.ohiolottery.com/	1970-01-20 13:58:52	Name: _fbp Value: fb.1.1684156809679.1584795876
.ohiolottery.com/	1970-01-20 13:58:52	Name: _gcl_au Value: 1.1.1571923247.1684156810
.ohiolottery.com/	1970-01-20 11:49:18	Name: _sp_ses.959e Value: *
.ohiolottery.com/	1970-01-20 21:25:16	Name: _sp_id.959e Value: 79d0f238-071b-4774-ba7f-315766b430c5.1684156810.1.1684156810.1684156810.0ee9bad3-8e89-48c8-bf11-32d356966596
.ohiolottery.com/	1970-01-20 21:25:16	Name: _ga_KM8WJ8C3TH Value: GS1.1.1684156809.1.0.1684156809.0.0.0
.adnxs.com/	1970-01-20 13:58:52	Name: uuid2 Value: 980932942745059626
.ohiolottery.com/	1970-01-20 21:25:16	Name: _ga Value: GA1.2.1814715050.1684156810
.ohiolottery.com/	1970-01-20 11:50:43	Name: _gid Value: GA1.2.288549239.1684156810
.ohiolottery.com/	1970-01-20 11:49:16	Name: _gat_UA-12491689-2 Value: 1
.doubleclick.net/	1970-01-20 11:49:17	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-20 21:25:16	Name: personalization_id Value: "v1_hUyYvnRwOc3P9GqrLkUwUA=="
.t.co/	1970-01-20 21:25:16	Name: muc_ads Value: 176781b5-1d59-4b87-aecc-58f35e62eb8c
.tribalfusion.com/	1970-01-20 13:58:52	Name: ANON_ID Value: ahnrIlm5abwAyuoCUkETsDFdJD2r07fFou85M627vGPlvtvoPbqq54EHhB8PpAQuK3PL2Fj7PAtr
.ktxlytics.io/	1970-01-20 20:34:52	Name: sp Value: f3709425-e179-48c5-9405-662d53d2523f
.adnxs.com/	1970-01-20 13:58:52	Name: anj Value: dTM7k!M4/YE:2jUF']wIg2C%wk^m<c!]tbPl1Mxx([?pkU`mafBG>.lGNd`E=B'@y_am%#o/Z+u(j#iP(Md+>)fy)sq7LQi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a4.tribalfusion.com
ajax.googleapis.com
analytics.twitter.com
c2.ktxlytics.io
click.email-ohiolottery.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
ohiolottery.com
region1.google-analytics.com
s.tribalfusion.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
trackit.ktxlytics.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.18.12.14
104.244.42.67
104.244.42.69
13.111.71.11
146.75.116.157
185.89.210.20
2001:4860:4802:34::36
2606:4700::6812:19ad
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
50.16.67.160
52.222.236.87
72.9.55.134
1d1d3cca7cce487ce3420e7bd63e15a5a982470f450430ef4374d7a945e1e922
20b588b86dac6a605b4baefd6a9d46f2c1ac84dd78a230dfb4b962c3155096f4
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a9493c348bc7c3f939787f82ed5355cf0b860790f18d332fd2c3d964a9123d2
2a98fee143809659894610515788efcb58ef1840d10e8502b4eb0d8dcf518847
32f55c50d21c4372bca6312f7f3667173fdb77c5f72f1ff8754204c6a20b7835
339cf00d7bd0e014b4b15a8afb0e9c4667604aa843cee1d23c6c3b79c0d4830b
380331c066988856258eb137d2a8e7961683e0216b9d2533acbd23cd84565297
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4ac0ee84eb75b13c8b381c7aa270b13187409f24042cbb002332f3a225481eea
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e4925d53ed61232ec2a6cfe07dbbdc11cedb3e4288eca86bffac7fb03357ecb
52a7c04fe3620f5811a864df5924f1bc438904743d694446963fdb3540c52d7d
5669edd3b221f82c626766804db887678c78c575a973d38b098753ec73a42b49
5a2bfafaae624bf22eada3a71ec9be1b9ee03e68fbbd36ac5924b381b96525e7
69d28af2bdb49660acb90a59ee1960163719e1abf398c676bf50577481b9cd4f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cea96aa23127e5be75f72082ed35713470d932b4fd75333d56a4862858e91b9
74a1f189cdd4155c26093e2c47cbbad06b0703cb4f99f41551b53425eb58d169
8351ea3ab750838c2c91015e7122ac3fda4be0f7d34bb10c2ff77e67ded1e169
889a472b24e8561447810d15cd5ce405fe26724dbff54e63871600ebbb6625f5
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
9399906db5c49aab65e360c365ad4c41eb8eb6cf727e61f040da69f0b01ab045
9466ca8a1649184d42934943f6c5dcb7258b7814c92a2270af6a68f52908372f
9f9425c961900c8d8b3b30085c3969eef0c845a11c5be9fad704d160c64a12f5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b079d43af570a828cd338c98f10a2faedfb8d0cc92fde08f7764d080852db33b
ba4abd5671f0a688d7370f7edce099678a509870131afcb845f8db09500e6157
bffd8c7cd4e68ed725b2320d45b030df7c74e514cf41d4b11bc4983b7b07617e
c0a33cf2049758345983331bf6cb15325ed868472d19da9a34786b3333c33dba
c39c84b285eefe91c60eb75632b68a5cd1f3851b1d7f1de9e1da5751558192c7
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdd45f97ab6278844fa00205c13cdf49f47fdba4ce43c9a7b6edd659ea0aa853
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44c3b782978c44af9885b97302632e45ff19d01ecb745e91d21cf597c22cb29
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8244a72deda63eda6ab61ae3073b73154d10c15269ead36d86ac4fc855f879f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

ohiolottery.com Open in urlscan Pro 72.9.55.134 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

96 %HTTPS

59 %IPv6

17 Domains

23 Subdomains

20 IPs

4 Countries

1488 kBTransfer

4072 kBSize

18 Cookies

1 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ohiolottery.com Open in urlscan Pro
72.9.55.134 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

96 %
HTTPS

59 %
IPv6

17
Domains

23
Subdomains

20
IPs

4
Countries

1488 kB
Transfer

4072 kB
Size

18
Cookies

50 HTTP transactions
0 data transactions