www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u15535811.ct.sendgrid.net/ls/click?upn=EXBROI6VUK8lcb2w-2FmY0M8zBR0NAlvZZXpYiFQ3FRO9QofBoFqmUs8Lys-2Fq-2FRSlZgf6YybGarto-2...
Effective URL:
https://www.valottery.com/?NeoDL=TransactionsHistory
Submission: On March 25 via manual (March 25th 2021, 9:29:05 pm UTC) from US

Summary HTTP 197 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 64 IPs in 6 countries across 52 domains to perform 197 HTTP transactions. The main IP is 52.168.86.34, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.valottery.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 14th 2020. Valid for: a year.

This is the only time www.valottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
32 80	52.168.86.34 52.168.86.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:46::19 2620:1ec:46::19	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	8.43.82.17 8.43.82.17	394729 (NPIASN) (NPIASN)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
15	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	13.226.159.89 13.226.159.89	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.66.29 151.101.66.29	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
5	143.204.209.5 143.204.209.5	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:e0:... 2606:4700:e0::ac40:6714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.32.20.11 13.32.20.11	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
1 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	3.124.126.97 3.124.126.97	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:5b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.51.124.53 52.51.124.53	16509 (AMAZON-02) (AMAZON-02)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	143.204.209.99 143.204.209.99	16509 (AMAZON-02) (AMAZON-02)
2	52.207.51.121 52.207.51.121	14618 (AMAZON-AES) (AMAZON-AES)
1	142.0.93.34 142.0.93.34	394396 (LISTRAK-AS1) (LISTRAK-AS1)
2	3.228.237.139 3.228.237.139	14618 (AMAZON-AES) (AMAZON-AES)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
8	151.101.14.29 151.101.14.29	54113 (FASTLY) (FASTLY)
16 22	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
1	2600:1f18:612... 2600:1f18:612b:4216:5e41:f643:f5d9:712d	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	52.58.248.2 52.58.248.2	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.77.165 18.195.77.165	16509 (AMAZON-02) (AMAZON-02)
2	143.204.209.21 143.204.209.21	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	54.208.200.8 54.208.200.8	14618 (AMAZON-AES) (AMAZON-AES)
1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.245.253.34 34.245.253.34	16509 (AMAZON-02) (AMAZON-02)
1 2	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3 5	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	52.202.9.160 52.202.9.160	14618 (AMAZON-AES) (AMAZON-AES)
11	151.101.114.29 151.101.114.29	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:804::2014	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:4... 2600:1901:0:498c::	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:18d::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	35.229.34.229 35.229.34.229	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
3	93.184.220.43 93.184.220.43	15133 (EDGECAST) (EDGECAST)
197	64

1 167.89.118.28 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)

u15535811.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

80 52.168.86.34 (Washington, United States) 32 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::19 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videocdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.43.82.17 (United States)

ASN394729 (NPIASN, US)

gamesrv1.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-89.dus51.r.cloudfront.net

privacy-policy.truste.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.29 (United States)

ASN54113 (FASTLY, US)

livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8930728.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.209.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-5.fra53.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6714 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.20.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-20-11.fra56.r.cloudfront.net

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.126.97 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-126-97.eu-central-1.compute.amazonaws.com

77148.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:5b69 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:d05 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.124.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-124-53.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.209.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-99.fra53.r.cloudfront.net

tag.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.51.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-51-121.compute-1.amazonaws.com

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.0.93.34 (United States)

ASN394396 (LISTRAK-AS1, US)
PTR: services.listrak.com

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.237.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-237-139.compute-1.amazonaws.com

pixel.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.14.29 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.new.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 159.253.128.188 (Amsterdam, Netherlands) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:5e41:f643:f5d9:712d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.248.2 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.77.165 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-21.fra53.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.208.200.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.245.253.34 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.9 (Amsterdam, Netherlands) 1 redirects

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.221.87 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.9.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

analytics.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.114.29 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

api.new.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpe-cdn.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
donations.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2014 (Ireland)

ASN15169 (GOOGLE, US)

producer-api.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:18d::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.229.34.229 (North Charleston, United States)

ASN15169 (GOOGLE, US)

sio-1.livestream.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)

mediacdn.espssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	valottery.com 32 redirects www.valottery.com cdn.valottery.com gamesrv1.valottery.com videocdn.valottery.com	1 MB
25	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	18 KB
22	livestream.com livestream.com cdn.livestream.com api.new.livestream.com vpe-cdn.livestream.com donations.livestream.com img.new.livestream.com sio-1.livestream.com analytics.livestream.com	1 MB
15	gamesrv1.com download.gamesrv1.com	1 MB
9	doubleclick.net 4 redirects 8930728.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	7 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	139 KB
7	foresee.com gateway.foresee.com analytics.foresee.com	87 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	google.de 1 redirects www.google.de adservice.google.de	2 KB
5	google.com 1 redirects www.google.com adservice.google.com	2 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	4 KB
4	facebook.com www.facebook.com	675 B
4	listrakbi.com cdn.listrakbi.com s1.listrakbi.com m1.listrakbi.com	52 KB
4	facebook.net connect.facebook.net	187 KB
4	google-analytics.com www.google-analytics.com	37 KB
4	googletagmanager.com www.googletagmanager.com	217 KB
4	googleapis.com fonts.googleapis.com ajax.googleapis.com	62 KB
3	espssl.com mediacdn.espssl.com	62 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	samba.tv tag.mtrcs.samba.tv pixel.mtrcs.samba.tv	5 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com	80 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	googleadservices.com 1 redirects www.googleadservices.com	15 KB
2	lijit.com 1 redirects ce.lijit.com	968 B
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	974 B
2	exelator.com 1 redirects loadm.exelator.com	3 KB
2	pro-market.net 2 redirects fei.pro-market.net	853 B
2	intentiq.com sync.intentiq.com
2	agkn.com 2 redirects aa.agkn.com d.agkn.com	959 B
2	tapad.com 1 redirects pixel.tapad.com	907 B
2	truste.com privacy-policy.truste.com	1 KB
2	jquery.com code.jquery.com	97 KB
1	twitter.com analytics.twitter.com	653 B
1	licdn.com snap.licdn.com	2 KB
1	mxpnl.com cdn.mxpnl.com	25 KB
1	appspot.com producer-api.appspot.com	372 B
1	rubiconproject.com pixel.rubiconproject.com	775 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	bluekai.com stags.bluekai.com	744 B
1	bfmio.com sync.bfmio.com	421 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	listrak.com services.listrak.com	3 KB
1	adsrvr.org insight.adsrvr.org	261 B
1	media6degrees.com action.media6degrees.com	324 B
1	dstillery.com 1 redirects action.dstillery.com	439 B
1	siteimproveanalytics.io 77148.global.siteimproveanalytics.io	650 B
1	t.co t.co	448 B
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	sendgrid.net 1 redirects u15535811.ct.sendgrid.net	255 B
197	52

	Domain	Requested by
80	www.valottery.com	32 redirects www.valottery.com
22	um.simpli.fi	16 redirects 8930728.fls.doubleclick.net
15	download.gamesrv1.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
8	fonts.gstatic.com	fonts.googleapis.com
6	vpe-cdn.livestream.com	cdn.livestream.com
5	ib.adnxs.com	3 redirects 8930728.fls.doubleclick.net
5	cdn.livestream.com	livestream.com cdn.livestream.com
5	gateway.foresee.com	www.valottery.com gateway.foresee.com
4	api.new.livestream.com	cdn.livestream.com
4	www.facebook.com	www.valottery.com
4	www.google.de	www.valottery.com 8930728.fls.doubleclick.net
4	www.google.com	1 redirects www.valottery.com
4	connect.facebook.net	www.valottery.com connect.facebook.net
4	www.google-analytics.com	www.googletagmanager.com www.valottery.com
4	www.googletagmanager.com	www.valottery.com www.googletagmanager.com livestream.com
3	mediacdn.espssl.com	ajax.googleapis.com www.valottery.com mediacdn.espssl.com
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	8930728.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	maxcdn.bootstrapcdn.com	www.valottery.com maxcdn.bootstrapcdn.com
2	img.new.livestream.com	www.valottery.com
2	px.ads.linkedin.com	1 redirects www.valottery.com
2	analytics.foresee.com	gateway.foresee.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects 8930728.fls.doubleclick.net
2	sync.search.spotxchange.com	1 redirects 8930728.fls.doubleclick.net
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	ce.lijit.com	1 redirects 8930728.fls.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects 8930728.fls.doubleclick.net
2	loadm.exelator.com	1 redirects 8930728.fls.doubleclick.net
2	fei.pro-market.net	2 redirects
2	sync.intentiq.com	8930728.fls.doubleclick.net
2	pixel.tapad.com	1 redirects 8930728.fls.doubleclick.net
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	pixel.mtrcs.samba.tv	tag.mtrcs.samba.tv 8930728.fls.doubleclick.net
2	tag.simpli.fi	8930728.fls.doubleclick.net
2	a.tribalfusion.com	1 redirects 8930728.fls.doubleclick.net
2	cdn.listrakbi.com	www.valottery.com cdn.listrakbi.com
2	livestream.com	www.valottery.com livestream.com
2	privacy-policy.truste.com	www.valottery.com
2	ajax.googleapis.com	www.valottery.com
2	code.jquery.com	www.valottery.com
2	gamesrv1.valottery.com	www.valottery.com gamesrv1.valottery.com
2	cdn.valottery.com	www.valottery.com
2	fonts.googleapis.com	www.valottery.com
1	analytics.livestream.com	cdn.livestream.com
1	m1.listrakbi.com	cdn.listrakbi.com
1	videocdn.valottery.com	www.valottery.com
1	analytics.twitter.com	static.ads-twitter.com
1	sio-1.livestream.com	cdn.livestream.com
1	donations.livestream.com	cdn.livestream.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	www.googletagmanager.com
1	cdn.mxpnl.com	cdn.livestream.com
1	producer-api.appspot.com	cdn.livestream.com
1	www.gstatic.com	cdn.livestream.com
1	pixel.rubiconproject.com	8930728.fls.doubleclick.net
1	idsync.rlcdn.com	8930728.fls.doubleclick.net
1	stags.bluekai.com	8930728.fls.doubleclick.net
1	sync.bfmio.com	8930728.fls.doubleclick.net
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	8930728.fls.doubleclick.net
1	i.simpli.fi	tag.simpli.fi
1	services.listrak.com	cdn.listrakbi.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	tag.mtrcs.samba.tv	8930728.fls.doubleclick.net
1	insight.adsrvr.org	8930728.fls.doubleclick.net
1	action.media6degrees.com	8930728.fls.doubleclick.net
1	action.dstillery.com	1 redirects
1	adservice.google.de	1 redirects
1	adservice.google.com	8930728.fls.doubleclick.net
1	77148.global.siteimproveanalytics.io	www.valottery.com
1	t.co	www.valottery.com
1	extend.vimeocdn.com	www.valottery.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	siteimproveanalytics.com	www.valottery.com
1	static.ads-twitter.com	www.valottery.com
1	u15535811.ct.sendgrid.net	1 redirects
197	78

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
privacy.truste.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.valottery.com DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-10-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
cdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-03` - `2022-01-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.valottery.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-02-21`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-09-30` - `2021-10-31`	a year	crt.sh
*.truste.com Amazon	`2021-02-16` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
livestream.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-05-04` - `2021-05-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
foresee.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.listrakbi.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-25` - `2022-03-26`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
dstillery.com COMODO RSA Domain Validation Secure Server CA	`2018-01-18` - `2021-04-17`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.samba.tv Amazon	`2020-07-10` - `2021-08-10`	a year	crt.sh
*.listrak.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-02` - `2022-03-24`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2020-04-10` - `2021-05-10`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
*.bfmio.com Amazon	`2020-06-14` - `2021-07-14`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-03-24` - `2022-03-30`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.foresee.com Go Daddy Secure Certificate Authority - G2	`2020-08-03` - `2022-09-21`	2 years	crt.sh
*.appspot.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.mxpnl.com RapidSSL RSA CA 2018	`2019-07-29` - `2021-07-28`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
*.livestream.com DigiCert SHA2 Secure Server CA	`2020-05-26` - `2022-08-18`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
s3.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-10-30` - `2021-11-30`	a year	crt.sh
videocdn.valottery.com DigiCert SHA2 Secure Server CA	`2020-11-02` - `2021-11-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.valottery.com/?NeoDL=TransactionsHistory
Frame ID: 0CC8165EAA2FB7D58F6C580957404CEB
Requests: 119 HTTP requests in this frame

Frame: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
Frame ID: C7FD6C667F253F4FB71ACFDDA2522392
Requests: 40 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Frame ID: AB04BCBA4F538CDB42566C0A8BB93336
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Frame ID: 6ED426318CEB5F54BE7C0793A67BA6B6
Requests: 1 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Frame ID: 7931BD4DEA4D4143BF58AF118B26B175
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://u15535811.ct.sendgrid.net/ls/click?upn=EXBROI6VUK8lcb2w-2FmY0M8zBR0NAlvZZXpYiFQ3FRO9QofBoFqmUs8Lys-2Fq... HTTP 302
https://www.valottery.com/?NeoDL=TransactionsHistory Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

197
Requests

99 %
HTTPS

39 %
IPv6

52
Domains

78
Subdomains

64
IPs

6
Countries

4541 kB
Transfer

12406 kB
Size

17
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/valottery

Search URL Search Domain Scan URL

URL: https://twitter.com/VirginiaLottery

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VirginiaLottery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/virginia-lottery

Search URL Search Domain Scan URL

URL: https://www.instagram.com/virginialottery/

Search URL Search Domain Scan URL

URL: https://privacy.truste.com/privacy-seal/Virginia-Lottery/validation?rid=ebe5b654-0b61-4047-b725-0f61575ab2f9

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/virginia-lottery-official-app/id1409781643?ls=1&version=App-Version-3.0.7&mt=8
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.va.lottery&version=App-Version-4.0.0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u15535811.ct.sendgrid.net/ls/click?upn=EXBROI6VUK8lcb2w-2FmY0M8zBR0NAlvZZXpYiFQ3FRO9QofBoFqmUs8Lys-2Fq-2FRSlZgf6YybGarto-2FDPhzwiHTbw-3D-3DJPCc_D-2BnWo0iBiP8CpJ8jdQ836kjGmSYcq2UFIjTOeCcdy8AS14NvHi65Bfkxw-2B7M3DzsAMYHYxGD4ABEnDJhbffXwG8EIwsS4HoG8LiML93719xSOlYUg2oLsy-2BQau-2FdHzlixsZCK137grMRwWirPwLGwPVtwNT4YWnUlSK9FDVub8OkhO71tG-2BUrM58E4BnzfidqfSGyGYM4WngXvAF1yEymfu3kQ92tbnSUkV7l2WXleY-3D HTTP 302
https://www.valottery.com/?NeoDL=TransactionsHistory Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184

Request Chain 15

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/PowerBall_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/powerball_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA

Request Chain 16

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A

Request Chain 17

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C

Request Chain 18

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D

Request Chain 19

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0

Request Chain 20

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE

Request Chain 21

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0

Request Chain 22

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F

Request Chain 23

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A HTTP 307
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A

Request Chain 24

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420 HTTP 307
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420

Request Chain 25

https://www.valottery.com/-/media/VAL/Images/Logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354 HTTP 307
https://www.valottery.com/-/media/val/images/logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354

Request Chain 26

https://www.valottery.com/-/media/VAL/Images/Logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F HTTP 307
https://www.valottery.com/-/media/val/images/logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F

Request Chain 27

https://www.valottery.com/-/media/VAL/Images/Promos/Bracket-Buster/bubblepromo_BBuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB HTTP 307
https://www.valottery.com/-/media/val/images/promos/bracket-buster/bubblepromo_bbuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB

Request Chain 28

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9 HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9

Request Chain 29

https://www.valottery.com/-/media/VAL/Images/Promos/Commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C HTTP 307
https://www.valottery.com/-/media/val/images/promos/commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C

Request Chain 30

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/WA_GemStacks_circlePatriciaW10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/wa_gemstacks_circlepatriciaw10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B

Request Chain 45

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1

Request Chain 46

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3

Request Chain 47

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469

Request Chain 48

https://www.valottery.com/-/media/VAL/Images/Promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC HTTP 307
https://www.valottery.com/-/media/val/images/promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC

Request Chain 49

https://www.valottery.com/-/media/VAL/Images/Promos/Wheel-of-Fortune/blockpromo_Omnichannel_WoF_instantGame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D HTTP 307
https://www.valottery.com/-/media/val/images/promos/wheel-of-fortune/blockpromo_omnichannel_wof_instantgame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D

Request Chain 52

https://www.valottery.com/-/media/VAL/Images/Promos/Commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627 HTTP 307
https://www.valottery.com/-/media/val/images/promos/commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627

Request Chain 53

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B

Request Chain 54

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE

Request Chain 55

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59

Request Chain 56

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F

Request Chain 57

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9

Request Chain 60

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C& HTTP 307
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Request Chain 61

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx HTTP 307
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Request Chain 70

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx HTTP 307
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Request Chain 75

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory HTTP 302
https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Request Chain 88

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/hero_swapImageDesktop_cashbuster.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_cashbuster.ashx

Request Chain 103

https://adservice.google.de/ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory HTTP 302
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Request Chain 105

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

Request Chain 121

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=0403778BFF0246F087BC22782A5891EF

Request Chain 122

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF

Request Chain 123

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=0403778BFF0246F087BC22782A5891EF HTTP 302
https://d.agkn.com/pixel/10751/?che=1616707723&ip=185.156.175.187&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164970603736001526250 HTTP 302
https://um.simpli.fi/aa_px?sk=164970603736001526250

Request Chain 125

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0403778BFF0246F087BC22782A5891EF

Request Chain 128

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=0403778BFF0246F087BC22782A5891EF;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=0403778BFF0246F087BC22782A5891EF;mimetype=img;sr HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2018587320958956381

Request Chain 129

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0&xl8blockcheck=1

Request Chain 131

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=0403778BFF0246F087BC22782A5891EF

Request Chain 132

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=0403778BFF0246F087BC22782A5891EF

Request Chain 133

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF

Request Chain 134

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF&dnr=1

Request Chain 135

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=0403778BFF0246F087BC22782A5891EF

Request Chain 136

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1616707723548&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iwBdYPjnKpj57gOXga3IBg&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=iwBdYPjnKpj57gOXga3IBg&cid=CAQSKQCNIrLM_uP4vSDE4s0H5ssCxMwc3Wsy1zYEWLX71JrByIpW5yqMgEiH&random=1367763332 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=iwBdYPjnKpj57gOXga3IBg&cid=CAQSKQCNIrLM_uP4vSDE4s0H5ssCxMwc3Wsy1zYEWLX71JrByIpW5yqMgEiH&random=1367763332&ipr=y

Request Chain 137

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF&__user_check__=1&sync_id=153a0eac-8db1-11eb-b4d0-1f0541441f06

Request Chain 138

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=0403778BFF0246F087BC22782A5891EF HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0403778BFF0246F087BC22782A5891EF

Request Chain 139

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0403778BFF0246F087BC22782A5891EF&expires=365

Request Chain 140

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0403778BFF0246F087BC22782A5891EF HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0403778BFF0246F087BC22782A5891EF

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEFIjoudY-Ya_CjA2rYWF2ck&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0403778BFF0246F087BC22782A5891EF HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 145

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223706711333%22%2C%22th%22%3A8645007496%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aUmneM2qvh3teq5PJZdnUfJTrr7QWEuaF%22%2C%22url%22%3A%22https%3A%2F%2Fadservice.google.com%2F%22%2C%22clientName%22%3A%22Virginia%2520Lottery%22%2C%22clientID%22%3A769933%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22VALotto%22%7D HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%2524TF_USER_ID_ENC%2524 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=1296013630784016530&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662208621781075

Request Chain 163

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7516%26time%3D1616707723991%26url%3Dhttps%253A%252F%252Fwww.valottery.com%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F&liSync=true

197 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.valottery.com/
Redirect Chain

https://u15535811.ct.sendgrid.net/ls/click?upn=EXBROI6VUK8lcb2w-2FmY0M8zBR0NAlvZZXpYiFQ3FRO9QofBoFqmUs8Lys-2Fq-2FRSlZgf6YybGarto-2FDPhzwiHTbw-3D-3DJPCc_D-2BnWo0iBiP8CpJ8jdQ836kjGmSYcq2UFIjTOeCcdy8A...
https://www.valottery.com/?NeoDL=TransactionsHistory

161 KB
31 KB

579ms
344ms

Document
text/html

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52facaf7f8dfc970481b1cc15af9bb89a42c6b9053be78a6ac30cf537d133cd0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.valottery.com
:scheme: https
:path: /?NeoDL=TransactionsHistory
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server
set-cookie: ASP.NET_SessionId=ccfsopxpecwixgkldscry415; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=f6145fd060bc43cfbf4e5cca19451eab|False; expires=Sun, 23-Mar-2031 21:28:41 GMT; path=/; secure; HttpOnly ShowVALAlert=winningNumbers; expires=Tue, 25-Mar-2121 21:28:41 GMT; path=/; secure; HttpOnly ValInterstitialPopup={"VisitCount":null,"LastModified":null,"NextShowDate":"\/Date(1617312521335)\/"}; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Thu, 25 Mar 2021 21:28:41 GMT
content-length: 31355

Redirect headers

Server: nginx
Date: Thu, 25 Mar 2021 21:28:40 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 75
Connection: keep-alive
Location: https://www.valottery.com/?NeoDL=TransactionsHistory
X-Robots-Tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 4 KB
749 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 21:28:41 GMT
server: ESF
date: Thu, 25 Mar 2021 21:28:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Mar 2021 21:28:41 GMT

GET
H2 200 bootstrap.min.css
www.valottery.com/dist/vendor/bootstrap/css/ 119 KB
19 KB 121ms
118ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 19689
x-xss-protection: 1; mode=block
last-modified: Mon, 16 Mar 2020 17:23:17 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "8070b894b7fbd51:0"
accept-ranges: bytes

GET
H2 200 bootstrap-datepicker.standalone.min.css
www.valottery.com/dist/vendor/bootstrap-datepicker/css/ 16 KB
2 KB 178ms
176ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 2214
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "80e04db9a2c0d31:0"
accept-ranges: bytes

GET
H2 200 video-js.min.css
www.valottery.com/dist/vendor/videojs/ 45 KB
13 KB 177ms
175ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/videojs/video-js.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 13687
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "80e04db9a2c0d31:0"
accept-ranges: bytes

GET
H2 200 styles.bundle.css
cdn.valottery.com/css/ 387 KB
30 KB 113ms
12ms Stylesheet
text/css 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/css/styles.bundle.css?cachebuster=20210218
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 12196ed736752b2acaf8b371eb8cf9477a75c987e2da53c096a87f305d761edd

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 25 Mar 2021 21:28:40 GMT
content-encoding: br
last-modified: Thu, 18 Feb 2021 16:18:44 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: tSfNmpRXs5by6h2UoqknSA==
etag: 0x8D8D428DCE9242A
x-azure-ref: 0iQBdYAAAAAADX00OZ0aoRa3nJgPBZjoDRlJBRURHRTEwMjEANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
x-cache: TCP_HIT
content-type: text/css
x-ms-request-id: d4ceacae-801e-0071-7f42-2048eb000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0iwlcYAAAAAAO1j+vReuWR5B4MSk1Xk8qTE9OMjFFREdFMTUwOQA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 15ms
13ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 1303269
cdn-cachedat: 2021-03-10 20:26:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090ce330e000004ee054822000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d51e4acffbb0c715197a27b396f5e31f
cf-ray: 635b3afb0fbd4ee0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 common.css
www.valottery.com/neo/web/_webportal/css/ 1 KB
748 B 179ms
176ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/common.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 662
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "a748f4b3911d31:0"
accept-ranges: bytes

GET
H2 200 top-bar.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 179ms
177ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/top-bar.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 968
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "e7bf5b3911d31:0"
accept-ranges: bytes

GET
H2 200 cart-preview.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 180ms
178ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/cart-preview.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 986
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "2bcbf7b3911d31:0"
accept-ranges: bytes

GET
H2 200 instant-game.css
www.valottery.com/neo/web/_webportal/css/ 3 KB
985 B 179ms
177ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/instant-game.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 898
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Jun 2020 19:28:43 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800
etag: "80a7f07f4b4ed61:0"
accept-ranges: bytes

GET
H2 200 webportal.js Show response
www.valottery.com/neo/web/_webportal/ 20 KB
4 KB 181ms
179ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/webportal.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 4386
x-xss-protection: 1; mode=block
last-modified: Sun, 09 Aug 2020 12:28:23 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
etag: "80cd9592486ed61:0"
accept-ranges: bytes

GET
H/1.1 200
OK mwc-app.js Show response
gamesrv1.valottery.com/MWC/ 60 KB
17 KB 644ms
114ms Script
application/javascript 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/MWC/mwc-app.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

09cf415340db0fd01d8494cd4fdfb3112d9a5f03c71e5f8b006705e489e6d0fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 09:21:25 GMT
X-Powered-By: ASP.NET
ETag: "80981fbe8e15d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Thu, 25 Mar 2021 21:28:58 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 17051

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 32ms
15ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://www.valottery.com
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:41 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1616707721.dop131.fr8.t,1616707721.cds230.fr8.hn,1616707721.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 37ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Origin: https://www.valottery.com
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:41 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1616707721.dop131.fr8.t,1616707721.cds230.fr8.hn,1616707721.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184

7 KB
7 KB

124ms
124ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c516679fcb3a9f88a395a8fee86d0425a22505fba8e57a86476743effb930286

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:24 GMT
server
date: Thu, 25 Mar 2021 21:28:41 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7383
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=02EE0A0BB75C2C0E7E574E5ED397308B95B04184
date: Thu, 25 Mar 2021 21:28:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

powerball_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/PowerBall_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA
https://www.valottery.com/-/media/val/images/winning-numbers/powerball_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA

4 KB
5 KB

121ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/powerball_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

259c48ef6d9672952fa6c2bc3fc55d6559d77e28ef9742159f1f19fe9c717ba8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 21:16:41 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="PowerBall_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4492
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/powerball_sm.ashx?h=40&w=150&la=en&hash=0A5671BC1382621F8E403AFA7A86CB13B44E1CFA
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

cash4life_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A

2 KB
2 KB

125ms
123ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:24 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Cash4Life_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1625
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=79BDCAC30F98708A31055E50049255DEA7F8C73A
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

pick3_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C
https://www.valottery.com/-/media/val/images/winning-numbers/pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C

3 KB
3 KB

130ms
128ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cceddcf8b92013480664feb279c929f04691e1d00b40d6f94ac914cb275552d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:25 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Pick3_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2750
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/pick3_sm.ashx?h=39&w=113&la=en&hash=95FD1D36DBF66638A81D8A75FDAD4EDB800EED8C
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 272
x-xss-protection: 1; mode=block

GET
H2

200

pick4_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D
https://www.valottery.com/-/media/val/images/winning-numbers/pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D

3 KB
3 KB

123ms
121ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

be4e957b6ddb5a166a0d86ca07493e17d0dfb1c9a8d0d05e9f3c224ac30426b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:25 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Pick4_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2991
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/pick4_sm.ashx?h=43&w=112&la=en&hash=3F1A0F6FAB6CE0F5D3F9E802F81590BB9D67449D
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 272
x-xss-protection: 1; mode=block

GET
H2

200

logo-numberscards_c5-ezmatch.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0

9 KB
9 KB

153ms
152ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:47 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo-numbersCards_C5-EZMatch.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9088
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=3F713D708C00F2F055CECD27B0FAC0CBA3E5CDB0
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 292
x-xss-protection: 1; mode=block

GET
H2

200

bankamillion_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE

11 KB
12 KB

127ms
126ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:23 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BankAMillion_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11716
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=56C821870CE533CB8BE7842E08ABC14D5D6A1CDE
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_rollingjackpot_winningnumbers.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0

9 KB
9 KB

129ms
127ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 26 May 2019 08:51:06 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_rollingjackpot_winningnumbers.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9574
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=9E676DE79BEE78F660CAEEF0ED7A274F827998A0
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 298
x-xss-protection: 1; mode=block

GET
H2

200

logo_keno_winningnumbers_midpage.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F

4 KB
4 KB

132ms
131ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 05:19:23 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_keno_winningNumbers_midPage.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3787
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=6F0D1E09436AC3972B5C1984C890E69304951D7F
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 296
x-xss-protection: 1; mode=block

GET
H2

200

enter-tickets.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A

321 B
418 B

130ms
128ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:31 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="enter tickets.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 321
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=87213C90AC2FDE1C6B6A3C2587A0DF557778DA4A
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

online-play.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420

292 B
388 B

130ms
129ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:14 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="online-play.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 292
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=6F8D16BEB316A3E379CD7C9B51D71BF7CBEE3420
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 265
x-xss-protection: 1; mode=block

GET
H2

200

headerlogo_virginialottery.ashx
www.valottery.com/-/media/val/images/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354
https://www.valottery.com/-/media/val/images/logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354

9 KB
9 KB

131ms
129ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1f18cfe43ece49f809e1dd07dd778c73afcc751ed427af008a9920f5a4638ea2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 19 Mar 2020 20:31:41 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="headerlogo_virginialottery.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9324
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/logo/headerlogo_virginialottery.ashx?h=60&w=226&la=en&hash=19835272C59C5671E1D5DB21708CA8A91529C354
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

val-footer-logo.ashx
www.valottery.com/-/media/val/images/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F
https://www.valottery.com/-/media/val/images/logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F

9 KB
9 KB

134ms
132ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f582d213e3668de85436bc63703b309e517be4e128ac37b71d66e85ac13690e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 14 Aug 2017 16:27:04 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="val-footer-logo.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8837
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/logo/val-footer-logo.ashx?h=60&w=67&la=en&hash=B9CD80027233F64DFBBF3982ACAFC6252149406F
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_bbuster.ashx
www.valottery.com/-/media/val/images/promos/bracket-buster/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Bracket-Buster/bubblepromo_BBuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB
https://www.valottery.com/-/media/val/images/promos/bracket-buster/bubblepromo_bbuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB

13 KB
13 KB

223ms
222ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/bracket-buster/bubblepromo_bbuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b4c09c116fe1d216042a62bff413bececf0f3e543946f39dd3031a78d212e560

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 14 Mar 2021 10:46:53 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_BBuster.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 13352
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/bracket-buster/bubblepromo_bbuster.ashx?h=234&w=234&la=en&hash=C0EFF1CF5F96CFE8778AC9C58A1F639CF01A68BB
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 290
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_kingofclubs.ashx
www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9

23 KB
24 KB

147ms
146ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

435cb1b0a1075c641d772b187ec9d653995906ee7bc0c4dd7148de6cca8d631f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 24 Feb 2021 20:10:44 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_kingofclubs.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 23936
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_kingofclubs.ashx?h=234&w=234&la=en&hash=C1B2407D4A96FC1879FE8F23FB6BA9D1818644F9
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 307
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_commonwealth.ashx
www.valottery.com/-/media/val/images/promos/commonwealth/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C
https://www.valottery.com/-/media/val/images/promos/commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C

27 KB
27 KB

136ms
135ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

753f3c275202353ddc29edeab80489c1491d7a1ea303bb10b72a93cba06cbfd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 14:22:14 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_commonwealth.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 27818
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/commonwealth/bubblepromo_commonwealth.ashx?h=234&w=234&la=en&hash=30E1A7207F4C3D1EA2C3915B01D376803364307C
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 293
x-xss-protection: 1; mode=block

GET
H2

200

wa_gemstacks_circlepatriciaw10k_2.ashx
www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/WA_GemStacks_circlePatriciaW10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/wa_gemstacks_circlepatriciaw10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B

46 KB
46 KB

154ms
153ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/wa_gemstacks_circlepatriciaw10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3aece0dbed8ad5463679528ee8a033c21651d559c327783b3e7d6b01ecd557c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 17:39:57 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="WA_GemStacks_circlePatriciaW10k_2.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 47021
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/wa_gemstacks_circlepatriciaw10k_2.ashx?h=234&w=234&la=en&hash=DCB6483FF8B7AA59CFFF72883CE928EB0D58F34B
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 317
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3209_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3209/ 30 KB
30 KB 170ms
65ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3209/290x192_3209_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9B) / ASP.NET
Resource Hash: e8d4d9a850ad7a7c5bf013a0b0daf9e687c3b4b972aa506b832e5362b3198b9d

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
etag: "fccf35752714d71:0"
last-modified: Mon, 08 Mar 2021 14:29:33 GMT
server: ECAcc (mil/6C9B)
age: 235425
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 30919

GET
H2 200 ilottery_gamecard_flag_new.png
www.valottery.com/images/ilottery/ 3 KB
3 KB 124ms
117ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_new.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 20 May 2020 02:08:34 GMT
server
etag: "5e7a58914b2ed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3243
x-xss-protection: 1; mode=block

GET
H2 200 290x192_1129_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1129/ 25 KB
26 KB 743ms
638ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1129/290x192_1129_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CCF) / ASP.NET
Resource Hash: d58fc734e483788593be0598ca2a4ffbf31d3aba7433e140b6d80c8070a5b9e3

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
etag: "458c857d7dd71:0"
last-modified: Sun, 28 Feb 2021 13:38:42 GMT
server: ECAcc (mil/6CCF)
age: 143583
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 26108

GET
H2 200 290x192_1787_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/ 91 KB
91 KB 727ms
622ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/290x192_1787_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C65) / ASP.NET
Resource Hash: 7cf6c891a0f1da250e9064b3e65550cd644fc674609ad52d3845ac8b9d634023

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
etag: "a1b804763b1d61:0"
last-modified: Mon, 02 Nov 2020 21:58:21 GMT
server: ECAcc (mil/6C65)
age: 186703
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 93116

GET
H2 200 ilottery_gamecard_flag_featured.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 125ms
119ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_featured.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 14:49:15 GMT
server
etag: "35e1817ea7b6d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5036
x-xss-protection: 1; mode=block

GET
H2 200 290x192_1790_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1790/ 131 KB
131 KB 178ms
73ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1790/290x192_1790_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C85) / ASP.NET
Resource Hash: 0d4a3423e4be6f7c3a8b876b9fb41912206194953ea208a2bb98c75bb3351882

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
etag: "d9cce9a1ec7d61:0"
last-modified: Mon, 30 Nov 2020 13:42:11 GMT
server: ECAcc (mil/6C85)
age: 39521
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 134017

GET
H2 200 ilottery_gamecard_flag_progressive.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 121ms
116ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_progressive.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 19:31:06 GMT
server
etag: "19244786aabed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4904
x-xss-protection: 1; mode=block

GET
H2 200 290x192_1123_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1123/ 56 KB
56 KB 137ms
33ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1123/290x192_1123_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C35) / ASP.NET
Resource Hash: 6ab464d03d1de4fc9df7142654844408f767c68dd5f68dde635069a177bd174c

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
etag: "4cb9431639f3d61:0"
last-modified: Mon, 25 Jan 2021 16:42:36 GMT
server: ECAcc (mil/6C35)
age: 47342
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 57305

GET
H2 200 ilottery_gamecard_flag_popular.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 128ms
122ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_popular.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 16:21:32 GMT
server
etag: "80cbf83934b1d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4975
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3207_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3207/ 46 KB
47 KB 759ms
655ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3207/290x192_3207_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C0A) / ASP.NET
Resource Hash: 028f973840c87e73d146ae50119c91d7a2caa7134dc403b7c613118e4fa8f063

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
etag: "d2cbfc3359dfd61:0"
last-modified: Thu, 31 Dec 2020 09:42:07 GMT
server: ECAcc (mil/6C0A)
age: 127752
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 47509

GET
H2 200 290x192_431_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/431/ 24 KB
24 KB 658ms
658ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/431/290x192_431_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CB2) / ASP.NET
Resource Hash: a23105b88d1b6b04bfc5f3a05ab24ce40b7dd0394a3668c3158e0cc89af578e2

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
etag: "711d4b169add61:0"
last-modified: Wed, 28 Oct 2020 20:34:12 GMT
server: ECAcc (mil/6CB2)
age: 185788
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 24104

GET
H2 200 290x192_575_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/575/ 59 KB
59 KB 635ms
635ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/575/290x192_575_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C6E) / ASP.NET
Resource Hash: cd4339f783f4ec124df4ab6215be7518cba5d8c520a30bc6c992950c1ea11b25

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
etag: "b9834666d9d71:0"
last-modified: Mon, 22 Feb 2021 11:25:18 GMT
server: ECAcc (mil/6C6E)
age: 227404
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 60271

GET
H2 200 val-footer-logo.png
www.valottery.com/images/ilottery/ 9 KB
9 KB 130ms
125ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/val-footer-logo.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f582d213e3668de85436bc63703b309e517be4e128ac37b71d66e85ac13690e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 13:32:58 GMT
server
etag: "82518cf6249d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8837
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 10:35:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39167
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 10:35:54 GMT

GET
H2

200

icon_winningnumbers_balls.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1

2 KB
2 KB

138ms
138ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 22 Jan 2020 14:43:31 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="icon_winningNumbers_balls.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2187
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=DF214D69A8E82C45D6AB376D6C763D0957DBE4E1
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 288
x-xss-protection: 1; mode=block

GET
H2

200

random-number-generator-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3

3 KB
3 KB

231ms
230ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:49:16 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="random-number-generator-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3356
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=FE1F89D67CDDD003EB758FD4D4728DFA7C17BBC3
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 290
x-xss-protection: 1; mode=block

GET
H2

200

find-a-retailer-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469

2 KB
2 KB

230ms
230ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:45:17 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="find-a-retailer-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2126
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=790420BA5FC78F1AAEBC568755340FA0FDD33469
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 282
x-xss-protection: 1; mode=block

GET
H2

200

promoblock_playresponsibly.ashx
www.valottery.com/-/media/val/images/promos/play_responsibly/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC
https://www.valottery.com/-/media/val/images/promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC

44 KB
44 KB

222ms
222ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4405710da0f4c59bfe863a014cb45b6e915376a384b3f2316ccd3b5e8cb173a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 01 Mar 2019 15:17:27 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="promoblock_playresponsibly.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 45056
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/play_responsibly/promoblock_playresponsibly.ashx?la=en&hash=8B09CC387F16B33D259BAF940253AE727297F6FC
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

blockpromo_omnichannel_wof_instantgame.ashx
www.valottery.com/-/media/val/images/promos/wheel-of-fortune/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Wheel-of-Fortune/blockpromo_Omnichannel_WoF_instantGame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D
https://www.valottery.com/-/media/val/images/promos/wheel-of-fortune/blockpromo_omnichannel_wof_instantgame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D

36 KB
37 KB

227ms
227ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/wheel-of-fortune/blockpromo_omnichannel_wof_instantgame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f170e1d106c9e46966e9d574c3fe27fbf29b51780a5029dee29a341eceab2d29

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 25 Jan 2021 19:31:16 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="blockpromo_Omnichannel_WoF_instantGame.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 37267
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/wheel-of-fortune/blockpromo_omnichannel_wof_instantgame.ashx?la=en&hash=82AD6CDD4BF2B4377F0B26EC59A300FFF1515D6D
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 291
x-xss-protection: 1; mode=block

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 14:47:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24086
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Mar 2022 14:47:15 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/ 39 KB
10 KB 15ms
14ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617
age: 1303266
cdn-cachedat: 2021-03-10 20:26:30
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090ce331e100004ee077b50000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6e34f02a2994465fe84fd6ab2dd57127
cf-ray: 635b3afc9b7f4ee0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2

200

interstitial_commonwealth.ashx
www.valottery.com/-/media/val/images/promos/commonwealth/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627
https://www.valottery.com/-/media/val/images/promos/commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627

78 KB
78 KB

214ms
214ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1add3759149ea62ce152fafb1301a7d9eb72d7adf2ac03481761d9f5a2e328a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 14:36:43 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="interstitial_commonwealth.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 79790
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/commonwealth/interstitial_commonwealth.ashx?la=en&hash=1DB6921FAF4B76565A87FBA2FBAE887E8160D627
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 274
x-xss-protection: 1; mode=block

GET
H2

200

facebook.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B

3 KB
3 KB

225ms
224ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:11 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="facebook.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2935
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=8054D7D5D83533371FB33A9C4F82FBFBB3BD8D3B
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 268
x-xss-protection: 1; mode=block

GET
H2

200

twitter.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE

3 KB
3 KB

224ms
224ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:00 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="twitter.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3034
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=25C6CA5DBBE434565DE3EEA122ACE571CB2B6CEE
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

youtube.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59

3 KB
3 KB

225ms
225ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:50 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="youtube.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2927
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=626FED461B4E3528A9AC8272B817916A232FDC59
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

linkedin_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F

240 B
339 B

225ms
224ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2017 16:40:16 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="linkedin_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=01B979C40D19D227804C97E9107D29920E536C1F
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

instagram_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9

341 B
441 B

227ms
227ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:36 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="instagram_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 341
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=28F68D30E3643B304219159A4A2B00D30353F3C9
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK asc Show response
privacy-policy.truste.com/privacy-seal/Virginia-Lottery/ 17 B
599 B 94ms
37ms Script
text/plain 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-policy.truste.com/privacy-seal/Virginia-Lottery/asc?rid=beafa9ae-c94a-4265-9e21-f5e7e79f2468

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-89.dus51.r.cloudfront.net

Software

TXS /

Resource Hash

af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 03:54:51 GMT
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Server: TXS
Age: 63230
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-Cache: Hit from cloudfront
Content-Type: text/plain;charset=ISO-8859-1
Cache-Control: max-age=0
X-Amz-Cf-Pop: DUS51-C1
Content-Length: 17
X-Xss-Protection: 1; mode=block, 1; mode=block
X-Amz-Cf-Id: V5OgcJbSWg_oG7FEW03QuGMf4HtvAGjcOb9ZsT-kc6i2xtnSAAnsvg==
Connection: keep-alive

GET
H/1.1 200
OK seal
privacy-policy.truste.com/privacy-seal/Virginia-Lottery/ 161 B
775 B 32ms
28ms Image
image/png 13.226.159.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://privacy-policy.truste.com/privacy-seal/Virginia-Lottery/seal?rid=ebe5b654-0b61-4047-b725-0f61575ab2f9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-89.dus51.r.cloudfront.net

Software

TXS /

Resource Hash

38118fa99879ff7473b4b7a8d1d004f62cb43d0a27b9b768bbf3c198bdde827d

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 05:56:14 GMT
Via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff, nosniff
Age: 55948
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 161
X-Xss-Protection: 1; mode=block, 1; mode=block
Server: TXS
ETag: W/"161-1594834152000"
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=0
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: hggGlb3coSUEA3IJ_x70Svla-qDrexT3348k8I12-FVBh6C8T8-kDw==

GET
H2

200

53d8198ebdfc429a8260c2f200fe4fe7.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

3 KB
3 KB

223ms
223ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2019 15:32:43 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="apple_app.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2602
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 255
x-xss-protection: 1; mode=block

GET
H2

200

c646eb7c858a499db091d338bb81a3f3.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

4 KB
4 KB

223ms
223ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 12:43:52 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="google-play-badge.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3795
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 app.bundle.js Show response
cdn.valottery.com/jscript/ 1 MB
238 KB 12ms
11ms Script
application/javascript 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20201110
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: de1f43d574a7dfe335b3b4c21cba058f3af9f4d839a9951c267ecdfe19b7803a

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 25 Mar 2021 21:28:41 GMT
content-encoding: br
last-modified: Tue, 10 Nov 2020 21:02:55 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: grAe5cG9N8z7c0XyGHHV6w==
etag: 0x8D885BBFEE74959
x-azure-ref: 0iQBdYAAAAABoQJ6olpcXTIQZlPfFZ9+iRlJBRURHRTEwMjEANTg0MDRlNmQtZTViOS00ZDljLWEwYmYtMDE0NTJmMTVmNzc0
x-cache: TCP_HIT
content-type: application/javascript
x-ms-request-id: c464209e-101e-005d-162f-1fcad6000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0eEVbYAAAAAAGdjOTzqkdR7dO/kMMB62vTE9OMjFFREdFMTUxMwA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=

GET
H2 200 pulltorefresh.js Show response
www.valottery.com/assets/ 10 KB
3 KB 114ms
114ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/assets/pulltorefresh.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 2652
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Apr 2020 16:56:35 GMT
server
x-frame-options: SAMEORIGIN
date: Thu, 25 Mar 2021 21:28:41 GMT
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800
etag: "80a3b9d0fd17d61:0"
accept-ranges: bytes

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 10 KB
5 KB 154ms
154ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&CurrencyCode=USD&IUA=neow&LNG=ENU&IP=&UniqueDeviceId=10d28005-7311-4b7e-99a0-449561b5ec5d&cm=PLI&rst=j&uniqueNoCache=1616707722312

Requested by

Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

ceff83b0e22fbab9c93d45ebfa86ac23c201468cb77af2229286f2176a2749c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 4354
Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:59 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
45 KB 34ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3ad195f6f5632e69bab5da901092f41748eb1fa3f873cf1ad69143b83809122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45784
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 21:28:42 GMT

GET
H2 200 player Show response
livestream.com/accounts/4608323/events/5051567/ Frame C7FD 103 KB
17 KB 1118ms
544ms Document
text/html 151.101.66.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.29 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

b76ad150c0f773e9036702859a9e33197cb30f7fd7d5bb2c7314aa44f9d571f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: livestream.com
:scheme: https
:path: /accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.valottery.com/

Response headers

server: openresty
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
x-ls-account: 4608323
x-ls-event: 5051567
x-ua-compatible: IE=Edge,chrome=1
etag: "06fa93ec3a5dc110d303c89034febf0b"
x-request-id: 843ba8c69f68768e6f5abf28590a021c
x-runtime: 0.111460
content-encoding: gzip
date: Thu, 25 Mar 2021 21:28:43 GMT
x-served-by: cache-bwi5151-BWI, cache-qpg1250-QPG
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-timer: S1616707723.076028,VS0,VE279
vary: Accept-Encoding
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
expires: 0
pragma: no-cache
age: 0
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 16524

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:34:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 269655
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:34:27 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.valottery.com/dist/vendor/bootstrap/fonts/ 18 KB
18 KB 120ms
119ms Font
application/font-woff2 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Origin: https://www.valottery.com
Referer: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
etag: "2ff67cb9a2c0d31:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=604800
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:13:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
age: 270884
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:13:58 GMT

GET
H2

200

sunburst_2.ashx
www.valottery.com/-/media/val/images/background-illustrations/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

242 KB
243 KB

123ms
123ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2017 19:22:16 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="sunburst_2.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 248152
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:42 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 208
x-xss-protection: 1; mode=block

GET
H3-Q050 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:41:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 269246
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:41:16 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 13ms
13ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.valottery.com
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617
age: 209546
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64464
cf-request-id: 090ce334f300004eb087b03000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: bbd689d01e32d62fb192bf2e0c6a8de4
accept-ranges: bytes
cf-ray: 635b3b018c744eb0-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
52 KB 52ms
38ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aedd81ffdd5133acc228a222a59808f9fd62eedfce49f62c08dc7bec9aba356e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52508
x-xss-protection: 0
expires: Thu, 25 Mar 2021 21:28:42 GMT

GET
H3-Q050 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 22:38:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
age: 82234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Thu, 24 Mar 2022 22:38:08 GMT

GET
H3-Q050

200

activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransacti... Show response
8930728.fls.doubleclick.net/ Frame AB04
Redirect Chain

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransac...
https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww....

512 B
994 B

84ms
52ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

827918b04688e302c9b6e033ef0004ea86e7e1bdf3af20e22c05bf91c660d259

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8930728.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 21:28:42 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 401
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 25-Mar-2021 21:43:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 21:28:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4418
date: Thu, 25 Mar 2021 20:15:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Mar 2021 22:15:04 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 88ms
28ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 74245
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1616707723.658183,VS0,VE0
x-served-by: cache-hhn11542-HHN

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/virginialottery/production/ 95 KB
20 KB 103ms
32ms Script
application/javascript 143.204.209.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-5.fra53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ab2c3f5b91456614f99a82f182de75f484d70b902da8920679270d30aeb18426

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 18:36:48 GMT
content-encoding: gzip
age: 10314
x-cache: Hit from cloudfront
status: 200
content-length: 19908
access-control-allow-origin: *
last-modified: Tue, 23 Mar 2021 08:49:28 GMT
server: nginx/1.12.1
etag: W/"d4c72620d93f578da51386458f21b335"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 8nu8Dcn70RDaC8TIeZGEUVNEU6n8VqqCGPVWP2Z_9fyh6HOt558M-Q==
expires: Thu, 25 Mar 2021 22:36:48 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
24 KB 27ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: paBiXmaEoTJQDfNVzykn8w33gC3RAt2ziQIopPcLU+nawrllaHoSE3NwpI39rrKIU6VTo0T0+sd0N6ZDPGgk/g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_77148.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 39ms
16ms Script
application/javascript 2606:4700:e0::ac40:6714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_77148.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3bc1d2c6a81628198d20d724d4d5fd73e2e2191bcf897fe583f548ffaf18b0f

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 7170
cf-ray: 635b3b024e53d6f5-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8074
x-amz-id-2: tQgxot+TBY59iZ5qBRBgKPvpg9RczJONHZAsIfp/zvRSeLb3hM+yRwI8/l+/j17vDxKoTN+rPQI=
last-modified: Mon, 04 Jan 2021 14:57:58 GMT
server: cloudflare
etag: "79ade18287d6268aaff06d2fd70f0ec1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o%2BaTUYN00h%2B%2F%2FTg796WEg2ug27vtG4IjyB47Q2wXIuoX0Rsu%2Bcr9fZWpKvx1b3Wr5%2FzH93C4evhosl01sGNQnN6rwwRYqQAqkylv4SIP%2BJwHopOc%2FReoPRVCahXM8Rys500FtpU%3D"}],"group":"cf-nel"}
x-amz-request-id: E78D0CF0500E16A0
cache-control: max-age=86400, no-transform
cf-request-id: 090ce335710000d6f5f901c000000001
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 392.js Show response
download.gamesrv1.com/secure/MWC/2021.02_332551/ 425 KB
183 KB 30ms
29ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/392.js?v=2021.02_332551
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C81) / ASP.NET
Resource Hash: 901bc11148601ce33b55f67fc39bbd752a9b2fbfc0b9f91c9bcef7451f529d04

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
etag: "eaa96dd08e15d71:0"
last-modified: Wed, 10 Mar 2021 09:21:55 GMT
server: ECAcc (mil/6C81)
age: 1324343
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 187143

GET
H2 200 393.js Show response
download.gamesrv1.com/secure/MWC/2021.02_332551/ 95 KB
37 KB 40ms
40ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/393.js?v=2021.02_332551
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CBB) / ASP.NET
Resource Hash: 5d6c05acb1f515201727614d50de5ecaad0a801825167f3d6e63655830f4e4a0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
etag: "27c7b4d08e15d71:0"
last-modified: Wed, 10 Mar 2021 09:21:56 GMT
server: ECAcc (mil/6CBB)
age: 1324343
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 38224

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 208 KB
48 KB 436ms
304ms Script
text/javascript 13.32.20.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-11.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 943c771315e68f82fe0494357d47d9116a1dd55114cc679aa48e0ab416849947

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 21:28:43 GMT
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
X-ltk: 3/21/2021 10:59:25 PM
X-Powered-By: ASP.NET
X-Cache: RefreshHit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 48744
Last-Modified: Wed, 20 Jan 2021 17:12:17 GMT
Server: Microsoft-IIS/8.5
ETag: "ijQgArTNE4pd3kLQTj/T5A=="
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA56-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: bi4EZ_UFWI-ku5TXrKoulEUH94_szC9LQ8EdV4c2GP-WCX-_YOJgDQ==
Expires: Thu, 25 Mar 2021 22:28:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 13ms
12ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-1732052-1&cid=2005617060.1616707723&jid=1042623305&gjid=10640610&_gid=1515434485.1616707723&_u=YGBAgEABAAAAAE~&z=266517859

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Mar 2021 21:28:42 GMT
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
86 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1316013511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory&ul=en-us&de=UTF-8&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1042623305&gjid=10640610&cid=2005617060.1616707723&tid=UA-1732052-1&_gid=1515434485.1616707723&gtm=2wg3h0T3WQN9J&z=892507533

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 12:52:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 30946
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 509692809681502 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509692809681502?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

293bb6b279a680fd8beb72248a4b0b61b051e8f296e1e5c2f2ad162f1c4cf0e0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: BufvSn81a4ZvLxknOyaNSobpD+FepUJl4bCIpEBbQd7zQT0ZPCnEDcrYQE47jgJHw3xPx2x9x3dmscME+EwiGA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Mar 2021 21:28:42 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 27249216.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 124ms
25ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/27249216.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
age: 23053972
x-cache: HIT
x-cache-hits: 545705
content-length: 5672
x-served-by: cache-fra19178-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1616707723.924957,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2

200

hero_swapimagedesktop_cashbuster.ashx
www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/hero_swapImageDesktop_cashbuster.ashx
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_cashbuster.ashx

262 KB
262 KB

130ms
129ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_cashbuster.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

35b1a8693b1b7d4ae88f7d950879857e042492d09a5713f719af822b67825bed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.valottery.com/?NeoDL=TransactionsHistory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 13:07:06 GMT
server
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="hero_swapImageDesktop_cashbuster.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 267948
x-xss-protection: 1; mode=block
expires: Thu, 01 Apr 2021 21:28:43 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_cashbuster.ashx
date: Thu, 25 Mar 2021 21:28:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 239
x-xss-protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 16ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1732052-1&cid=2005617060.1616707723&jid=1042623305&_u=YGBAgEABAAAAAE~&z=1030309476

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-1732052-1&cid=2005617060.1616707723&jid=1042623305&_u=YGBAgEABAAAAAE~&z=1030309476

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
66 B 13ms
13ms Other
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J0YJNS3PS0&gtm=2oe3h0&_p=1316013511&sr=1600x1200&ul=en-us&cid=2005617060.1616707723&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sid=1616707722&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app-bundle~widgets-sport.js Show response
download.gamesrv1.com/secure/MWC/2021.02_332551/vendors~appBl/ 42 KB
17 KB 41ms
41ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/vendors~appBl/app-bundle~widgets-sport.js?v=2021.02_332551
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6CA1) / ASP.NET
Resource Hash: c2c147e47cbf9f93a4d3da90da0a979eb948bb69cea334df5dc944e6ab6d1fe3

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
etag: "90fb72a88f15d71:0"
last-modified: Wed, 10 Mar 2021 09:27:58 GMT
server: ECAcc (mil/6CA1)
age: 1324342
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 16953

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.02_332551/vendors~appBl/ 298 KB
115 KB 615ms
615ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/vendors~appBl/app-bundle.js?v=2021.02_332551
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C59) / ASP.NET
Resource Hash: 0f92e7bd72c7e7c5b27d5f7d62c78233a1437bcd4a14305a6adc7db889280251

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
etag: "b0bd6aa88f15d71:0"
last-modified: Wed, 10 Mar 2021 09:27:58 GMT
server: ECAcc (mil/6C59)
age: 1324344
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 118008

GET
H2 200 44.css
download.gamesrv1.com/secure/MWC/2021.02_332551/ 145 KB
33 KB 622ms
622ms Stylesheet
text/css 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/44.css
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C17) / ASP.NET
Resource Hash: cf584a59e26668450ef6a989e51e0d3d5678897ad5cad844bb078cf703155e19

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
etag: "d06687d98e15d71:0"
last-modified: Wed, 10 Mar 2021 09:22:10 GMT
server: ECAcc (mil/6C17)
age: 1324344
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 33737

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.02_332551/appBl/ 775 KB
224 KB 32ms
32ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/appBl/app-bundle.js?v=2021.02_332551
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C4F) / ASP.NET
Resource Hash: d4a078ba248aea5d18dc4f6f86849c83c10adddd79d5907777897875d9261a26

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
content-encoding: gzip
etag: "e3c4c2d98e15d71:0"
last-modified: Wed, 10 Mar 2021 09:22:11 GMT
server: ECAcc (mil/6C4F)
age: 1324330
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 229618

GET
H2 200 adsct
t.co/i/ 43 B
448 B 249ms
165ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1zh8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Thu, 25 Mar 2021 21:28:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: ffce820e5fe775f7901cbcb8bfc87fd6
x-transaction: 0070e60900f24573
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.1.2-mp/ 81 KB
27 KB 92ms
37ms Script
application/javascript 143.204.209.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.1.2-mp/mpathy-modern.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-5.fra53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6

Request headers

Origin: https://www.valottery.com
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 11:09:39 GMT
content-encoding: gzip
age: 555543
x-cache: Hit from cloudfront
status: 200
content-length: 26751
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 15:05:31 GMT
server: nginx/1.12.1
etag: W/"809a12b3d845af05b552212f8a272cee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: dbpDO4oZYJSiEXC-Fy6eJ6yh_cBzrcjWs8r5Vv3N3tIYqDWt_PhcQQ==
expires: Fri, 16 Apr 2021 11:09:39 GMT

GET
H/1.1 200
OK image.aspx
77148.global.siteimproveanalytics.io/ 34 B
650 B 120ms
25ms Image
image/gif 3.124.126.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://77148.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory&title=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&res=1600x1200&accountid=77148&rt=2737&prev=f253172d-97ec-b5e4-64ac-a3042f79eb7c&luid=bd078890-352a-a8c9-ab0a-42470950af85&rnd=13073
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.126.97 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-126-97.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 21:28:43 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Thu, 25 Mar 2021 21:28:43 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.14.1-fs/ 56 KB
19 KB 31ms
30ms Script
application/javascript 143.204.209.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-5.fra53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 696bf481ec5c742bf43af05db4e8387220cffd6329918a421523331f1ba7a2b7

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Mar 2021 15:56:18 GMT
content-encoding: gzip
age: 1575144
x-cache: Hit from cloudfront
status: 200
content-length: 18546
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:26 GMT
server: nginx/1.12.1
etag: W/"95849196a22d7892afab30f21864ae6d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: WOne3FPRs_mlJbtkN5qb9GN69u_D3O5xa_a1nV2yFM0_BW_0YSC0Bg==
expires: Sun, 04 Apr 2021 15:56:18 GMT

GET
H2 200 fs.compress.js Show response
gateway.foresee.com/code/19.14.1-fs/ 31 KB
12 KB 31ms
31ms Script
application/javascript 143.204.209.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.compress.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-5.fra53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 3a6653a6360e94f7feb9ccfca527cb6485438d7374dc3967722fdb19287cdec7

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 09 Mar 2021 16:12:27 GMT
content-encoding: gzip
age: 1401375
x-cache: Hit from cloudfront
status: 200
content-length: 11643
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:26 GMT
server: nginx/1.12.1
etag: W/"4acabaf9a58154798688b83d8ae9065e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: YA0KoIUX0PfHFmBQ06xw2NHE__0p3mB_TjSWNw8sKP_ZyY5x23ZZSA==
expires: Tue, 06 Apr 2021 16:12:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
326 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=PageView&dl=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory&rl=&if=false&ts=1616707722921&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616707722919.1448653590&it=1616707722795&coo=false&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 21:28:42 GMT

GET
H2 200 dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory Show response
adservice.google.com/ddm/fls/i/ Frame 6ED4 511 B
874 B 64ms
41ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5219622996b92f55008db2520e24a914e40f01f17b2d93c009776933def779de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8930728.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8930728.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 21:28:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 402
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050

200

dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory Show response
8930728.fls.doubleclick.net/ddm/fls/r/ Frame 7931
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valotter...
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww....

2 KB
1 KB

38ms
38ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8930728.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 21:28:43 GMT
expires: Thu, 25 Mar 2021 21:28:43 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1059
x-xss-protection: 0
set-cookie: IDE=AHWqTUnLDgNh0S0cZmlXMn8V60AbsE9fa4-V-7aB-nljb9-0XTj_3RyTFGKpL1Pv; expires=Sat, 25-Mar-2023 21:28:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Mar 2021 21:28:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fs.trigger.js Show response
gateway.foresee.com/code/19.14.1-fs/ 29 KB
10 KB 29ms
28ms Script
application/javascript 143.204.209.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.1-fs/fs.trigger.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-5.fra53.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 2a91468d5d25d7e1c30189eb1cb95b8fc937a1c4867cd22a2c0646e4b4a1cd8b

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 09:10:44 GMT
content-encoding: gzip
age: 908279
x-cache: Hit from cloudfront
status: 200
content-length: 9730
access-control-allow-origin: *
last-modified: Tue, 20 Oct 2020 17:22:27 GMT
server: nginx/1.12.1
etag: W/"d59601f0d29a3e4fd9f98c742af3f7a1"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: abc7hjdYeZfPs4rcdhCbkvEPo4KHLls5JjPWaNtwriv5g5r0P40PvA==
expires: Mon, 12 Apr 2021 09:10:44 GMT

GET
H2

200

nspix
action.media6degrees.com/orbserv/ Frame 7931
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]

43 B
324 B

359ms
358ms

Image
image/gif

2606:4700::6812:5b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:5b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 635b3b08cbbfd6cd-FRA
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 43
cf-request-id: 090ce339810000d6cd65382000000001

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/html; charset=iso-8859-1
location: https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
cf-ray: 635b3b068837d6cd-FRA
cf-request-id: 090ce338160000d6cd5cb93000000001

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/ Frame 7931 8 KB
3 KB 211ms
190ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3c944fbccfba187fafda2404d8b9f3861089305cd83eaafd5c42aa8206909a

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2005
cf-request-id: 090ce337f800002c529d206000000001
x-function: 151
last-modified: Mon, 22 Mar 2021 08:13:58 GMT
server: cloudflare
x-reuse-index: 303
etag: 7739749654413288787
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 635b3b065c1f2c52-FRA
expires: Thu, 25 Mar 2021 22:28:43 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 7931 70 B
261 B 137ms
44ms Image
image/gif 52.51.124.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=k5obd07&ct=0:e9md8kf&fmt=3
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.124.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-124-53.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 7931 3 KB
4 KB 104ms
32ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Fm-zG9HRUw_sM8gMciYB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 7931 3 KB
4 KB 105ms
34ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Fm-zG9HUaFpNlp8Fll9i
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sambaTag.js Show response
tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 7931 3 KB
3 KB 95ms
29ms Script
application/javascript 143.204.209.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-99.fra53.r.cloudfront.net
Software: /
Resource Hash: 6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 12:19:12 GMT
Via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Age: 32971
Transfer-Encoding: chunked
Access-Control-Allow-Methods: HEAD,OPTIONS,GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA53-C1
Access-Control-Allow-Headers: Content-Type, Authorization
X-Amz-Cf-Id: qm8RcVRHwyojVdIka5PXH2VJF61LVGXbiDyxNIuBHngSmicqLGnirQ==

GET
H2 200 getIds Show response
s1.listrakbi.com/hDU7VeqGarZm/session/ 175 B
1 KB 379ms
126ms Script
application/x-javascript 52.207.51.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/hDU7VeqGarZm/session/getIds?callback=ltkCallback5390&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.51.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-51-121.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 52459e3c89ca71ee9e5cbe714b3b8c879c3b6fa8e4a1d860d3d902dc592282da

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: no-cache
content-type: application/x-javascript; charset=utf-8
content-length: 175
expires: -1

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 460ms
114ms Script
text/javascript 142.0.93.34
LISTRAK-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.0.93.34 , United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS: services.listrak.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a20475110b6665b6a8ffef06d071c7a77507fc167cd9ef860fffb408f2facd74

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
content-length: 2665

GET
H2 200 load Show response
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 7931 729 B
979 B 393ms
121ms XHR
application/json 3.228.237.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/load?sa_referrer=https%3A%2F%2Fadservice.google.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNyCksyxzO8CFVP3UQod73cCJA%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D4800622901266%3Bgtm%3D2wg3h0%3Bauiddc%3D1483861358.1616707723%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F%253FNeoDL%253DTransactionsHistory&c=1616707723336
Requested by: Host: tag.mtrcs.samba.tv
URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.237.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-237-139.compute-1.amazonaws.com
Software: /
Resource Hash: 57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Mar 2021 21:28:43 GMT
access-control-allow-headers: Content-Type, Authorization
content-length: 729
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: application/json

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 36ms
35ms Stylesheet
text/css 13.32.20.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.20.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-20-11.fra56.r.cloudfront.net
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 19:28:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 06 Jul 2020 14:12:04 GMT
Server: Microsoft-IIS/8.5
Age: 14326
X-Powered-By: ASP.NET
ETag: W/"93fb116d9f53d61:0"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-C2
X-Amz-Cf-Id: wI_mA8GVg6HyZdGmWzo_a4gDTOnFyPVf0bigfmOkgwgmDwa04RvYBA==

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 7931 678 B
708 B 188ms
179ms Script
application/x-javascript 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a0885ea3ae547907e9819fd5de4370ec727270ff26f1c143c81c9cbdaf4619

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 330
cf-request-id: 090ce338cb00002c52a418b000000001
x-function: 153
last-modified: Mon, 22 Mar 2021 08:13:58 GMT
server: cloudflare
x-reuse-index: 359
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 635b3b07ae212c52-FRA
expires: Wed, 23 Jun 2021 21:28:43 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 7931 752 B
1 KB 119ms
47ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=87665&cb=sifi_att_17963502272._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

a3dfa79d627c3cce5ed5846672bb0baa6dd4c8e8b2b18a3c99c34c229ed4149d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache, no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
date: Thu, 25 Mar 2021 21:28:43 GMT
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="http://www.simplifi.com/w3c/Policies.xml", CP="ADMa DEVa PSAa PSDa OUR IND DSP NON COR"
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: application/javascript; charset=UTF-8
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 embed.css
cdn.livestream.com/deploy/apps/production/events/5.2.37/stylesheets/ Frame C7FD 289 KB
41 KB 93ms
30ms Stylesheet
text/css 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/stylesheets/embed.css
Requested by: Host: livestream.com
URL: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4951390c1e214b6c9609832a3a9368fbee8e30c615b3342a81ebed81b560f993

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
age: 3701141
x-cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 41498
x-served-by: cache-fra19153-FRA
expires: Thu, 11 Feb 2021 02:23:02 GMT
last-modified: Thu, 01 Oct 2020 05:03:19 GMT
x-timer: S1616707724.553017,VS0,VE0
etag: "b8e0dac21335efba2f5d0d9aba88cd0d"
vary: Accept-Encoding
x-goog-generation: 1601528599242169
content-type: text/css; charset=utf-8
via: 1.1 varnish
x-goog-meta-mtime: 2020-10-01T10:32:33.336399634+05:30
x-goog-stored-content-length: 296380
accept-ranges: bytes
x-cache-hits: 5457

GET
H2 200 mapbox.js Show response
cdn.livestream.com/deploy/website/production/cb14356/assets/ Frame C7FD 190 KB
54 KB 123ms
62ms Script
application/javascript 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livestream.com/deploy/website/production/cb14356/assets/mapbox.js
Requested by: Host: livestream.com
URL: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44d5a5acab2a9059264b6add30515a75da18a174b9373c226440468853c12f37

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
age: 1792225
x-cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 55108
x-served-by: cache-fra19153-FRA
expires: Fri, 05 Mar 2021 04:38:17 GMT
last-modified: Thu, 10 Dec 2020 19:53:30 GMT
x-timer: S1616707724.553212,VS0,VE0
etag: "3b1b0ca622a2bafda26f9e65dbb1495d"
vary: Accept-Encoding
x-goog-generation: 1607630010958957
content-type: application/javascript
via: 1.1 varnish
x-goog-meta-mtime: 2020-12-10T19:30:06.000000000Z
x-goog-stored-content-length: 194253
accept-ranges: bytes
x-cache-hits: 5785

GET
H2 200 require.js Show response
cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/ Frame C7FD 17 KB
7 KB 123ms
62ms Script
application/javascript 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/require.js
Requested by: Host: livestream.com
URL: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 83e19d45e5bc9874f9b76586d6a307775abdc8d8c1ffb5d378a76a0d090558cc

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
age: 1891825
x-cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 6545
x-served-by: cache-fra19153-FRA
expires: Thu, 04 Mar 2021 00:58:18 GMT
last-modified: Thu, 01 Oct 2020 05:03:29 GMT
x-timer: S1616707724.553229,VS0,VE0
etag: "34e47492039f9bb7f99f93b5baf4632f"
vary: Accept-Encoding
x-goog-generation: 1601528609787923
content-type: application/javascript
via: 1.1 varnish
x-goog-meta-mtime: 2020-10-01T10:32:28.484292943+05:30
x-goog-stored-content-length: 17630
accept-ranges: bytes
x-cache-hits: 6969

GET
H2 200 glyphicons-halflings-regular.woff
download.gamesrv1.com/secure/MWC/2021.02_332551/assets/base/fonts/ 23 KB
23 KB 737ms
647ms Font
font/x-woff 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.02_332551/44.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6BAF) / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Origin: https://www.valottery.com
Referer: https://download.gamesrv1.com/secure/MWC/2021.02_332551/44.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
etag: "5db4acdf8e15d71:0"
last-modified: Wed, 10 Mar 2021 09:22:21 GMT
server: ECAcc (mil/6BAF)
age: 1324338
x-powered-by: ASP.NET
x-cache: HIT
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=5184000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 23320

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=0403778BFF0246F087BC22782A5891EF

43 B
183 B

265ms
87ms

Image
image/gif

2600:1f18:612b:4216:5e41:f643:f5d9:712d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:5e41:f643:f5d9:712d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=0403778BFF0246F087BC22782A5891EF
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 7931
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF

95 B
426 B

34ms
33ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Jetty(9.4.28.v20200408) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/png
alt-svc: clear
content-length: 95

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
via: 1.1 google
server: Jetty(9.4.28.v20200408)
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=0403778BFF0246F087BC22782A5891EF
alt-svc: clear
content-length: 0

GET
H2

200

aa_px
um.simpli.fi/ Frame 7931
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=0403778BFF0246F087BC22782A5891EF
https://d.agkn.com/pixel/10751/?che=1616707723&ip=185.156.175.187&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164970603736001526250
https://um.simpli.fi/aa_px?sk=164970603736001526250

43 B
409 B

30ms
29ms

Image
image/gif

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164970603736001526250

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Mar 2021 21:28:44 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:43 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164970603736001526250
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ Frame 7931 43 B
409 B 109ms
33ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 7931
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0403778BFF0246F087BC22782A5891EF

0
0

94ms
24ms

Image
text/html

143.204.209.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-21.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=0403778BFF0246F087BC22782A5891EF
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 7931 43 B
409 B 109ms
34ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 7931 43 B
409 B 34ms
30ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 7931
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=0403778BFF0246F087BC22782A5891EF;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=0403778BFF0246F087BC22782A5891EF;mimetype=img;sr
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2018587320958956381

0
0

24ms
23ms

Image
text/html

143.204.209.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2018587320958956381
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-21.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:42 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-2018587320958956381
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 7931
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0&xl8blockcheck=1

0
2 KB

37ms
37ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0&xl8blockcheck=1
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=0403778BFF0246F087BC22782A5891EF&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 7931 43 B
409 B 35ms
31ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=0403778BFF0246F087BC22782A5891EF

0
421 B

498ms
124ms

Image
text/plain

54.208.200.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.208.200.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 25 Mar 2021 21:28:43 GMT

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=0403778BFF0246F087BC22782A5891EF
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/ Frame 7931
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=0403778BFF0246F087BC22782A5891EF

62 B
744 B

479ms
175ms

Image
image/gif

23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 21:28:44 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: af1
Content-Type: image/gif

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=0403778BFF0246F087BC22782A5891EF
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2

200

tpid=0403778BFF0246F087BC22782A5891EF
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 7931
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF

49 B
710 B

55ms
55ms

Image
image/gif

34.245.253.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.245.253.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.115
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=0403778BFF0246F087BC22782A5891EF
cache-control: no-cache
x-server: 10.45.14.224
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF
https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF&dnr=1

0
433 B

35ms
35ms

Image
text/plain

72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF&dnr=1
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:46 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:47 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=2&3pid=0403778BFF0246F087BC22782A5891EF&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=0403778BFF0246F087BC22782A5891EF

0
66 B

3114ms
49ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:46 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=0403778BFF0246F087BC22782A5891EF
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H3-Q050

200

/
www.google.de/pagead/1p-conversion/1026675585/ Frame 7931
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1616707723548&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
530 B

51ms
35ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=iwBdYPjnKpj57gOXga3IBg&cid=CAQSKQCNIrLM_uP4vSDE4s0H5ssCxMwc3Wsy1zYEWLX71JrByIpW5yqMgEiH&random=1367763332&ipr=y

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=357651331&cv=7&fst=1616707723548&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=iwBdYPjnKpj57gOXga3IBg&cid=CAQSKQCNIrLM_uP4vSDE4s0H5ssCxMwc3Wsy1zYEWLX71JrByIpW5yqMgEiH&random=1367763332&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF&__user_check__=1&sync_id=153a0eac-8db1-11eb-b4d0-1f0541441f06

43 B
549 B

41ms
40ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF&__user_check__=1&sync_id=153a0eac-8db1-11eb-b4d0-1f0541441f06
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 21:28:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 138
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 25 Mar 2021 21:28:46 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=0403778BFF0246F087BC22782A5891EF&__user_check__=1&sync_id=153a0eac-8db1-11eb-b4d0-1f0541441f06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 121
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=0403778BFF0246F087BC22782A5891EF
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0403778BFF0246F087BC22782A5891EF

43 B
1 KB

37ms
36ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0403778BFF0246F087BC22782A5891EF

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:46 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.81:80
AN-X-Request-Uuid: 829c563f-17ec-4f9d-8946-e1d7ce12d0ab
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:46 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.12:80
AN-X-Request-Uuid: ee7b74c3-c1ab-41c0-93e3-dd66bdf62347
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D0403778BFF0246F087BC22782A5891EF
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 7931
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0403778BFF0246F087BC22782A5891EF&expires=365

42 B
775 B

1372ms
29ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0403778BFF0246F087BC22782A5891EF&expires=365
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/gif

Redirect headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=0403778BFF0246F087BC22782A5891EF&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 154
expires: Wed, 24 Mar 2021 21:28:43 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7931
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=0403778BFF0246F087BC22782A5891EF
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0403778BFF0246F087BC22782A5891EF

43 B
180 B

35ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0403778BFF0246F087BC22782A5891EF
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:45 GMT
via: 1.1 google
server: OXGW/16.205.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=0403778BFF0246F087BC22782A5891EF
date: Thu, 25 Mar 2021 21:28:45 GMT
via: 1.1 google
server: OXGW/16.205.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 7931
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEFIjoudY-Ya_CjA2rYWF2ck&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=0403778BFF0246F087BC22782A5891EF
https://um.simpli.fi/g_match?id=

0
320 B

30ms
29ms

Image
text/plain

159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 24 Mar 2021 21:28:43 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 location Show response
livestream.com/client/ Frame C7FD 39 B
151 B 265ms
264ms XHR
application/json 151.101.66.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://livestream.com/client/location

Requested by

Host: livestream.com
URL: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.29 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Varnish /

Resource Hash

abaf9e22231e84737551605b0be0290b47accd62927bb780a82cb7f0eb796059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:43 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1616707724.790956,VS0,VE0
strict-transport-security: max-age=31536000
x-cache: HIT
content-type: application/json
expires: 0
cache-control: no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
x-cache-hits: 0
accept-ranges: bytes
content-length: 39
retry-after: 0
x-served-by: cache-qpg1250-QPG

POST
H2 200 events Show response
analytics.foresee.com/ingest/ 45 B
276 B 130ms
129ms XHR
application/json 52.202.9.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.foresee.com/ingest/events

Requested by

Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.14.1-fs/fs.utils.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.9.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

8eefa322436955a85812c082e3ed2399efd61cef81bf4e07d4bee01146e21e62

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
Request-API-Version: 1.0.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
server: nginx/1.19.0
brain-server-version: 1.9.2
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
app-info: fsevents 1.9.2
content-type: application/json; charset=UTF-8
content-length: 45
x-xss-protection: 0
expires: -1

OPTIONS
H2 204 events
analytics.foresee.com/ingest/ Frame 0
0 386ms
124ms Preflight 52.202.9.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.foresee.com/ingest/events
Protocol: H2
Server: 52.202.9.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,request-api-version
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.19.0
date: Thu, 25 Mar 2021 21:28:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS,POST,HEAD
access-control-allow-headers: Origin,Authorization,X-Requested-With,Accept,Access-Control-Allow-Origin,Request-API-Version,Content-Length,Content-Type

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7931
Redirect Chain

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%223706711333%22%2C%22th%22%3A8645007496%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22aUmneM2qvh3teq5PJZdnUfJTrr7QWEuaF%22%2C%22url%22%3A%22htt...
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/bounce?%2Fgetuidu%3Fhttps%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db26%26u%3D%24UID%26redirect%3Dhttps%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D305%2526code%253D%...
https://a.tribalfusion.com/i.match?p=b26&u=1296013630784016530&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662208621781075

43 B
1 KB

37ms
37ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662208621781075

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Mar 2021 21:28:47 GMT
X-Proxy-Origin: 185.156.175.187; 185.156.175.187; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.176:80
AN-X-Request-Uuid: eea34134-9dfa-4d6a-9d27-3e20b92b5c32
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:47 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 635b3b1def502c52-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662208621781075
cache-control: no-cache, private
content-type: text/html
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 090ce346b200002c52ee280000000001
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 event_embed.js Show response
cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/ Frame C7FD 2 MB
387 KB 25ms
25ms Script
application/javascript 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/require.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4b2eb4914c15132f5c0a573a13eae83dc4ee697982655a2c7766a1a6aaf49af

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
age: 1886815
x-cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 396152
x-served-by: cache-fra19153-FRA
expires: Thu, 04 Mar 2021 02:21:48 GMT
last-modified: Thu, 01 Oct 2020 05:04:38 GMT
x-timer: S1616707724.664327,VS0,VE1
etag: "dc3a251f501ed3971ffb17de8f38888a"
vary: Accept-Encoding
x-goog-generation: 1601528678758037
content-type: application/javascript
via: 1.1 varnish
x-goog-meta-mtime: 2020-10-01T10:32:58.109814191+05:30
x-goog-stored-content-length: 2056743
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 impression
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 7931 0
214 B 359ms
117ms Image
text/plain 3.228.237.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/impression?sa_referrer=https%3A%2F%2Fadservice.google.com%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNyCksyxzO8CFVP3UQod73cCJA%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D4800622901266%3Bgtm%3D2wg3h0%3Bauiddc%3D1483861358.1616707723%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F%253FNeoDL%253DTransactionsHistory&c=1616707723336&
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CNyCksyxzO8CFVP3UQod73cCJA;src=8930728;type=pagev0;cat=valot0;ord=4800622901266;gtm=2wg3h0;auiddc=1483861358.1616707723;~oref=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.237.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-237-139.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Mar 2021 21:28:44 GMT
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: HEAD,OPTIONS,GET

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame C7FD 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 25 Mar 2021 21:28:43 GMT

OPTIONS
H2 200 leastloaded.json
api.new.livestream.com/servers/sio/ Frame 0
0 325ms
23ms Preflight 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.new.livestream.com/servers/sio/leastloaded.json?mode=full
Protocol: H2
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://livestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
date: Thu, 25 Mar 2021 21:28:44 GMT
x-served-by: cache-hhn4046-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1616707724.214518,VS0,VE0
access-control-allow-origin: https://livestream.com
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS
access-control-allow-headers: Cache-Control,X-Requested-With,Authorization,Content-Type
access-control-allow-credentials: true
access-control-max-age: 300
via: 1.1 varnish
accept-ranges: bytes
content-length: 29

GET
H2 200 events-1.0.0.svg Show response
cdn.livestream.com/tinsel/svg/ Frame C7FD 15 KB
6 KB 73ms
25ms XHR
image/svg+xml 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livestream.com/tinsel/svg/events-1.0.0.svg
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 170ecca59e8ed0085fd62e84d01f9cb7087e3f51acd852424dd358bbf9f76e86

Request headers

Accept: application/json, text/plain, */*
Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: gzip
age: 4295925
x-cache: HIT
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 6051
via: 1.1 varnish
x-served-by: cache-fra19182-FRA
expires: Thu, 04 Feb 2021 05:09:58 GMT
last-modified: Thu, 18 Oct 2018 07:14:38 GMT
x-timer: S1616707724.962710,VS0,VE0
etag: "b5afa462a59bd7ca1d23a7fdff726363"
vary: Accept-Encoding
x-goog-generation: 1539846878907795
content-type: image/svg+xml
access-control-allow-origin: https://livestream.com
x-goog-meta-mtime: 2017-07-07T02:45:20.000000000-04:00
x-goog-stored-content-length: 15301
accept-ranges: bytes
x-cache-hits: 1923

GET
H2 200 leastloaded.json Show response
api.new.livestream.com/servers/sio/ Frame C7FD 54 B
424 B 79ms
26ms XHR
application/json 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.new.livestream.com/servers/sio/leastloaded.json?mode=full
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e5e0798e10fc4374eb8ed387d53d138f6a6167c985dc208aab24cd5bafc84511

Request headers

Accept: */*
Referer: https://livestream.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
via: 1.1 varnish
x-cache: HIT
content-length: 54
x-served-by: cache-hhn4067-HHN
server: Varnish
x-timer: S1616707724.293881,VS0,VE0
access-control-max-age: 300
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: https://livestream.com
cache-control: pragma, no-cache, max-age=0
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Cache-Control,X-Requested-With,Authorization,Content-Type
retry-after: 0
x-cache-hits: 0

GET
H2 200 lead_capture_form Show response
producer-api.appspot.com/v1/accounts/4608323/events/5051567/ Frame C7FD 13 B
372 B 243ms
174ms XHR
application/json 2a00:1450:400d:804::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://producer-api.appspot.com/v1/accounts/4608323/events/5051567/lead_capture_form
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2014 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 01f2f9c28aa1d4d36a81ff042620b6677d25bf07c2bf4acc37b58658778a4fca

Request headers

Accept: */*
Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://livestream.com
x-cloud-trace-context: 8934c900089cdaad7ab379a8836e0bab
cache-control: private
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ Frame C7FD 250 KB
68 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KNG43F

Requested by

Host: livestream.com
URL: https://livestream.com/accounts/4608323/events/5051567/player?enableInfoAndActivity=true&defaultDrawer=&autoPlay=true&mute=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98ac50642d57e10e24e846a35f59e6254394b92e229bdb2da363dbae8c18d21f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69619
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Mar 2021 21:28:43 GMT

GET
H2 200 mixpanel-2.2.min.js Show response
cdn.mxpnl.com/libs/ Frame C7FD 75 KB
25 KB 21ms
7ms Script
text/javascript 2600:1901:0:498c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2.2.min.js
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:25:34 GMT
content-encoding: gzip
age: 189
x-guploader-uploadid: ABg5-UyED0W-Qwi4fyyB-tgsqa2kKI6cnW8nWDVWCcvaHWWU2bt9HrAcA4hYlK3HpeVx3wsQJoTQGAptvN9BFVgbRkA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 25572
last-modified: Thu, 28 Jan 2021 18:22:08 GMT
server: UploadServer
etag: "acae467b20997801e459f56a5122c003"
vary: Accept-Encoding
x-goog-hash: crc32c=unGNyw==, md5=rK5GeyCZeAHkWfVqUSLAAw==
x-goog-generation: 1611858128167188
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25572
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 25 Mar 2021 21:35:34 GMT

GET
H2 200 version.json Show response
vpe-cdn.livestream.com/playerjs/ Frame C7FD 705 B
531 B 1350ms
27ms XHR
application/json 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerjs/version.json
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c0910b826bdec0e8c83d42dda00c11be6d772dd86557e506aa81c0c119ad42e5

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 77320
x-guploader-uploadid: ABg5-Uz6pEOnsG4dcD2nmplzMqYgo2hBvEwATul16rZQ7NDGVdeiXx_JTkZuA15awgpqYus9VSIoQDJxvt_NhXa3hR0
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 214
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5126-BWI, cache-hhn4045-HHN
last-modified: Wed, 16 Dec 2020 19:29:36 GMT
server: UploadServer
x-timer: S1616707725.245564,VS0,VE0
etag: "ff0d4a8431e98896121572755ecfe782"
vary: Accept-Encoding
x-goog-hash: crc32c=vE4SUA==, md5=/w1KhDHpiJYSFXJ1Xs/ngg==
x-goog-generation: 1608146976192244
access-control-allow-origin: https://livestream.com
expires: Fri, 19 Feb 2021 11:06:05 GMT
cache-control: public
x-goog-stored-content-length: 705
accept-ranges: bytes
content-type: application/json
x-cache-hits: 2, 1310

GET
H2 200 version.json Show response
vpe-cdn.livestream.com/playerm/ Frame C7FD 158 B
699 B 1349ms
26ms XHR
application/json 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerm/version.json
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 15b0b74c8f577fc68caa6314e48d0b172d24dc387071e2be17a8d16a6bf4a331

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 87475
x-guploader-uploadid: ABg5-UyjTvijxbltYK3_z-sAojdwPKs-CPiOaoIsZhcwetdaQJETPSSFsskX-QwRq0ggICj5ev7H3x3ZjEsaPLhvYpE
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 105
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5148-BWI, cache-hhn4045-HHN
last-modified: Wed, 16 Dec 2020 18:52:39 GMT
server: UploadServer
x-timer: S1616707725.245543,VS0,VE0
etag: "04a3ac61cb0ade349986a95f3f33ae8f"
vary: Accept-Encoding
x-goog-hash: crc32c=+LNDXQ==, md5=BKOsYcsK3jSZhqlfPzOujw==
x-goog-generation: 1608144759079893
access-control-allow-origin: https://livestream.com
expires: Wed, 24 Mar 2021 18:54:35 GMT
cache-control: public
x-goog-stored-content-length: 158
accept-ranges: bytes
content-type: application/json
x-cache-hits: 1, 1394

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame C7FD 136 KB
52 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SC9Q0J9X0S&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNG43F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f762440a87644a32d3da66d4560a0f7543235cfc686ad4a35da7c4fd8e9aeff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53627
x-xss-protection: 0
expires: Thu, 25 Mar 2021 21:28:43 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame C7FD 46 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNG43F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4419
date: Thu, 25 Mar 2021 20:15:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 25 Mar 2021 22:15:04 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame C7FD 35 KB
14 KB 81ms
48ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNG43F

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13743
x-xss-protection: 0
server: cafe
etag: 506321234855497976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 25 Mar 2021 21:28:44 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame C7FD 4 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:7100:18d::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNG43F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 25 Mar 2021 21:28:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=66254
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C7FD 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: paBiXmaEoTJQDfNVzykn8w33gC3RAt2ziQIopPcLU+nawrllaHoSE3NwpI39rrKIU6VTo0T0+sd0N6ZDPGgk/g==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Mar 2021 21:28:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1463871750374661 Show response
connect.facebook.net/signals/config/ Frame C7FD 242 KB
70 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1463871750374661?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d56c44431bf8d222bc525888f051f5bc56243bf698d3f0b22ac8913d083248e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 71194
x-fb-rlafr: 0
pragma: public
x-fb-debug: UOsUEOzHLxVy6N9zLrMkY5osJKOhd//wx84WwQZFFaaTQHXsXM+60S8+f7xy/9o0uayayM7U/bvDkzjnHyyNDA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 25 Mar 2021 21:28:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px.ads.linkedin.com/ Frame C7FD
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7516%26time%3D1616707723991%26url%3Dhttps%253A%252F%252Fwww.valottery.com%252F%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F&liSync=true

0
57 B

189ms
189ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F&liSync=true
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: x6OjKRyzbxawAAyN/ioAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: eFfWHhyzbxZwSdtqQisAAA==
pragma: no-cache
x-li-pop: afd-prod-lor1
x-msedge-ref: Ref A: 83CD1D9BEC10469EBF31E267DBB0AB81 Ref B: FRAEDGE0922 Ref C: 2021-03-25T21:28:44Z
date: Thu, 25 Mar 2021 21:28:44 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lor1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7516&time=1616707723991&url=https%3A%2F%2Fwww.valottery.com%2F&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C7FD 44 B
147 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1463871750374661&ev=PageView&dl=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&rl=https%3A%2F%2Fwww.valottery.com%2F&if=true&ts=1616707724043&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1616707723988&coo=false&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 21:28:44 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993702637/ Frame C7FD 2 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993702637/?random=1616707724050&cv=9&fst=1616707724050&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bd981e3aac84fe6cc94e85793bab642857016dea82aa7731e5591e3b3531f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1105
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1011900088/ Frame C7FD 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1011900088/?random=1616707724055&cv=9&fst=1616707724055&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cab823eac61b5eaa63644b1dd0c3a13497a13a7e38cc366ebfe8f7f4507ee13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/1011900088/ Frame C7FD 42 B
89 B 21ms
20ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1011900088/?random=1616707724055&cv=9&fst=1616706000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&async=1&fmt=3&is_vtc=1&random=1992198081&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/1011900088/ Frame C7FD 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1011900088/?random=1616707724055&cv=9&fst=1616706000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&async=1&fmt=3&is_vtc=1&random=1992198081&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/993702637/ Frame C7FD 42 B
66 B 64ms
63ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993702637/?random=1616707724050&cv=9&fst=1616706000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&async=1&fmt=3&is_vtc=1&random=2167747997&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/993702637/ Frame C7FD 42 B
66 B 21ms
20ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/993702637/?random=1616707724050&cv=9&fst=1616706000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3h0&sendb=1&frm=2&url=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&ref=https%3A%2F%2Fwww.valottery.com%2F&tiba=Cash4Life%20on%20Livestream&async=1&fmt=3&is_vtc=1&random=2167747997&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Mar 2021 21:28:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 place
api.new.livestream.com/accounts/4608323/events/5051567/ Frame 0
0 24ms
23ms Preflight 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.new.livestream.com/accounts/4608323/events/5051567/place
Protocol: H2
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://livestream.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
date: Thu, 25 Mar 2021 21:28:44 GMT
x-served-by: cache-hhn4046-HHN
x-cache: HIT
x-cache-hits: 0
x-timer: S1616707724.216677,VS0,VE0
access-control-allow-origin: https://livestream.com
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS
access-control-allow-headers: Cache-Control,X-Requested-With,Authorization,Content-Type
access-control-allow-credentials: true
access-control-max-age: 300
via: 1.1 varnish
accept-ranges: bytes
content-length: 29

GET
H2 200 place Show response
api.new.livestream.com/accounts/4608323/events/5051567/ Frame C7FD 198 B
430 B 180ms
129ms XHR
application/json 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.new.livestream.com/accounts/4608323/events/5051567/place
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: openresty / Express
Resource Hash: 47697a7e74ef7892f5d85dfe8d89bcaa1cec0a23e3f3e8486bf35cd832a41c6c

Request headers

Accept: */*
Referer: https://livestream.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 45
x-powered-by: Express
x-cache: HIT, MISS, MISS
x-ls-api-account: 4608323
content-length: 198
x-served-by: cache-bwi5123-BWI, cache-hhn4067-HHN
server: openresty
x-timer: S1616707724.293868,VS0,VE103
access-control-max-age: 300
access-control-allow-methods: POST,PUT,PATCH,GET,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://livestream.com
x-ls-api-event: 5051567
accept-ranges: bytes
access-control-allow-headers: Cache-Control,X-Requested-With,Authorization,Content-Type
access-control-allow-credentials: true
x-cache-hits: 0, 0

GET
H2 200 donation_feature_enabled Show response
donations.livestream.com/v2/accounts/4608323/events/5051567/ Frame C7FD 21 B
206 B 149ms
148ms XHR
application/json 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.livestream.com/v2/accounts/4608323/events/5051567/donation_feature_enabled
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 10add10d6c029c5b54d2655bbaee14eda069d94330c3096a819e2d722f7d3b82

Request headers

Accept: application/json
Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
content-encoding: gzip
server: Google Frontend
x-timer: S1616707724.218098,VS0,VE124
x-served-by: cache-hhn4046-HHN
vary: Accept-Encoding
x-cache: MISS
content-type: application/json
access-control-allow-origin: https://livestream.com
x-cloud-trace-context: 44cceb053241871c17fab9130e68cfd0
cache-control: private
access-control-allow-credentials: true
accept-ranges: bytes
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 f40336c9-faf5-44e1-9f69-8569045f1c72_50x50.jpg
img.new.livestream.com/accounts/0000000000465143/ Frame C7FD 22 KB
23 KB 28ms
26ms Image
image/jpeg 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.new.livestream.com/accounts/0000000000465143/f40336c9-faf5-44e1-9f69-8569045f1c72_50x50.jpg
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 07196d23ade00eab36cdbc5547074cac4117cdc38f7a8302e7ceda9b5d5b12cd

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
etag: W/"58e3-552570705"
last-modified: Thu, 18 Mar 2021 08:41:21 GMT
age: 650843
x-powered-by: Express
x-served-by: cache-bwi5168-BWI, cache-fra19153-FRA
x-timer: S1616707724.224660,VS0,VE1
x-cache: HIT, MISS, HIT
content-type: image/jpeg
cache-control: public, max-age=18144000
accept-ranges: bytes
backend-name: 1lASPrYDMTBk1tRtKxO7rm--F_addr_origin_img_1
content-length: 22755
x-cache-hits: 0, 1

GET
H2 200 6bbb32e2-17d0-4bea-984d-0c36f10696d8_170x255.png
img.new.livestream.com/events/00000000004d14af/ Frame C7FD 8 KB
8 KB 28ms
26ms Image
image/png 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.new.livestream.com/events/00000000004d14af/6bbb32e2-17d0-4bea-984d-0c36f10696d8_170x255.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: dce849f528d8f15fd6d9920eb567148e4c5cd06f174b1107e09b14bd3c9c4998

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
etag: W/"1fc4-2605499800"
last-modified: Fri, 12 Mar 2021 07:08:05 GMT
age: 1174839
x-powered-by: Express
x-served-by: cache-bwi5164-BWI, cache-fra19153-FRA
x-timer: S1616707724.224751,VS0,VE1
x-cache: HIT, HIT, HIT
content-type: image/png
cache-control: public, max-age=18144000
accept-ranges: bytes
backend-name: 1lASPrYDMTBk1tRtKxO7rm--F_addr_origin_img_1
content-length: 8132
x-cache-hits: 1, 1

GET
H/1.1 200
OK / Show response
sio-1.livestream.com/socket.io/1/ Frame C7FD 83 B
321 B 374ms
123ms XHR
text/plain 35.229.34.229
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sio-1.livestream.com/socket.io/1/?t=1616707724304
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.229.34.229 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 9323dec5d25b8291272bd77992bfbc8c0a0e75417e35e54521bb6b677fcfa9e7

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://livestream.com
Date: Thu, 25 Mar 2021 21:28:44 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/plain

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=Microdata&dl=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory&rl=&if=false&ts=1616707724426&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers%5Cn%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Find%20a%20Virginia%20Lottery%20game%20you%20love!%20Play%20Online%20Instant%20Games%20or%20Mega%20Millions%2C%20Powerball%20or%20Cash4Life%C2%AE%20online!%20Enter%20eXTRA%20Chances%20or%202nd%20Chance%20promotions!%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1616707722919.1448653590&it=1616707722795&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 21:28:44 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C7FD 44 B
101 B 6ms
5ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1463871750374661&ev=Microdata&dl=https%3A%2F%2Flivestream.com%2Faccounts%2F4608323%2Fevents%2F5051567%2Fplayer%3FenableInfoAndActivity%3Dtrue%26defaultDrawer%3D%26autoPlay%3Dtrue%26mute%3Dfalse&rl=https%3A%2F%2Fwww.valottery.com%2F&if=true&ts=1616707724546&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cash4Life%20on%20Livestream%22%2C%22meta%3Adescription%22%3A%22Watch%20CASH4LIFE%27s%20Cash4Life%20on%20Livestream.com.%20Drawings%20are%20every%20day%20at%209%3A00%20pm%20EST.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22video.other%22%2C%22og%3Asite_name%22%3A%22Livestream%22%2C%22og%3Adescription%22%3A%22Watch%20CASH4LIFE%27s%20Cash4Life%20on%20Livestream.com.%20Drawings%20are%20every%20day%20at%209%3A00%20pm%20EST.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg.new.livestream.com%2Fevents%2F00000000004d14af%2F6bbb32e2-17d0-4bea-984d-0c36f10696d8.png%22%2C%22og%3Atitle%22%3A%22Cash4Life%20by%20CASH4LIFE%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Flivestream.com%2FCash4Life%2Fevents%2F5051567%3Ft%3D1616707723%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&it=1616707723988&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 25 Mar 2021 21:28:44 GMT

GET
H2 200 m.js Show response
vpe-cdn.livestream.com/playerm/2.6.0/ Frame C7FD 469 KB
136 KB 27ms
26ms Script
application/javascript 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerm/2.6.0/m.js
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 4d890e56c7274c71c3247ad654367338e3bcd928714017cdd027664a0b329825

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 67049
x-guploader-uploadid: ABg5-UzyGErSLaLAx7ztjM5j0sC0HaHlqfgzM-O7sAIwIHubGLgh9APGrxgMsbYjDPPtlB17MuJwrznRltF3eoe_C74
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 138137
x-served-by: cache-bwi5141-BWI, cache-hhn4067-HHN
last-modified: Wed, 16 Dec 2020 18:52:39 GMT
server: UploadServer
x-timer: S1616707725.274552,VS0,VE0
etag: "9b42734214674dcd8f487538533508e9"
vary: Accept-Encoding
x-goog-hash: crc32c=8+G1ow==, md5=m0JzQhRnTc2PSHU4UzUI6Q==
x-goog-generation: 1608144759508941
via: 1.1 varnish, 1.1 varnish
expires: Thu, 04 Mar 2021 08:17:36 GMT
cache-control: public
x-goog-stored-content-length: 480410
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 3

GET
H2 200 m.css
vpe-cdn.livestream.com/playerm/2.6.0/ Frame C7FD 3 KB
1 KB 67ms
67ms Stylesheet
text/css 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerm/2.6.0/m.css
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0a07ddcb2cf7443cbacab0d5f78b9df743792224339839001007939f8fbe0ca5

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 69499
x-guploader-uploadid: ABg5-Ux3PdHSh3gnId--G0d03ckGyyuNdiq99_acTQ780Ue8Ajv-9a4ukIiqDUnYzUwmLKYs4grufQnrQiftXKi9igI
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 836
x-served-by: cache-bwi5135-BWI, cache-hhn4067-HHN
last-modified: Wed, 16 Dec 2020 18:52:39 GMT
server: UploadServer
x-timer: S1616707725.274641,VS0,VE0
etag: "467f229d198941136db0101b4d5b2166"
vary: Accept-Encoding
x-goog-hash: crc32c=22XatA==, md5=Rn8inRmJQRNtsBAbTVshZg==
x-goog-generation: 1608144759333578
via: 1.1 varnish, 1.1 varnish
expires: Wed, 24 Mar 2021 02:26:45 GMT
cache-control: public
x-goog-stored-content-length: 2597
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 1, 1319

GET
H2 200 player.js Show response
vpe-cdn.livestream.com/playerjs/0.78.0/ Frame C7FD 1 MB
346 KB 80ms
80ms Script
application/javascript 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerjs/0.78.0/player.js
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2068c5698b2546881a4c90cd2d7b28192621121d2bf81b62f83176fc34171deb

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 74314
x-guploader-uploadid: ABg5-Uz96RmEO3wMSmXwectY7FTpjMzcgaa2wK3E45-j-7DwBK-LqduztcsXhR3QD7oRMojLMKBOq-XdFLsKOd-UXsI
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 353681
x-served-by: cache-bwi5145-BWI, cache-hhn4067-HHN
last-modified: Wed, 16 Dec 2020 19:29:36 GMT
server: UploadServer
x-timer: S1616707725.275482,VS0,VE0
etag: "2654f517cdaa3af0e87adce77caff663"
vary: Accept-Encoding
x-goog-hash: crc32c=IpMctA==, md5=JlT1F82qOvDoetznfK/2Yw==
x-goog-generation: 1608146976702667
via: 1.1 varnish, 1.1 varnish
expires: Mon, 08 Mar 2021 08:17:50 GMT
cache-control: public
x-goog-stored-content-length: 1245450
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 3

GET
H2 200 player.css
vpe-cdn.livestream.com/playerjs/0.78.0/ Frame C7FD 28 KB
4 KB 79ms
79ms Stylesheet
text/css 151.101.114.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vpe-cdn.livestream.com/playerjs/0.78.0/player.css
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 54de12752cc1e946605b015e5877a293356de453aae9bd6c613964a02b248189

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:45 GMT
content-encoding: gzip
age: 78319
x-guploader-uploadid: ABg5-UyqA73KRRpcp2shkhRnY4yNjQxEcEKsxrHQ_wb0SSfJhp3Bhy6Nl51FFuMoHOWp_A5BgTbDE_0LJsWC7_x29kY
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 3772
x-served-by: cache-bwi5148-BWI, cache-hhn4067-HHN
last-modified: Wed, 16 Dec 2020 19:29:36 GMT
server: UploadServer
x-timer: S1616707725.275522,VS0,VE0
etag: "12812cbc5cbd3d023c10058c0a0f073b"
vary: Accept-Encoding
x-goog-hash: crc32c=YMZFVw==, md5=EoEsvFy9PQI8EAWMCg8HOw==
x-goog-generation: 1608146976477499
via: 1.1 varnish, 1.1 varnish
expires: Wed, 17 Mar 2021 19:43:30 GMT
cache-control: public
x-goog-stored-content-length: 28387
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-cache-hits: 1, 1333

GET
BLOB 200
OK 2d81d816-6b1e-4ded-b301-4f987dce2122
https://livestream.com/ Frame C7FD 453 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://livestream.com/2d81d816-6b1e-4ded-b301-4f987dce2122
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 091b6c5604f551bee4fdf84ada947302d7e7e8d4222711ae02f8f3f35459f46d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 453
Content-Type: text/javascript

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
653 B 213ms
143ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=o1zh8&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.valottery.com%2F%3FNeoDL%3DTransactionsHistory

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Thu, 25 Mar 2021 21:28:47 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 7302311bebf8ee8603a7b0694867f3de
x-transaction: 007cc8f700346fbd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
625 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Mar 2021 21:03:31 GMT
server: ESF
date: Thu, 25 Mar 2021 21:28:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Mar 2021 21:28:48 GMT

GET
H2 200 fontawesomev5.min.css
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 418 B
623 B 123ms
27ms Stylesheet
text/css 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF4) /
Resource Hash: e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:48 GMT
last-modified: Thu, 08 Feb 2018 20:17:05 GMT
server: ECS (mil/6CF4)
age: 53893
etag: "516682c919a1d31:0"
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 418

GET
H2 200 BannerBlue_Popup.jpg
videocdn.valottery.com/listrak/ 10 KB
10 KB 103ms
13ms Image
image/jpeg 2620:1ec:46::19
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videocdn.valottery.com/listrak/BannerBlue_Popup.jpg
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::19 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 25 Mar 2021 21:28:47 GMT
last-modified: Fri, 08 Jan 2021 16:19:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yznYqEEGhqD80LO4EpR7Zw==
etag: 0x8D8B3F13DDB83E6
x-azure-ref: 0kABdYAAAAABiaipNqDptQbKnhnK8cznrRlJBRURHRTEwMDcAN2E0MjdlM2UtZmNlMS00NWY4LTgxMzktN2QxMGViYmE2ZGUx
x-cache: TCP_HIT
content-type: image/jpeg
x-ms-request-id: 72449c40-201e-0092-6dd8-20ea70000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0UfVcYAAAAAChaB6eVafFQIp0zPmWott9TE9OMjFFREdFMDIyMQA3YTQyN2UzZS1mY2UxLTQ1ZjgtODEzOS03ZDEwZWJiYTZkZTE=
content-length: 9866

GET
H2 200 Gotham-Book.woff2
mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/ 19 KB
20 KB 109ms
28ms Font
application/font-woff2 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/Gotham-Book.woff2
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/?NeoDL=TransactionsHistory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CDE) /
Resource Hash: 1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2

Request headers

Origin: https://www.valottery.com
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:48 GMT
last-modified: Tue, 02 Jan 2018 15:15:39 GMT
server: ECS (mil/6CDE)
age: 7537
etag: "ba5d7f8cdc83d31:0"
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 19832

GET
H2 200 ModalImpression.ashx Show response
m1.listrakbi.com/ 103 B
691 B 146ms
123ms Script
application/javascript 52.207.51.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://m1.listrakbi.com/ModalImpression.ashx?callback=ltkCallback1326&t=impression&ctid=hDU7VeqGarZm&globalSessionUID=dd917368-bc4c-4d03-ba06-7b5a6a8681e2&mid=d9f118bf-8a80-4592-96b1-112433f8cbe7
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.51.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-51-121.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3bf02236ce8563832a6e861b9c7ea9b80ff6d776f10eae05cab364b69ebdc1de

Request headers

Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:48 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: private
content-type: application/javascript; charset=utf-8
content-length: 103

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Mar 2021 22:38:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
age: 82240
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
expires: Thu, 24 Mar 2022 22:38:08 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:06:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
age: 541350
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
expires: Sat, 19 Mar 2022 15:06:18 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:41:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
age: 269252
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:41:16 GMT

GET
H3-Q050 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.valottery.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:13:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
age: 472504
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:13:44 GMT

GET
H2 200 FontAwesome-v-5-Custom.ttf
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 41 KB
42 KB 28ms
28ms Font
application/octet-stream 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/FontAwesome-v-5-Custom.ttf
Requested by: Host: mediacdn.espssl.com
URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF6) /
Resource Hash: 668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9

Request headers

Origin: https://www.valottery.com
Referer: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 25 Mar 2021 21:28:48 GMT
last-modified: Thu, 08 Feb 2018 20:14:37 GMT
server: ECS (mil/6CF6)
age: 34981
etag: "572f797119a1d31:0"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 42456

POST
H2 204 track Show response
analytics.livestream.com/ Frame C7FD 0
247 B 123ms
122ms XHR
text/plain 151.101.14.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.livestream.com/track
Requested by: Host: cdn.livestream.com
URL: https://cdn.livestream.com/deploy/apps/production/events/5.2.37/javascripts/event_embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.29 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: spray-can/1.3.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://livestream.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Mar 2021 21:28:52 GMT
via: 1.1 varnish
server: spray-can/1.3.2
x-timer: S1616707732.166454,VS0,VE98
x-served-by: cache-fra19153-FRA
access-control-max-age: 600
x-cache: MISS
access-control-allow-origin: https://livestream.com
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 10:36:19	Name: IDE Value: AHWqTUnLDgNh0S0cZmlXMn8V60AbsE9fa4-V-7aB-nljb9-0XTj_3RyTFGKpL1Pv
.livestream.com/	1970-01-20 10:36:19	Name: vuid Value: pl56818952.1488677697
.valottery.com/	1970-01-20 10:34:58	Name: _4c_ Value: %7B%22_4c_s_%22%3A%22dVNtb5swEP4ryJ9LisFgiDRNWaq9qa26rNP2LTL2EaxQjIwblkX57zun0JdoQ0jcPXfP44fjOJChhpbMaUYzHnEepzSiF2QL%2B57MD8Rq5R87MieqYFWcAYQZlVnIWAJhySMaVgktclUpXiWcXJDfXitmLE94nFDKjxdEdqPGgUijALVoMaNshtweGe4PIlmEUWeNepRu7fad7xqgDHq1xYKCnZawHrRytadnUfSC1qA3tfNw%2FAR31icYDbpVZjinjeg5rbRm6MFTl7U1DxDkBaIGx0B%2Bnhjeq4UKrD11YdZr533uRGOcA7ufSfMwwjhAX9F2o1s91bF2Axtxo5tGm9Yr3yJ0ZwawpWiaMV%2BKvk6nmpZb9ipOxvi7tMLJGuwk8nHxbQpX4IRuTh59emXFEHwSDzDV4df9ahEsa9HKZ8zXg5VB%2By8eAhZc6wpG5INot8EiGL1Plqxu3e1dI%2FbT2QbL7Sb4KuS2M25Eb0yJhoJF170FXhG73fjNHq2fQ%2B1c188vL4dhmL0Z7%2BX7WzBX1%2B%2FurWh7IZ2f42fdO3OaLrReprMK48ZI0Xj3uN74gov1jy9XmOHHTjPKoyyaPe98Qo7j4iJQMBrjneJiOrSSZyzy1%2FHJ42mP6Ut3VKS45jEfu2k%2BNe%2F09ONwWgjOYgiTmPGQ4dlhjlAokjQu8qIqUlWSM8X4H4pPCxpC%2B18fcRKdsY7Hvw%3D%3D%22%7D
.valottery.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.valottery.com/	1970-01-19 19:14:43	Name: _fbp Value: fb.1.1616707722919.1448653590
.valottery.com/	1970-01-20 17:05:07	Name: nmstat Value: f253172d-97ec-b5e4-64ac-a3042f79eb7c
.valottery.com/	1970-01-19 17:06:34	Name: _gid Value: GA1.2.1515434485.1616707723
.valottery.com/	1970-01-20 10:36:19	Name: _ga_J0YJNS3PS0 Value: GS1.1.1616707722.1.0.1616707722.0
.valottery.com/	1970-01-19 17:05:07	Name: _dc_gtm_UA-1732052-1 Value: 1
.valottery.com/	1970-01-19 19:14:43	Name: _gcl_au Value: 1.1.1483861358.1616707723
.valottery.com/	1970-01-23 08:44:00	Name: GSIDhDU7VeqGarZm Value: dd917368-bc4c-4d03-ba06-7b5a6a8681e2
.valottery.com/	1970-01-20 01:50:43	Name: UniqueDeviceId Value: 10d28005-7311-4b7e-99a0-449561b5ec5d
www.valottery.com/	1978-01-11 21:31:40	Name: ValInterstitialPopup Value: {"VisitCount":null,"LastModified":null,"NextShowDate":"\/Date(1617312521335)\/"}
.valottery.com/	1970-01-20 10:36:19	Name: _ga Value: GA1.1.2005617060.1616707723
www.valottery.com/	1970-02-25 05:39:41	Name: ShowVALAlert Value: winningNumbers
www.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ccfsopxpecwixgkldscry415
www.valottery.com/	1970-01-23 08:41:07	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: f6145fd060bc43cfbf4e5cca19451eab\|False

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20201110(Line 85) Message: Error in createlocalstorage:TypeError: Cannot read property 'refreshed' of null
console-api	log	URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20201110(Line 85) Message: winningNumbers_DISABLED
console-api	log	URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20201110(Line 85) Message: live-drawing intialize: Cannot set property 'refreshed' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77148.global.siteimproveanalytics.io
8930728.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.foresee.com
analytics.livestream.com
analytics.twitter.com
api.new.livestream.com
bcp.crwdcntrl.net
cdn.listrakbi.com
cdn.livestream.com
cdn.mxpnl.com
cdn.valottery.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
d.agkn.com
donations.livestream.com
download.gamesrv1.com
extend.vimeocdn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gamesrv1.valottery.com
gateway.foresee.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
img.new.livestream.com
insight.adsrvr.org
livestream.com
loadm.exelator.com
m1.listrakbi.com
maxcdn.bootstrapcdn.com
mediacdn.espssl.com
pixel.mtrcs.samba.tv
pixel.rubiconproject.com
pixel.tapad.com
privacy-policy.truste.com
producer-api.appspot.com
px.ads.linkedin.com
s.tribalfusion.com
s1.listrakbi.com
services.listrak.com
simplifi.partners.tremorhub.com
sio-1.livestream.com
siteimproveanalytics.com
snap.licdn.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
t.co
tag.mtrcs.samba.tv
tag.simpli.fi
u15535811.ct.sendgrid.net
um.simpli.fi
us-u.openx.net
videocdn.valottery.com
vpe-cdn.livestream.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.valottery.com
104.244.42.131
104.244.42.69
13.226.159.89
13.32.20.11
142.0.93.34
142.250.185.230
142.250.185.66
142.250.186.66
143.204.209.21
143.204.209.5
143.204.209.99
151.101.114.29
151.101.14.109
151.101.14.29
151.101.66.29
159.253.128.188
167.89.118.28
169.50.137.176
169.50.137.179
18.195.77.165
18.198.69.109
185.33.221.87
185.94.180.125
199.232.136.157
2001:4de0:ac18::1:a:2a
23.79.152.128
2600:1901:0:498c::
2600:1901:0:8eee::
2600:1f18:612b:4216:5e41:f643:f5d9:712d
2606:4700::6812:5b69
2606:4700::6812:acf
2606:4700::6812:d05
2606:4700:e0::ac40:6714
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:46::19
2a00:1450:4001:801::2002
2a00:1450:4001:802::200e
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c00::9a
2a00:1450:400d:804::2014
2a02:26f0:7100:18d::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.126.97
3.228.237.139
34.245.253.34
34.98.64.218
35.227.248.159
35.229.34.229
35.244.174.68
52.168.86.34
52.202.9.160
52.207.51.121
52.51.124.53
52.58.248.2
54.208.200.8
69.173.144.139
72.251.249.9
8.43.82.17
93.184.220.43
93.184.221.168
001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f
01f2f9c28aa1d4d36a81ff042620b6677d25bf07c2bf4acc37b58658778a4fca
028f973840c87e73d146ae50119c91d7a2caa7134dc403b7c613118e4fa8f063
02a0885ea3ae547907e9819fd5de4370ec727270ff26f1c143c81c9cbdaf4619
04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25
07196d23ade00eab36cdbc5547074cac4117cdc38f7a8302e7ceda9b5d5b12cd
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7
091b6c5604f551bee4fdf84ada947302d7e7e8d4222711ae02f8f3f35459f46d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09cf415340db0fd01d8494cd4fdfb3112d9a5f03c71e5f8b006705e489e6d0fd
0a07ddcb2cf7443cbacab0d5f78b9df743792224339839001007939f8fbe0ca5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24
0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201
0cab823eac61b5eaa63644b1dd0c3a13497a13a7e38cc366ebfe8f7f4507ee13
0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2
0d4a3423e4be6f7c3a8b876b9fb41912206194953ea208a2bb98c75bb3351882
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f92e7bd72c7e7c5b27d5f7d62c78233a1437bcd4a14305a6adc7db889280251
10add10d6c029c5b54d2655bbaee14eda069d94330c3096a819e2d722f7d3b82
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8
12196ed736752b2acaf8b371eb8cf9477a75c987e2da53c096a87f305d761edd
1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445
143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789
15b0b74c8f577fc68caa6314e48d0b172d24dc387071e2be17a8d16a6bf4a331
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
170ecca59e8ed0085fd62e84d01f9cb7087e3f51acd852424dd358bbf9f76e86
1add3759149ea62ce152fafb1301a7d9eb72d7adf2ac03481761d9f5a2e328a1
1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f18cfe43ece49f809e1dd07dd778c73afcc751ed427af008a9920f5a4638ea2
2068c5698b2546881a4c90cd2d7b28192621121d2bf81b62f83176fc34171deb
2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190
232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42
259c48ef6d9672952fa6c2bc3fc55d6559d77e28ef9742159f1f19fe9c717ba8
2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c
293bb6b279a680fd8beb72248a4b0b61b051e8f296e1e5c2f2ad162f1c4cf0e0
2a91468d5d25d7e1c30189eb1cb95b8fc937a1c4867cd22a2c0646e4b4a1cd8b
2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10
35b1a8693b1b7d4ae88f7d950879857e042492d09a5713f719af822b67825bed
37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5
38118fa99879ff7473b4b7a8d1d004f62cb43d0a27b9b768bbf3c198bdde827d
3a6653a6360e94f7feb9ccfca527cb6485438d7374dc3967722fdb19287cdec7
3bf02236ce8563832a6e861b9c7ea9b80ff6d776f10eae05cab364b69ebdc1de
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d3334f2122e1411a5f4be5b85a712373d7b791de57d829d1fd8b3cbdba30344
3d56c44431bf8d222bc525888f051f5bc56243bf698d3f0b22ac8913d083248e
3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
435cb1b0a1075c641d772b187ec9d653995906ee7bc0c4dd7148de6cca8d631f
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
44d5a5acab2a9059264b6add30515a75da18a174b9373c226440468853c12f37
47697a7e74ef7892f5d85dfe8d89bcaa1cec0a23e3f3e8486bf35cd832a41c6c
4951390c1e214b6c9609832a3a9368fbee8e30c615b3342a81ebed81b560f993
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d890e56c7274c71c3247ad654367338e3bcd928714017cdd027664a0b329825
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a
4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64
5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945
5219622996b92f55008db2520e24a914e40f01f17b2d93c009776933def779de
52459e3c89ca71ee9e5cbe714b3b8c879c3b6fa8e4a1d860d3d902dc592282da
52facaf7f8dfc970481b1cc15af9bb89a42c6b9053be78a6ac30cf537d133cd0
54de12752cc1e946605b015e5877a293356de453aae9bd6c613964a02b248189
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13
59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75
5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7
5d6c05acb1f515201727614d50de5ecaad0a801825167f3d6e63655830f4e4a0
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3
668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9
696bf481ec5c742bf43af05db4e8387220cffd6329918a421523331f1ba7a2b7
6ab464d03d1de4fc9df7142654844408f767c68dd5f68dde635069a177bd174c
6bd981e3aac84fe6cc94e85793bab642857016dea82aa7731e5591e3b3531f4f
75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726
753f3c275202353ddc29edeab80489c1491d7a1ea303bb10b72a93cba06cbfd1
77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c
79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28
7c3c944fbccfba187fafda2404d8b9f3861089305cd83eaafd5c42aa8206909a
7cf6c891a0f1da250e9064b3e65550cd644fc674609ad52d3845ac8b9d634023
827918b04688e302c9b6e033ef0004ea86e7e1bdf3af20e22c05bf91c660d259
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e19d45e5bc9874f9b76586d6a307775abdc8d8c1ffb5d378a76a0d090558cc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c
89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8eefa322436955a85812c082e3ed2399efd61cef81bf4e07d4bee01146e21e62
901bc11148601ce33b55f67fc39bbd752a9b2fbfc0b9f91c9bcef7451f529d04
913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f
9323dec5d25b8291272bd77992bfbc8c0a0e75417e35e54521bb6b677fcfa9e7
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
943c771315e68f82fe0494357d47d9116a1dd55114cc679aa48e0ab416849947
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
98ac50642d57e10e24e846a35f59e6254394b92e229bdb2da363dbae8c18d21f
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f762440a87644a32d3da66d4560a0f7543235cfc686ad4a35da7c4fd8e9aeff
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a20475110b6665b6a8ffef06d071c7a77507fc167cd9ef860fffb408f2facd74
a23105b88d1b6b04bfc5f3a05ab24ce40b7dd0394a3668c3158e0cc89af578e2
a3dfa79d627c3cce5ed5846672bb0baa6dd4c8e8b2b18a3c99c34c229ed4149d
a4405710da0f4c59bfe863a014cb45b6e915376a384b3f2316ccd3b5e8cb173a
a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb
ab2c3f5b91456614f99a82f182de75f484d70b902da8920679270d30aeb18426
abaf9e22231e84737551605b0be0290b47accd62927bb780a82cb7f0eb796059
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
aedd81ffdd5133acc228a222a59808f9fd62eedfce49f62c08dc7bec9aba356e
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b4c09c116fe1d216042a62bff413bececf0f3e543946f39dd3031a78d212e560
b76ad150c0f773e9036702859a9e33197cb30f7fd7d5bb2c7314aa44f9d571f7
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
be4e957b6ddb5a166a0d86ca07493e17d0dfb1c9a8d0d05e9f3c224ac30426b5
c0910b826bdec0e8c83d42dda00c11be6d772dd86557e506aa81c0c119ad42e5
c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c
c2c147e47cbf9f93a4d3da90da0a979eb948bb69cea334df5dc944e6ab6d1fe3
c3aece0dbed8ad5463679528ee8a033c21651d559c327783b3e7d6b01ecd557c
c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72
c516679fcb3a9f88a395a8fee86d0425a22505fba8e57a86476743effb930286
c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f
cceddcf8b92013480664feb279c929f04691e1d00b40d6f94ac914cb275552d6
cd4339f783f4ec124df4ab6215be7518cba5d8c520a30bc6c992950c1ea11b25
ceff83b0e22fbab9c93d45ebfa86ac23c201468cb77af2229286f2176a2749c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf584a59e26668450ef6a989e51e0d3d5678897ad5cad844bb078cf703155e19
d3ad195f6f5632e69bab5da901092f41748eb1fa3f873cf1ad69143b83809122
d4a078ba248aea5d18dc4f6f86849c83c10adddd79d5907777897875d9261a26
d4b2eb4914c15132f5c0a573a13eae83dc4ee697982655a2c7766a1a6aaf49af
d58fc734e483788593be0598ca2a4ffbf31d3aba7433e140b6d80c8070a5b9e3
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dce849f528d8f15fd6d9920eb567148e4c5cd06f174b1107e09b14bd3c9c4998
de1f43d574a7dfe335b3b4c21cba058f3af9f4d839a9951c267ecdfe19b7803a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87
e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc1d2c6a81628198d20d724d4d5fd73e2e2191bcf897fe583f548ffaf18b0f
e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e0798e10fc4374eb8ed387d53d138f6a6167c985dc208aab24cd5bafc84511
e8d4d9a850ad7a7c5bf013a0b0daf9e687c3b4b972aa506b832e5362b3198b9d
ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f170e1d106c9e46966e9d574c3fe27fbf29b51780a5029dee29a341eceab2d29
f582d213e3668de85436bc63703b309e517be4e128ac37b71d66e85ac13690e3
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.valottery.com Open in urlscan Pro 52.168.86.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

197 Requests

99 %HTTPS

39 %IPv6

52 Domains

78 Subdomains

64 IPs

6 Countries

4541 kBTransfer

12406 kBSize

17 Cookies

8 Outgoing links

Page URL History

Redirected requests

197 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Screenshot
Live screenshot

Full Image

197
Requests

99 %
HTTPS

39 %
IPv6

52
Domains

78
Subdomains

64
IPs

6
Countries

4541 kB
Transfer

12406 kB
Size

17
Cookies

197 HTTP transactions
0 data transactions