www.xn--82cz3bcub1a.com Open in urlscan Pro Puny
www.ตรวจหวย.com IDN
2606:4700:3036::6815:3c07 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Submission: On October 12 via manual (October 12th 2021, 10:35:32 am UTC) from US — Scanned from DE

Summary HTTP 72 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3036::6815:3c07, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.xn--82cz3bcub1a.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 7th 2021. Valid for: a year.

This is the only time www.xn--82cz3bcub1a.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:303... 2606:4700:3036::6815:3c07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4007:818::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.13.156 142.250.13.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:10::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
72	17

26 2606:4700:3036::6815:3c07 (United States)

ASN13335 (CLOUDFLARENET, US)

www.xn--82cz3bcub1a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:818::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.13.156 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:10::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5lznes.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	xn--82cz3bcub1a.com www.xn--82cz3bcub1a.com	842 KB
18	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	313 KB
6	gstatic.com fonts.gstatic.com csi.gstatic.com	33 KB
5	doubleclick.net googleads.g.doubleclick.net bid.g.doubleclick.net securepubads.g.doubleclick.net	76 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	128 KB
3	2mdn.net 1 redirects gcdn.2mdn.net r3---sn-4g5lznes.c.2mdn.net	1 KB
3	google.com adservice.google.com www.google.com	2 KB
2	google.de adservice.google.de	1018 B
2	google-analytics.com www.google-analytics.com	20 KB
1	googleadservices.com partner.googleadservices.com	665 B
1	gravatar.com secure.gravatar.com	16 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
72	12

	Domain	Requested by
26	www.xn--82cz3bcub1a.com	www.xn--82cz3bcub1a.com
11	pagead2.googlesyndication.com	www.xn--82cz3bcub1a.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	fonts.googleapis.com	www.xn--82cz3bcub1a.com googleads.g.doubleclick.net
2	r3---sn-4g5lznes.c.2mdn.net	www.xn--82cz3bcub1a.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	www.xn--82cz3bcub1a.com
1	www.googletagmanager.com	www.xn--82cz3bcub1a.com
72	19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
social-plugins.line.me
lin.ee
www.lottovip.fit
www.ruay.page
www.tode69.com
lekdedonline.net
lottovipapp.com
ruay365.com
www.techsling.com
xn--82cz3bcub1a.com
haihuayonline.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-09-28` - `2021-12-07`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Frame ID: 88AABCE5922F88C1E43F8591AFDB7CE7
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/zrt_lookup.html
Frame ID: 22AB87CFE3E98F9DF2B793BAE2CC311D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1960034280122131&output=html&adk=1812271804&adf=3025194257&lmt=1634030453&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634034927029&bpp=2&bdt=293&idt=89&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1137254283413&rume=1&frm=20&pv=2&ga_vid=11563790.1634034927&ga_sid=1634034927&ga_hid=623802492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=3489691193385854&pem=309&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
Frame ID: 139BA310F8E8B5C3CA81479A74782F01
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1
Frame ID: 66F65E1609A265190C0FDC840A31ECFE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js
Frame ID: 26BCD1F61DE6F1DE74129F3E8B62DBBC
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 696018280374111A13F46A268CBCFCC7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 546EB72C2FC2B4730A6E23FB3283C8CC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8CB88F3F97E0784367EC7BBC0B02106B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

lottovip เว็บหวยออนไลน์ แจกหนักฟรีเครดิตถูกใจนักลงทุน

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

72
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1471 kB
Transfer

3668 kB
Size

7
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html

Search URL Search Domain Scan URL

URL: https://social-plugins.line.me/lineit/share?url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html

Search URL Search Domain Scan URL

URL: https://lin.ee/F5TG2X0
Title: ติดต่อ @lottoviphuay

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/
Title: lottovip

Search URL Search Domain Scan URL

URL: https://www.ruay.page/
Title: Ruay

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%ab%e0%b8%a7%e0%b8%a2%e0%b8%a3%e0%b8%b1%e0%b8%90%e0%b8%9a%e0%b8%b2%e0%b8%a5/
Title: หวยรัฐบาลไทย

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%ab%e0%b8%a7%e0%b8%a2%e0%b8%a5%e0%b8%b2%e0%b8%a7/
Title: หวยลาว

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%ab%e0%b8%a7%e0%b8%a2%e0%b8%ae%e0%b8%b2%e0%b8%99%e0%b8%ad%e0%b8%a2/
Title: หวยฮานอย

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%ab%e0%b8%a7%e0%b8%a2%e0%b8%ab%e0%b8%b8%e0%b9%89%e0%b8%99/
Title: หวยหุ้น

Search URL Search Domain Scan URL

URL: https://www.tode69.com/%E0%B9%84%E0%B8%AE%E0%B9%82%E0%B8%A5
Title: ไฮโล

Search URL Search Domain Scan URL

URL: https://www.tode69.com/%E0%B8%AB%E0%B8%B1%E0%B8%A7%E0%B8%81%E0%B9%89%E0%B8%AD%E0%B8%A2
Title: หัวก้อย

Search URL Search Domain Scan URL

URL: https://lekdedonline.net/2021/08/20/calabash-crab-fish-game/
Title: น้ำเต้าปูปลา

Search URL Search Domain Scan URL

URL: https://lottovipapp.com/center/apk.php
Title: ระบบAndroid

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%a7%e0%b8%b4%e0%b8%98%e0%b8%b5%e0%b9%81%e0%b8%99%e0%b8%b0%e0%b8%99%e0%b8%b3%e0%b9%80%e0%b8%9e%e0%b8%b7%e0%b9%88%e0%b8%ad%e0%b8%99/
Title: แนะนำเพื่อน

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%a7%e0%b8%b4%e0%b8%98%e0%b8%b5%e0%b8%aa%e0%b8%a1%e0%b8%b1%e0%b8%84%e0%b8%a3%e0%b8%aa%e0%b8%a1%e0%b8%b2%e0%b8%8a%e0%b8%b4%e0%b8%81/
Title: วิธีการสมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://www.lottovip.fit/%e0%b8%a7%e0%b8%b4%e0%b8%98%e0%b8%b5%e0%b8%9d%e0%b8%b2%e0%b8%81%e0%b9%80%e0%b8%87%e0%b8%b4%e0%b8%99/
Title: วิธีฝากเงิน

Search URL Search Domain Scan URL

URL: https://www.tode69.com/%e0%b8%aa%e0%b8%b9%e0%b8%95%e0%b8%a3%e0%b8%ab%e0%b8%a7%e0%b8%a2/
Title: สูตรหวยAI

Search URL Search Domain Scan URL

URL: https://www.tode69.com/
Title: เว็บtode

Search URL Search Domain Scan URL

URL: https://lekdedonline.net/2021/08/18/head-and-tail/
Title: เกมหัวก้อย

Search URL Search Domain Scan URL

URL: https://lekdedonline.net/2021/10/04/game-slot-online/
Title: เกมสล็อตออนไลน์

Search URL Search Domain Scan URL

URL: https://ruay365.com/joker-gaming/
Title: Joker Gaming

Search URL Search Domain Scan URL

URL: https://www.techsling.com/
Title: techsling

Search URL Search Domain Scan URL

URL: https://xn--82cz3bcub1a.com/
Title: หน้าแรก

Search URL Search Domain Scan URL

URL: https://haihuayonline.com/
Title: หวยออนไลน์

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/586AC5EFAF012A27BA3CD0732181BA275AD8B0DF.62FB151CA650E649022F0DE1702B12CE7091D516/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29114BB864C987ADF73D3D3D5711C910DA69DC29.268BAF1E6C4A5E0214D778A17A117BD14F42DC18/key/cms1/cms_redirect/yes/mh/Tu/mip/2a01:4f8:212:78e:2d::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1634034589/mv/u/mvi/3/pl/54/file/file.mp4

72 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 14679.html Show response
www.xn--82cz3bcub1a.com/lucky-number/ 55 KB
13 KB 230ms
211ms Document
text/html 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5626ac5fc502bafcb9cf799a1806cda130d641113d82a51a8161e68d88bb0015

Request headers

:method: GET
:authority: www.xn--82cz3bcub1a.com
:scheme: https
:path: /lucky-number/14679.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-type: text/html; charset=UTF-8
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Tue, 12 Oct 2021 09:20:53 GMT
cache-control: max-age=0
expires: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bk5f9Ky9ROk9H6s7ohVn%2Ba0eDT93Tk%2F6TQh2RTToTfBWfGpibYzt5rprsPYaMuQYE6F%2FLd8gQvf%2FkipSoLuC%2BPs5ZlS8LAGuwt6gy3aOx6%2FOHI2xIYO57BUAjhg%2FPgKRzaNO26TZMvEF2BrSOyuRGodBumZsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69cfae72cddd05e9-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.min.css
www.xn--82cz3bcub1a.com/wp/wp-includes/css/dist/block-library/ 52 KB
8 KB 14ms
13ms Stylesheet
text/css 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/wp/wp-includes/css/dist/block-library/style.min.css?ver=26932899171ff632c35b6ad8faf89f64
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

:path: /wp/wp-includes/css/dist/block-library/style.min.css?ver=26932899171ff632c35b6ad8faf89f64
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 07:06:39 GMT
server: cloudflare
age: 2358140
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiUY0CViOclEQyfJwCYOXZfY6g9Bb%2FFFxCUzp%2BYaoIgaSp%2FiLVBPOsQReqT2QLQNqAFy1MQSKptOM4mV%2FOMjHgV53PtzJebcLLoE2aKf%2FKpGbTnS3248nU35Y71YUAp9yfsm%2BlbgsqfdSmSxMKtXf36uAEycaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74384305e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 26 Aug 2022 18:38:32 GMT

GET
H2 200 style.css
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/ 423 KB
58 KB 19ms
19ms Stylesheet
text/css 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae527135a3acdc3971662044dd3869265fcbfacaab816949604b0d37dba6a314

Request headers

:path: /app/themes/thailotto/dist/style.css?ver=202007051200
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:11 GMT
server: cloudflare
age: 2358139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fEJyxcHuKY6A75KI6%2BDRU3ifGWmgKuO3Uwo7QV2J%2B1UR4%2BNhZ7qv5Ltdc8ENagf3y5tYtD0v87CE%2FxI9moPZz2wcDSJELC96urBa1LFyV14u9MBOrv5nLh9P%2B2hJ0iDG48pYPmI0AJfeBacvw162DIlOgKsG0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74384605e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 23 Jul 2022 04:50:56 GMT

GET
H2 200 ftoc.min.css
www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/css/ 33 KB
4 KB 17ms
17ms Stylesheet
text/css 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/css/ftoc.min.css?ver=3.1.22
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39e7c487b5b1c852e5835db98ffa3881e184890d7173a55050d9a73bfe7b3689

Request headers

:path: /app/plugins/fixed-toc/frontend/assets/css/ftoc.min.css?ver=3.1.22
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 06:57:16 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96tKlWMdgNY%2FRzJDRfDvdJ516C3tJhjlbgC0bHVKo8j%2BMOxAUgEYZmcDWTlNxlK1Yeh%2F5HOsb8lpS%2FFmmYEUHCmpmiEFnQ6HdP8QjoktYyrr7%2FTtJ2cD9%2Bw0jo7a0EiCsnPv41E%2Bv18XJSzPOnHR706hclZMKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74384905e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 28 Jul 2022 03:27:07 GMT

GET
H2 200 jquery.js Show response
www.xn--82cz3bcub1a.com/wp/wp-includes/js/jquery/ 95 KB
34 KB 26ms
26ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/wp/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

:path: /wp/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 07:05:57 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QOBwoxY18Ly%2FuL9u1g1YIRW2hTW63Tcpkcw4PEloA0fwr0M3gzw00GgrtuhbuNaWzrS3RqHEA99Uz3647Pob5PhCSl%2Bl8KZNJKCRijAMWb%2BMw%2FLnu4nq4NNtqceppqF5kz%2FEZZe3CgJ5O6QHPsgtiwucqSg2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74384b05e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 10 Sep 2022 17:49:49 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.xn--82cz3bcub1a.com/wp/wp-includes/js/jquery/ 10 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path: /wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 07:05:57 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B1xf3bxja0kWxPspWYWK3PGb4mbr6wdUC7%2FPplE5Cqurn%2FFlks1cPC1f1KubCnkQDzELxjc0j3BGDox4jUwdLw4Nm%2BHS3r42808mVp8uxIYATv77UgXuiD3KE55T7HD3MTK698v7o%2BdYpfmkGdnsIE6uefMJkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74689205e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 26 Aug 2022 21:45:13 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 58ms
36ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df25a89baab0bfb1e5b93eaf49ca951ab0ff0dc5bdd63357250b5706b99db798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51374
x-xss-protection: 0
server: cafe
etag: 7667996485004739214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 10:35:26 GMT

GET
H2 200 bundle.js Show response
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/ 568 KB
158 KB 32ms
32ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/bundle.js?ver=202007051200
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16a7b7a50d09178946d64f7fb089f476e501039661dfcea0f584ceb001832b31

Request headers

:path: /app/themes/thailotto/dist/bundle.js?ver=202007051200
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:11 GMT
server: cloudflare
age: 2358139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0pMcOYeAvlYYT3pWOB4i8QD3Tq23dOv%2BfRdZ3dEqT5NctRAoy8k%2BcKhs%2F1XYH2hucoECqxDafTM2rkvMAR8ITkduXFIE0hmGFg8R9HQxYApWsH2S9Ty5XFYomanVfed0KdVYT1drHbq2j7aFJ%2B%2Bj%2F30pJx2vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74a8ed05e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 23 Apr 2022 21:36:02 GMT

GET
H2 200 navigation.js Show response
www.xn--82cz3bcub1a.com/app/themes/thailotto/js/ 3 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/js/navigation.js?ver=20151215
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

:path: /app/themes/thailotto/js/navigation.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:16 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xy5mPzIeTy%2BIWsyOrnZai%2BBY29QeIL2GbrPco9hVok%2Fi5Tx0VxOF42mv38Qoqq2dN%2F6pVGR4E7R7Nn%2FA7xbkuEKCeeDbNl%2FfO818DHmJ8EIkNcetzAZppWDjbzoGCIEFcP47WbcT9T1T60kojX%2FAV38mCHrwfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c90f05e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 30 Apr 2022 05:37:18 GMT

GET
H2 200 skip-link-focus-fix.js Show response
www.xn--82cz3bcub1a.com/app/themes/thailotto/js/ 685 B
768 B 19ms
18ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

:path: /app/themes/thailotto/js/skip-link-focus-fix.js?ver=20151215
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:16 GMT
server: cloudflare
age: 3532543
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP3p5zYR8iZqmE81MczSlaZfawPw2d%2FV79k3AJVmQfDBYs4JuNzWaKaLm1PyHh%2B5zQnJi6XiLO7catWikcGo0x2Nai34IbhzClFZXQ0of6RPmpI6sVkI9J8%2F3PePFdETIIbrqmMfnwPXxzjgGwtifCoqEaDqQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c91005e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Sep 2022 11:08:50 GMT

GET
H2 200 ftoc.min.js Show response
www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/js/ 25 KB
7 KB 40ms
40ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/js/ftoc.min.js?ver=3.1.22
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac57b8948fa16f8d943d98c14ca1f077dfb3de90e29c11547b7b59310b77c704

Request headers

:path: /app/plugins/fixed-toc/frontend/assets/js/ftoc.min.js?ver=3.1.22
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 06:57:16 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7pnmPxKgZv0wEtURqXyZBsV7hgFMbzYmnjVPM99WAgyueB0joGKNuW%2B0NTtRraVO7o6jv8KIKWBJILfkqxdzzt3n41vT1PK%2FASiAmk4xT%2F1DRSkUl%2BhrAVyXvVWrgBcmVartXxmuUDkmUEzzF9INDJJNYckhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c91105e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 07 Oct 2022 17:24:28 GMT

GET
H2 200 wp-embed.min.js Show response
www.xn--82cz3bcub1a.com/wp/wp-includes/js/ 1 KB
1 KB 37ms
36ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/wp/wp-includes/js/wp-embed.min.js?ver=26932899171ff632c35b6ad8faf89f64
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path: /wp/wp-includes/js/wp-embed.min.js?ver=26932899171ff632c35b6ad8faf89f64
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 07:05:16 GMT
server: cloudflare
age: 2358139
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaaTP23jTh7CYMXpvD4OaQX3Vs7NOjtQ63Uhx7%2BGXngAUA7z7zOIYB%2B8S5G6UeMe2W92y16DCDfAR0Y%2FzbLcSeYFBGls2mnSDLyJUPrfTVtgGeeqaO%2Bld1FiME3Vdh%2FIE%2BmNpXZVh3awpCQBapX9iGuwGC3M6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c91205e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 13 Sep 2022 17:43:09 GMT

GET
H2 200 lazyload.min.js Show response
www.xn--82cz3bcub1a.com/app/plugins/wp-rocket/assets/js/lazyload/12.0/ 5 KB
2 KB 36ms
36ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c

Request headers

:path: /app/plugins/wp-rocket/assets/js/lazyload/12.0/lazyload.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 07:12:08 GMT
server: cloudflare
age: 3532543
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=woQZDYlpJZvT%2BAo5qu3wyh5h%2Fei%2F7hboE3svCucIw6oaNaxkE5LfudMx%2BmWuvx3gbIMvWSudFKTURJK5g4DSwCWTzgpA6gQiz0in2tyHW1P5jJGH0g5A0R8ThxNdOz24a4tDhW0M71xoENGulYsY8bxtwDOSDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c91305e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 31 Aug 2022 19:42:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Kanit:400,700&display=swap&subset=thai

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b42caef1a29745971a3cb0ae39444bad3338dc56e3b08972af775eb13030ec93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 10:35:26 GMT
server: ESF
date: Tue, 12 Oct 2021 10:35:26 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 12 Oct 2021 10:35:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 73ms
48ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NG7CZJ7

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19f706ee4f5ab8d9775f04b66f3a077a7a860d96a53df1236789eb2da39565f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39801
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 12 Oct 2021 10:35:26 GMT

GET
H2 200 tracker.js Show response
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/js/ 64 KB
20 KB 38ms
38ms Script
application/javascript 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/js/tracker.js
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d8ee972e445f7120c198a83a0363cc844a3e55094e4aaa0548ffa9e213b3b9b

Request headers

:path: /app/themes/thailotto/dist/js/tracker.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:14 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMwsGdwrcUJnmWZGWKius5Cds7HW23iqzGlp3DlBcPcQ56HiUQKXlkWBL6bEIBs1vsN%2FERw2XDr2L6RZ6HIfz%2BCkIMZDuAuk9NAYnXRETqla1%2BXoz2DzWgatXcxR%2B3gFpKGVXDge92rsmYPZg111flYPfNIRcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74c91505e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 23 Apr 2022 23:18:40 GMT

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15179bcf587735652ddf7a4af0ed500881cb4b4eaf3effce1719c1d3de17f79d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 LINE_SOCIAL_Circle.png
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/ 42 KB
43 KB 36ms
36ms Image
image/png 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/LINE_SOCIAL_Circle.png
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed48fac0897231a6a9e5702abb288242f01e636708e426bc0e8b0dc548ae5a3c

Request headers

:path: /app/themes/thailotto/dist/images/LINE_SOCIAL_Circle.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2358139
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42931
last-modified: Thu, 07 May 2020 05:02:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1GFOiMLOkCEiBh4cq1HCKWcB2LhkCvf9ddU%2FTErbfQGn6QM64i0R922fk42%2Fy4ypEyMNrP0rmNfRPiUugEhaLKXJUmis53vkpx6e7zvTE%2BYTUkxITywrIa%2BEOOLSS6zIDygMY5JEaz2ZXQdG43FIwrCkCoKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae74d92e05e9-FRA
expires: Mon, 03 Jan 2022 15:29:38 GMT

GET
H2 200 nav_menu_tree.jpg
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/ 24 KB
24 KB 40ms
40ms Image
image/jpeg 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/nav_menu_tree.jpg
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1381f68a6b37e14e40c56d40db12aadabb56dba213d5ae57b3e3921486b51b8f

Request headers

:path: /app/themes/thailotto/dist/images/nav_menu_tree.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2358132
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24614
last-modified: Thu, 07 May 2020 05:02:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoVUqDWOSr2umlVUxUdBv%2FxKPIYNkVajMt2T283KfreCEe1mM1vjdpSzu3vb%2Ba57NWYF9yXFUONzFN%2FbK5RZzeyvNQdz%2BYgfuJdtV7aDXvA4hRoxTQXO75Rje5Ko0B9JawcEfAdZag31PsiB05U3zMJGyqS8Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae74d93005e9-FRA
expires: Sat, 27 Nov 2021 08:57:15 GMT

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v7/ 19 KB
19 KB 65ms
28ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:400,700&display=swap&subset=thai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:38:12 GMT
x-content-type-options: nosniff
age: 7034
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19040
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:14:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Oct 2022 08:38:12 GMT

GET
H2 200 fa-regular-400.woff2
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/ 13 KB
14 KB 52ms
51ms Font
application/octet-stream 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/fa-regular-400.woff2
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6

Request headers

:path: /app/themes/thailotto/dist/fonts/fa-regular-400.woff2
pragma: no-cache
origin: https://www.xn--82cz3bcub1a.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:14 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkI7IPrZo2gMxV1EMQCzQ8pO5aevrV%2BeoZo4lYYCEUXP4x4B5ushtEu05Ssd94ewmRnKQno5EU6Mkzbc61im8OdB4a4HVNRyR7cqEwwApmKj7dsqdjb8nZucP65ml5xF%2F8ggAxLQ6aYXwqShdg%2FcbYuihPg6xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74d93105e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 26 Oct 2021 03:32:36 GMT

GET
H2 200 fa-solid-900.woff2
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/ 74 KB
75 KB 42ms
41ms Font
application/octet-stream 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/fa-solid-900.woff2
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4

Request headers

:path: /app/themes/thailotto/dist/fonts/fa-solid-900.woff2
pragma: no-cache
origin: https://www.xn--82cz3bcub1a.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:15 GMT
server: cloudflare
age: 930658
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF5dGlQ%2Fus%2FEVS2Vzt0rl4GKMkJ86B%2F0SLn095B1LmDhEvr0m0MUjIX2GYvBxqiViT5a4qOTv4Evxuvflnsi%2BwOKBVhu8vMp03d%2FYcUK4XS7euw%2BisZqDYmizwP0Qz%2B91fMMR%2BjlIMPkuB8cBKyTorTOa2UyGg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74d93305e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 28 Oct 2021 03:01:23 GMT

GET
H2 200 fa-brands-400.woff2
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/ 74 KB
75 KB 53ms
53ms Font
application/octet-stream 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/fa-brands-400.woff2
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b

Request headers

:path: /app/themes/thailotto/dist/fonts/fa-brands-400.woff2
pragma: no-cache
origin: https://www.xn--82cz3bcub1a.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:15 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwtsjnvVtTyJVhBITw3M6WITa7%2BBd%2BJJ2xXViAhTUi%2BKVx1NFxI9Jb%2Fm5zaVSSxEN23L5Gig%2Bm%2FJe6ZsmBlcawMgNQyN1FbJpHlFKlzZtJUyJrTfV2a2inOEoWBh%2B2KnMLM80v%2B7FFodVPdpYcBKcuEPEPvw9w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74d93405e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 13 Oct 2021 22:19:43 GMT

GET
H2 200 icons.woff2
www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/fonts/ 4 KB
4 KB 49ms
49ms Font
application/octet-stream 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/fonts/icons.woff2?45335921
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/css/ftoc.min.css?ver=3.1.22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24555680b413d9b1d6d8eea400a95ae4e064030afadd57eff2bd67f4df3740a9

Request headers

:path: /app/plugins/fixed-toc/frontend/assets/fonts/icons.woff2?45335921
pragma: no-cache
origin: https://www.xn--82cz3bcub1a.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/css/ftoc.min.css?ver=3.1.22
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--82cz3bcub1a.com/app/plugins/fixed-toc/frontend/assets/css/ftoc.min.css?ver=3.1.22
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
last-modified: Wed, 16 Jun 2021 06:57:16 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZnezANSiUK2KvnenovNUONLgzPLWqQo2KKzC0id%2BGthCbXyZcHdA9CjSIttB7bTEKm%2BS%2FON2ytxtUFsYG6fGn%2BwNnzg6bu6WvWFw0NxHbTLjv%2F1XRSGVa1SEwMsB5kNxCspnRvRHnLGuXdRQjqrK8A2cGpBWg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74d93505e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 24 Oct 2021 21:27:57 GMT

GET
H2 200 csprajad-webfont.woff2
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/ 11 KB
12 KB 46ms
46ms Font
application/octet-stream 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/fonts/csprajad-webfont.woff2
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09a4be40c90137d981d4518d5b5ccb527d29e369e432e9c5ee092aa638049f80

Request headers

:path: /app/themes/thailotto/dist/fonts/csprajad-webfont.woff2
pragma: no-cache
origin: https://www.xn--82cz3bcub1a.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:26 GMT
cf-cache-status: HIT
last-modified: Thu, 07 May 2020 05:02:15 GMT
server: cloudflare
age: 1617
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2IgVsbXoJ2XOyH1qBoiJI9gWcaFUXFyz0wbvdPbDqCTsfCeydQ3DM1jcjwSe0H6nnzvTZaJEgyzDi9OAe3WuGF4B1itX08s2ealo%2FpbQi1npr22a44c%2FBxv2eXAE%2BiaR1OvctCysYJxqDzEZgAa9xBPGSk9KA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69cfae74d93905e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 09 Nov 2021 14:42:12 GMT

GET
H2 200 nKKZ-Go6G5tXcraBGwCYdA.woff2
fonts.gstatic.com/s/kanit/v7/ 13 KB
13 KB 46ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraBGwCYdA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Kanit:400,700&display=swap&subset=thai

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.xn--82cz3bcub1a.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:46:57 GMT
x-content-type-options: nosniff
age: 6509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13252
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:14:13 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Oct 2022 08:46:57 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 272 KB
98 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1960034280122131&plah=www.xn--82cz3bcub1a.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e898396a63a31caead5610be17a0d5e1465f251e8f7dd0f1df02f144ff5c81d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99725
x-xss-protection: 0
server: cafe
etag: 18043168443402353962
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/ Frame 22AB 10 KB
5 KB 28ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211007/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.xn--82cz3bcub1a.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 11 Oct 2021 18:55:18 GMT
expires: Mon, 25 Oct 2021 18:55:18 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 56409
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracker.php
www.xn--82cz3bcub1a.com/app/themes/thailotto/ 0
376 B 821ms
820ms Image
text/html 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/tracker.php?action_name=lottovip%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%81%E0%B8%88%E0%B8%81%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%96%E0%B8%B9%E0%B8%81%E0%B9%83%E0%B8%88%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A5%E0%B8%87%E0%B8%97%E0%B8%B8%E0%B8%99&idsite=1&rec=1&r=798656&h=10&m=35&s=27&url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&_id=48f33552ad4b06fd&_idts=1634034927&_idvc=1&_idn=0&_refts=0&_viewts=1634034927&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=228
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.14
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /app/themes/thailotto/tracker.php?action_name=lottovip%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%81%E0%B8%88%E0%B8%81%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%96%E0%B8%B9%E0%B8%81%E0%B9%83%E0%B8%88%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A5%E0%B8%87%E0%B8%97%E0%B8%B8%E0%B8%99&idsite=1&rec=1&r=798656&h=10&m=35&s=27&url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&_id=48f33552ad4b06fd&_idts=1634034927&_idvc=1&_idn=0&_refts=0&_viewts=1634034927&send_image=0&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=228
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.3.14
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2FcAavm0GgSy6UTdQ6W%2BdZaSsGZ3yEnBtq1LQ6Xupw69bgl65KnhRFwfFmxi3%2FS9fzitT8V9mEHkqZH1jKLWPZb6cT1xbszfqbgZeDxx3fk5ppSI0zwLYea3hqw6pZST6iB%2FMoJlGzGxZWf6c6LR54kz6pukhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=0
cf-ray: 69cfae762b4a05e9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 mCSB_buttons.png
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/ 3 KB
3 KB 22ms
22ms Image
image/png 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/mCSB_buttons.png
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e98cac48f5c13b3fbaa28458f0d8f26a78c9d944f8f4edad9abcb249b9028ca7

Request headers

:path: /app/themes/thailotto/dist/mCSB_buttons.png
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/style.css?ver=202007051200
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2998
last-modified: Thu, 07 May 2020 05:02:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD85ztRJt2iiZmOlq5m9sjEXvI%2B8FWWnZa2eKP1BfeRVKzc5OjE5xMXxgDA2xFG0uQaESGmXuV5I9%2FTzYaB3yx7QJYJyVye6NfG0LT%2BqHb4DrVVoNeju05hOAAFOdJTa2rSi%2BOugQrmZKG7MhERYlFrd55ALcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae763b6a05e9-FRA
expires: Sat, 27 Nov 2021 02:37:29 GMT

GET
H2 200 logo.png
www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/ 15 KB
16 KB 30ms
28ms Image
image/png 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/themes/thailotto/dist/images/logo.png
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0afbdd068bd9e7ab578552a0b8fa4024a01415f0951f99771e73576acee1ee3

Request headers

:path: /app/themes/thailotto/dist/images/logo.png
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3532543
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15576
last-modified: Thu, 07 May 2020 05:02:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxFIWp1OwiSDhfRFqdLMUiRrYxU2j4byXBMIMCGU1lBW1DUPSie%2BeSC4JyU7tV7uhroc2cavnTB%2Buxgn8PkgRIns0%2BB4JfG0%2Fi9tGwWTlybhx%2Fz2jixnqJA2yFgP%2Bs%2FfZgRs%2FF75DcayM%2FsPFGWnhZ8ngB0vmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae764b9405e9-FRA
expires: Sun, 26 Dec 2021 17:01:43 GMT

GET
H2 200 1887dab895a78c56d0d0ec58dfa82807
secure.gravatar.com/avatar/ 16 KB
16 KB 43ms
22ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/1887dab895a78c56d0d0ec58dfa82807?s=96&d=mm&r=g
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2daef5d6e1fd443e7e4f276687bb439f0337beede80c568164acbd4e8c07a0bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 12 Oct 2021 10:35:27 GMT
last-modified: Thu, 19 Nov 2020 10:12:01 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="1887dab895a78c56d0d0ec58dfa82807.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/1887dab895a78c56d0d0ec58dfa82807?s=96&d=mm&r=g>; rel="canonical"
content-length: 16262
expires: Tue, 12 Oct 2021 10:40:27 GMT

GET
H2 200 lottoVIP.jpg
www.xn--82cz3bcub1a.com/app/uploads/2021/10/ 84 KB
84 KB 21ms
20ms Image
image/jpeg 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/uploads/2021/10/lottoVIP.jpg
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 380ce11f72c311feb35a6f0103e632193dddfe5b17c90ecf2086bd3e19f86b78

Request headers

:path: /app/uploads/2021/10/lottoVIP.jpg
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 85936
last-modified: Wed, 06 Oct 2021 16:26:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTAqxmb6bkCX7rwpWejCEvIj4rSp4ovrTTRTmaGePE%2B%2FvPWmL3mY2WW1r46us%2BAUHIbdCdi8MWbSE5vRlXXIt3H7xr87p2RRKNRmdz22Uj2%2BG8%2FtgveMe2opNQ5TbYNkaks2GkZqtSQPBUlf7Lx%2F0yTY%2BCuPKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae764b9505e9-FRA
expires: Wed, 09 Feb 2022 09:05:14 GMT

GET
H2 200 lottoVIP-1.jpg
www.xn--82cz3bcub1a.com/app/uploads/2021/10/ 50 KB
50 KB 14ms
14ms Image
image/jpeg 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/uploads/2021/10/lottoVIP-1.jpg
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f299b3703fb31e190361befee2e60121f46a7bf4313d7701e26f072a6898e00

Request headers

:path: /app/uploads/2021/10/lottoVIP-1.jpg
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51095
last-modified: Wed, 06 Oct 2021 16:35:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSvkW3f0GNq9jw4zXkq5dEOrUENZifZTy0nwvTEudmTZ1EC673gMBZjj9CTI4p%2BDXn6%2FJenFQVCH60xBTVHnnmGncPAh7IajKKJAoI8%2Byg%2Br4IDKRfdQe7xQ%2BiuBzz8Iep2EbeACIb65fVQNuIgNNLg0dZ4ChA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae764b9705e9-FRA
expires: Wed, 09 Feb 2022 09:05:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NG7CZJ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 2061
date: Tue, 12 Oct 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Tue, 12 Oct 2021 12:01:06 GMT

GET
H2 200 06.10.64-8.jpg
www.xn--82cz3bcub1a.com/app/uploads/2021/10/ 129 KB
129 KB 27ms
27ms Image
image/jpeg 2606:4700:3036::6815:3c07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.xn--82cz3bcub1a.com/app/uploads/2021/10/06.10.64-8.jpg
Requested by: Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3c07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d375c8dac1748463424ffa815d9adc8756fc96979ff656c35ecb769e7d16678d

Request headers

:path: /app/uploads/2021/10/06.10.64-8.jpg
pragma: no-cache
cookie: _pk_id.1.1764=48f33552ad4b06fd.1634034927.1.1634034927.1634034927.; _pk_ses.1.1764=*
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.xn--82cz3bcub1a.com
referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1618
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 131932
last-modified: Wed, 06 Oct 2021 16:29:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: X-Forwarded-Proto,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f9KQ35tj1xJdJE9ZL9mdmqU1s3ZGpYpArCU0DRPXMlOSdD%2Bh1vd%2Ft2xi%2BSioauilK%2B1Nkj7ds%2FRA%2ByOoc50Z8QAecZ%2F5WgRoviMaIh3QkKQ5AFVyHthl4klXRSNVB78lgyZ5GO8EYq8sDSOE6wrWaf0Kg5xuXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 69cfae765b9e05e9-FRA
expires: Sat, 05 Feb 2022 08:36:04 GMT

GET
H2 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/ 53 KB
20 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1960034280122131&plah=www.xn--82cz3bcub1a.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8258aae97645953d9cf69c5c09d023c22b963e3684c156fe6851f5c0dfd6d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 08:38:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20809
x-xss-protection: 0
server: cafe
etag: 14585354915338642938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 08:38:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 209 B
665 B 47ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.xn--82cz3bcub1a.com&callback=_gfp_s_&client=ca-pub-1960034280122131

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

35d34aee0afbff1fadddc6998ed625e6d91095157a12035d0e0f06f99032e07e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 46ms
18ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xn--82cz3bcub1a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 45ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xn--82cz3bcub1a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 139B 125 KB
30 KB 211ms
209ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1960034280122131&output=html&adk=1812271804&adf=3025194257&lmt=1634030453&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634034927029&bpp=2&bdt=293&idt=89&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1137254283413&rume=1&frm=20&pv=2&ga_vid=11563790.1634034927&ga_sid=1634034927&ga_hid=623802492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=3489691193385854&pem=309&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b21e31867e752e93057a222f088b2adb552ea606862a78b5c1527c1cd3659d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1960034280122131&output=html&adk=1812271804&adf=3025194257&lmt=1634030453&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634034927029&bpp=2&bdt=293&idt=89&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1137254283413&rume=1&frm=20&pv=2&ga_vid=11563790.1634034927&ga_sid=1634034927&ga_hid=623802492&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061691%2C31061693&oid=2&pvsid=3489691193385854&pem=309&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=104
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.xn--82cz3bcub1a.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 12 Oct 2021 10:35:27 GMT
server: cafe
content-length: 30350
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 12-Oct-2021 10:50:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 12 Oct 2021 10:35:27 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=623802492&t=pageview&_s=1&dl=https%3A%2F%2Fwww.xn--82cz3bcub1a.com%2Flucky-number%2F14679.html&ul=en-us&de=UTF-8&dt=lottovip%20%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A%E0%B8%AB%E0%B8%A7%E0%B8%A2%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C%20%E0%B9%81%E0%B8%88%E0%B8%81%E0%B8%AB%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%9F%E0%B8%A3%E0%B8%B5%E0%B9%80%E0%B8%84%E0%B8%A3%E0%B8%94%E0%B8%B4%E0%B8%95%E0%B8%96%E0%B8%B9%E0%B8%81%E0%B9%83%E0%B8%88%E0%B8%99%E0%B8%B1%E0%B8%81%E0%B8%A5%E0%B8%87%E0%B8%97%E0%B8%B8%E0%B8%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=563186826&gjid=1463409479&cid=11563790.1634034927&tid=UA-153146014-2&_gid=1529466881.1634034927&_r=1&gtm=2wgab0NG7CZJ7&z=1813459258

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.xn--82cz3bcub1a.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.xn--82cz3bcub1a.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 143 KB
51 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/reactive_library_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3836fdd3b06c0d0b2e6264f08ee21cfac81f1b3d0134576810205ec9c96c09f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52530
x-xss-protection: 0
server: cafe
etag: 12373488827997739603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.xn--82cz3bcub1a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.xn--82cz3bcub1a.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/ Frame 66F6 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.xn--82cz3bcub1a.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 11 Oct 2021 19:27:15 GMT
expires: Mon, 25 Oct 2021 19:27:15 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 54492
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 66F6 4 KB
731 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 09:19:53 GMT
server: ESF
date: Tue, 12 Oct 2021 10:35:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/ Frame 66F6 18 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f685e060ea2385c8f008c5915373f506dcb4a3e5ad648a7693efca4550f2a037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:34:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7704
x-xss-protection: 0
server: cafe
etag: 13905763089999689414
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 10:34:57 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/ Frame 26BC 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7688
x-xss-protection: 0
server: cafe
etag: 9086524265215974373
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 10:29:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 26BC 8 KB
788 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 Oct 2021 09:04:02 GMT
server: ESF
date: Tue, 12 Oct 2021 10:35:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/ Frame 26BC 14 KB
3 KB 30ms
7ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 12:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 10:47:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 06 Oct 2022 12:30:59 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/ Frame 26BC 352 KB
122 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a1871e4b6628d8e7ec4af963840978e11484ed4b96c5798697f01061a526af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 12:30:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124967
x-xss-protection: 0
last-modified: Wed, 06 Oct 2021 10:47:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 06 Oct 2022 12:30:59 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/ Frame 26BC 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211007/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:32:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6281
x-xss-protection: 0
server: cafe
etag: 18349783599053866072
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 26 Oct 2021 10:32:38 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26BC 0
348 B 80ms
27ms Ping
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~kuny7fe9&c=2389464758029&slotId=1194732379014.5&qqid=CIjviLvWxPMCFRdo4AodamIPDg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 26BC 0
121 B 41ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CsJzZ72RlYci7CZfQgQfqxL1wmKq6xWT7ksOnkgzwLhABILWHw39glZr7gZQHyAEFqQK2WfTUlMZ9PqgDAcgDmwSqBPcBT9AuVC8Ahb_uzJuuNFmpMpyxTw3kZmRS7lJl-fjazimRKIiucWHt9c7D67VvENITbvrRKX5bx0YSjLcBpL_UlFJeg4l2ZY8BTedIUPZkAPwgvZmymhOO58tbeQsgQcULcQxLr64vt39sClaHQRCqlU9OoavepdlqckPgrucd2KQrKhRKJ7dxzQDHphlauU8iLY5kzUISJANzvNR0JDbObffDxgvALRpcVW2zRCEoRm_eI0j7GhQ0oxd-BIZa8_ZJUHvDf7LykafQQhi1Vj050onnN8X-ay63T1a5lhA9TcvFVpZq0WSaHMMg05itZBlptYuFKxUEoMAEupzN1IED4AQDkAYBoAZ2gAeilLO3AagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARhfgAoByAsB4AsBgAwBsBPN37YL0BMA2BMQiBQC2BQB0BUBgBcB&eventType=clickstring&clientTime=1634034927542&ai=CsJzZ72RlYci7CZfQgQfqxL1wmKq6xWT7ksOnkgzwLhABILWHw39glZr7gZQHyAEFqQK2WfTUlMZ9PqgDAcgDmwSqBPcBT9AuVC8Ahb_uzJuuNFmpMpyxTw3kZmRS7lJl-fjazimRKIiucWHt9c7D67VvENITbvrRKX5bx0YSjLcBpL_UlFJeg4l2ZY8BTedIUPZkAPwgvZmymhOO58tbeQsgQcULcQxLr64vt39sClaHQRCqlU9OoavepdlqckPgrucd2KQrKhRKJ7dxzQDHphlauU8iLY5kzUISJANzvNR0JDbObffDxgvALRpcVW2zRCEoRm_eI0j7GhQ0oxd-BIZa8_ZJUHvDf7LykafQQhi1Vj050onnN8X-ay63T1a5lhA9TcvFVpZq0WSaHMMg05itZBlptYuFKxUEoMAEupzN1IED4AQDkAYBoAZ2gAeilLO3AagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARhfgAoByAsB4AsBgAwBsBPN37YL0BMA2BMQiBQC2BQB0BUBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 26BC 26 KB
14 KB 91ms
46ms XHR
text/xml 142.250.13.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AvYDC6VwYpT0-tP-H3jGEfvPUOMcTXjRSoAkpIQOjeyVtkMf0fN0scGaNwTq2tmZxSUyMZN7ljP84CkWn1ZHZy4ANqCw&cry=1&dbm_d=AKAmf-ASV35RliryvN-i6xoXIQ6d9BjAig99Wh-L8R1BrTyEGYQKUkbMIVCxUj6PYh0Ys6NcdTod8M4oxZaYk3rfi2niMSmdwYoWGJdXuen-GngcpeaM71DXHi2zZqvj2EmBaTfVtgltDiSf70D3STmjU0NzJMLOGrkJ3Zbc7iDCaP9367AdEdcw-FmV4UNI55ps_e6yzyviZ4qK2nfaYfyyCECvdEF3Ku-Wb3RfwXjBouYSLiES3iw1OPaktJpUOjgL2WFtrK6m3lbNKGQJQBLv8WR1D9pTrdO0LQVK8PJqqcBwDx4g0DrHRWueGXn1-oPYs7XHBQN3wql-1PZxXcaE6np5-Z_X5K9h4rnwrU1sk7gPR56KZB2OMP8TNd7vx816uV_ArK4Oe5RXu2-c9oF_V5xqOd6HyaKlKzK2vyWxI5Efr-QXyOV_MFQ2wk2yk-_PK8_Z5n-2BeKo7FlXEeY85uCrdevQ3oqK2rEsIhuU4kEubJWpKby2aZpz0_F9b64BSU55_HHNWMcSKVK9d0ThSj3nY_X9JaXj73dV5t8RSXuBO7q-BncBqAp-0alsTWHdgii9ud8Bc0X3bbEVYw2_Z0nsx-Zo7KajuWkKoUKgoPiE-PWSgZxWG4F5KWyMMooLu3ohzOemG06D-n_uWslBDjS6qaruoc7z7OfRe4y4hA-YiZ6LtDncn1QkJSeu7CL_3GAuz4PafT8lETXLYftgwNtAjOPZWNT932ysXiHtJWovggyMtJWMUP1JTVrUJbh1eZsVAxIt4jwEcYJqVdlnvgsw1IPi9IL8VbezqGFb58xiZbqc3WcdIpsIvbrdeIauDwBcqh4KLL3ocQe2rurYvhsZp0R_bj4Uz1QSm2HmPXxaadwL14RK8N28OeimLk7KHFa5AuB51zbJjB1au6ql04KtWWB9GuYqPRndiPJdOftu4BYeKr7wvTmCx9Hy_nmpVvXC6gpTL8MUxbtpAW7xczFoJ-OfGNJhN_SPGKNvUBm3vkxhHcbGFEr-WDhqwajjcleTQlJs2IUnErDJqE3miV28a_V5J0M_xSC0NVN4w81fhFTZ6ceDpPDYlICFlw_kgmRzM5HB51SHwq_gg_6dm6Hb1rezJOWADq1QdtEtrjIve8qNzjlPBTtsyfdIpTgi4daSbXBsFHXT4LX_tZbNZAXJYFI5LXNPIoV26R86H3Fa3BEQOjD7m0_zUu30VuplpmAjo5nReuSFIR952aqqaTxPfPppc-k93kleHuOX0j6xB0sLsbvZM6TBXscspbjqqepUeqY6xvGuV9Ol974GDL61s0Q8XfizB4UyGMF3BUHG1yfSvTmYYDUMHSGgI2a-EWnMEOw9akcCvfv5vHWgubmq7qtbSBwurStVoSfhStIGtQjBCCUUwaIIiDsJ-t43O3m-qlF_8dYiZFqFi-uW4SANi3bhkATdf-yRr70MKXx3G7dYH8pgrMlqh9CEeUkBkORlwIRpsuxpSzT6E5bnBKLaDQ2Lggb8SZFACSyZqXTtDBXNc-_XEkIfq1fN0fgFP-b33WiHnQy_J0Wi_qsRS-IVLDP2fkp4Oad2oc0IYuvh-F1y2aVMQXSzDYsoCa2SwqlVvf1HuaFR-jD_pmZCsgRVWrf0_fDv5lBtNP8GwU2f8Sc2bWk75goYYstWjDGgQUGIgF1-nQhPNsu86OZweV5C33f2-HsO2fmklsdbzGRqcQUPRdRBbzhO8IFbJo9W8d1uLbBDfrSrfUV1xAWB5SknK1h0EST82bZgUHUIJ_YHe-8VHx_IzgWSLdqS9qnBta6wdDyemhaIKc8js0EwWfMZmzzR3F4Fsy0icyR52VuJ23mh9QYriZ7qnirxDdUjJ2kkgCDkhHbkv4FTYqpTTZIvoZ3zJ_SQOZlcKKk0IbBVaReM-hIahOjaW-3IfecZvRtVi-QXpRmnNc47EHL32Ur1wJ-cEKvRoLLKKmk3cfcTIXwi_wNXUSl7BAJEC2CzBXPjtVQHz4Bny91SCIDQtKGVspy--L4GqME8_Oh-Uldhv95JbgQoP77SJKXBIP2i6_o8g78k-ab2Ns4ClN4kA7yJppDNTfPgsxZ8ENFfEELaS9JHjnvufxM58-6AUACKMY8O4RAFK1IBmIyq0HDqvOoFDaEDUhaoNrn2fENKSzuGlHlN2ARO12OQqInZ1YGwLuz6qi2ms-wIA7B7SoB16Zb1Nz-6MsoXjNxx21w49fh5-Ho5c5wwFuK6MivoGPa-pNmxyHgAOywzA3JM9_iZF8vxLWqMJgfQnkJtn7N2LFYgwTV3j-hDXu0psvjLhrhIm5iclAEiqT3RohOWHoT9i8NDR-raPEnj9fPP7CD8FBkf1Kl52KCFBul3Phw50FEAO92BkioP3XApftv0ZRg0tfzLViFGBEw01HgGn9wOTLoQq90FY0psuaYCTDGSPJ9KIRQMt1hAJvkoUU9Nblqf9ZkPeWe26thDhs_RA_eeMv2VJswVo3tlAFhfYJln9nf0haocUhabiR5p5oWFRVXg0QvQRlGEusGurgpGqJn00HAalQwnwmujfmXyHxSjiEQTpsYh4aUjG3XcFKgKqzfJ7ep8hPRwFgNF3R_Owjr58G9tPHY7-v-CCJH_O2GWhRLex7od64X49Elu7cWFSMNbnZqF6E98tvcZps3aFsAOeoKcSgN1z1LtFR6Plsy8pzyZmr_PwiAlIKyhF4zQFEnzpAvZLsJUX_MtzwvD06nATmSKOmeyVj6F7QsT61NqaW7QAl0yimamIZurHdw7LwGgq6KBYaH4AynLdB3y7CvDzilkIcehGui06_whjGpN3aagRmUPt_uI5nA3KrgYw_QHfIh0kGyBV8WUrqRsmbk1C99jBwgt3zX8qAYeCE2n9LYejTvucq2B_UF32WFj0kAE2cAn8MPTOZSV75JoVETmy6wUhlVBie8xSBJbTxQ_mlfE2PXCD55cwEX2eqLOo6gWUdQ0ZYYenfRawZYFlvL62lQj6HJnqeClg7nFY_xBtiHC2WAhJ-58dW9D7FEEK5u6vZP1ID6zGtlourWouzPrlW8KLLjUXTPXF522Cu6z4Y-TY7EOG0OfbLYNM4etO-hMPr5YwByjo9p3Lbo7DkJdBgAIJkPmG6tcYEVSDWP6VPK7RWLlv3hAp8qS3eLxg4YBhCMdKaeQY15Ix3yanZwGhYxJLTqU5t7aCaWPvd-5dgQCD9JFLh5LfSmZfBLet6qFZrStf6T6VfdCYxQQ3N33hrImnmCNx5VQ9s5CZN9jwOq-TaI-hCwnA6fhZFTmEjyBzMftkK31D8CMlS-qO3Q1tOhC0MXoRerAgxf32Cb2pO7o63A8YYcJmYed7bcRuV5U2PWB9EPVMc9zwZV_wlDa5FNG8xr4KSF97pkjxvcggojzkM-PMg27qTp_kE3bqexkDnSFjuqWG7nRnWKs9aLQt_aENCCWi7BLgd268m7V56w5ZXW9DQ_IBNH_U_FZh-keR7VbfF0bOuQPl6yhyAyJvfjPXsVNGuq1gK20B9rc35rus6lbQ47HUEpjjpIBHVHLx47XxRWEQo3tSxQC7UcAZf--5EcKDA7zq13byf2xsmBxLsb3p7HtWzFjPod7S2yTArI6XH934ThdJahpd2t7BNA5xlD_hz_yS_QfFWbmRWE77vmPf2AEgnFKei43eeMWeZYSM5bvgYWIxkgeYlD0QonDlPbG2JLrYR_akdY3RS5dnN9LHaFQVe5YBj-7ogvRvKs0UVyb86kMywiwhCRFC_2FkDFaFrS-Oy2VBHgvI2DYCoDMx9D-&cid=CAASBORojwY&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.13.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

we-in-f156.1e100.net

Software

cafe /

Resource Hash

e93bd2c231f8dafb549d50594a7c687f89c9db469c72851543e324cb51cad46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 26BC 57 KB
22 KB 32ms
7ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211007/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9baca59ba166134033ba09ce7ce746b1f19292b21d141a0514bb98dd45aefa22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1474
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22054
x-xss-protection: 0
server: cafe
etag: 14446634921142088721
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 12 Oct 2021 11:10:53 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26BC 0
54 B 28ms
27ms Ping
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kuny7fh0&chm=1&ctx=2&gqid=72RlYaHhCOqA3gOnyq_QBw&qqid=CIjviLvWxPMCFRdo4AodamIPDg&met.4=fb.9~lb.2n~ol.3o~bdt.-k4~bpp.-bx~idt.-9i~dtd.-93~dt.-bz&met.3=492.2l_1~518.2o~113.4y_4~112.4x_5&met.1=1.kuny7fc4~14.5~15.0~16.5~17.5~18.5~19.5~20.5~21.5&met.7=CAkQChgBIAooCjAROAdoCnAQeLQ-gAGIPIgBwpMBsAEBuAED~CBIQBxgBIAooCjAfOBVoDHAfeNoHgAGuBYgB3D6qARgKFlJvYm90bzo3MDAsNTAwLDQwMCwzMDCwAQG4AQM~CDoQBxgBIAooCjAqOB9ADEgNUA1YIWANaCJwKXiaGIAB7hWIAedxsAEBuAED~CDoQChgBIAsoCzA6ODBoInAqeNPSB4ABp9AHiAG_gBawAQG4AQM~CBwQChgBIAsoCzAUOAloDXATeLUzgAGJMYgB_3GwAQG4AQM~CBsQARgBIFUoVTClAThQ~CBwQBhgBIFkoWTCDATgqaFlwggF4rAKwAQG4AQM~CCgQChgBIIYBKIYBMK4BOChAhwFIhwFQhwFYoAFghwFooAFwpwF40q4BgAGmrAGIAYHHA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 26BC 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 00:47:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 09 Oct 2022 00:47:51 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 26BC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

51ms
7ms

Fetch
video/mp4

2a00:1450:4001:10::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29114BB864C987ADF73D3D3D5711C910DA69DC29.268BAF1E6C4A5E0214D778A17A117BD14F42DC18/key/cms1/cms_redirect/yes/mh/Tu/mip/2a01:4f8:212:78e:2d::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1634034589/mv/u/mvi/3/pl/54/file/file.mp4

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:10::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 12 Oct 2021 10:35:27 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3934099
Last-Modified: Thu, 06 Aug 2020 18:00:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 12 Oct 2021 10:35:27 GMT

Redirect headers

date: Tue, 12 Oct 2021 10:35:27 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 652
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/29114BB864C987ADF73D3D3D5711C910DA69DC29.268BAF1E6C4A5E0214D778A17A117BD14F42DC18/key/cms1/cms_redirect/yes/mh/Tu/mip/2a01:4f8:212:78e:2d::1/mm/42/mn/sn-4g5lznes/ms/onc/mt/1634034589/mv/u/mvi/3/pl/54/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6960 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/H0ZEmIz7.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8727
date: Tue, 12 Oct 2021 07:40:06 GMT
expires: Wed, 12 Oct 2022 07:40:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 10521
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 6960 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0J-uGr35fnBhcCBz1bhjI2ho5CXrt9wlcaTuMP0gbqs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55434
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13278
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 19:11:33 GMT

GET
H/1.1 206
Partial Content file.mp4
r3---sn-4g5lznes.c.2mdn.net/videoplayback/id/a94f4d7b3fe25b13/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1665570927/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 26BC 165 KB
0 23ms
9ms Media
video/mp4 2a00:1450:4001:10::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:10::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 12 Oct 2021 10:35:27 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-3934098/3934099
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 3934099
Last-Modified: Thu, 06 Aug 2020 18:00:20 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6960 0
56 B 51ms
51ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BwhNT72RlYYqXJeSWxwKrzYzYCgAAAAA4AeAEAg&bg=!7O-l76vNAAbGFvHlxhY7ACkAdvg8WtWDVeJxw9X8Y2KJ0JD5MLKShaqBZWTMSRvgqNZERGCX0IO_8AIAAABSUgAAAAloAQcKABjLVljlFnSFfAlTRVifLEtYgq3Y3YhkAJSZAs8zZndiMj0uADhQC7hKIuhN4dpcDkPSyZ1dYLrmaTFzo0ItDAkR52iWBHIcfvfCTaDOY5yXfto2GvvoavgV1wtfV6aLfDXqX-05h3KNoP8Do4Bgvst9bqT-ebXIIkPGNQILWwokArvCf_58sNx7Rdt_m5mpqEE2UHmzpWGSUvqjjxyO-QuXHu14z4N97IxOUgMmCaQDDx8RZjTYq_QfyFNwq3T22MV5_ebOTzVD8jzZ4mGl5CJxQudLvV6farFUHwuQZ41MJA5hTh2Pk5UXg1TcXc5NDhiDHQpUtmuuikcyw07YnoB0u1IlXX5esdbLwhj2EtXDav7oGXJIffQpZcm6xZ8uPSTastxvucsgOavyTLoYuDZAkhfUziY8rjEZU0WloJf3W8I1BF64jODkYPFkC6ij3_sD2iFjWkeLjLlgVDQAgrsz886CWfeLOwg0gfqzEhFjfImJrA_XNSnEU7rQ7esOslef-oobmHrW9HWBCsxYOukuDYBaJELEuKo5BDTFyhgiobPgYHCuw6wZyAa9JH5Wl_QVc1pmEJantczvwIkk7YiebJDP-WWLKz8e_olDNS7h89SgG8bZwljg_Z5gUpAlhzPalJ03-ezxxhswgZnOC_J6FiQ1elw4DbiRR2DZ4LdqkerS_i3qgNw0lnnbemOwyBkexob2lOvBsNR2NM8-CKlZMeBzspr5tkccy4P3Zj-68QTGlYLcgNPLsTGUj5HfiOKFBFNB0nA9wgOuPcDIo6U-8oWM9i64HB7qC-fQKSXIjsCp1ZJEnhIFsn8RjxvtrqFcyfMq-KlH_upwZkYg2dr1S9QFgwCmcthaNxwg50TwNriD453zLCfqRqw2t42siBlCsW3FaNis34Kp173-1WhcQb61A5KiDrGtrkDtewaQ2cAefv7zQR70gepvHqNjHU_71Wo3yFVezQ3L8S1OZnHY2l7mdyVUpQXSiQ

Requested by

Host: www.xn--82cz3bcub1a.com
URL: https://www.xn--82cz3bcub1a.com/lucky-number/14679.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 44ms
22ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211007&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d396ee50b71b66d39864748f6be79477d83cdf904070dd945a3a1e2b84c53c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8393
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 10:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 12 Oct 2021 10:35:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 546E 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.xn--82cz3bcub1a.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 12 Oct 2021 09:51:46 GMT
expires: Wed, 12 Oct 2022 09:51:46 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2621
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8CB8 783 B
1 KB 38ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1cd1030babfaaa9b68882bcfaae9181fc6f589d4c7cdd5f8b90ee4b5f333d1d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mpimk+MJTb2L6Jj9/Pd8VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.xn--82cz3bcub1a.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 12 Oct 2021 10:35:27 GMT
date: Tue, 12 Oct 2021 10:35:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-mpimk+MJTb2L6Jj9/Pd8VA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response
pagead2.googlesyndication.com/bg/ Frame 546E 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 05:49:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Wed, 12 Oct 2022 05:49:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8CB8 0
0 59ms
59ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211007&jk=3489691193385854&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211007&jk=3489691193385854&bg=!m5ilmNzNAAbGFvHlxhY7ACkAdvg8WhMat1MmT3foalrDos1HtY9ygkZQPXUJ8iVz4VWGi7uA6u79GQIAAABeUgAAAAtoAQcKAOXwiqNF1YsuspcCym7MxUEikz1E_DxPYoDaDG5XQq5NNbXQFDn0f9HmZo9xU8nG-IUMb8etz1S-Xr-3cwx1HtZCKBHKaDt3Zqc-vRRcmTfu2mhahLAHreiuG5M6rpaMCZpoW4FzmG08_NH84-4US8rfY5dATzzRJKvsSJGM-3-bAmnyYBuFDa-lFu79zcqawLODsEaIJ7u7nhl_a8bY3Yj3tMjSYj90Odt2ZeJa8W5eQoKbqoaCtQ0Uh6Tn_TDfYrL5NeUr4uC81CK_xWmMjE1MV1gd5IAHgoaSfY9hTvJfNvV0OvWdmQKHs_YE3ju5NjBQ-mxFHTF4a4safTziyy8w0vkfnzx2A-7Wk2nJOVaLZxrQTtKJxW25p8c4Sgk-d6HMTcu0syqVKE_DbhvIWF_LjzuOeMOyZKLmU1TRr2gxHNFC6fHdXbOLJ2dEGQTWwSkmE99fmiMjFvnQRo0l3yiqxbm1gOo4FNn_9O8G78FFy31l-OGd9Y3fWHTfrXM4-RivBcigPFfW4QSo1V9p7cdJA9OZb6XiMPMFaRm7_yAYl8FtyCqTwrRO0LEuZwEfvMXVGw54h9NWv2Jk1CTNCnrVD-jOp2kU9nWvsTWD8OhqpH5kWfj9icYf1A_4PFjpctyqkspYN006HjoWX4yO8ScPOCeEHFZBQtEJOEpSlnENrrHCabca--32Xf3S-joiB6x-CxewhBvqHMZQUQulVKq8AoEATp6DMmlaxdYYqhE5W4ItlripRjfKW1mGINzAuryshDnGRQN77_b2GkiMxqdpDxZ73qcB_9I9k2cZiEYne1MCd5d8Uv4_4wXn-IBA4JPDHwOsmUMxSm6zaCG-K9OTqOiQjFHZQZEf3IARw6ve8RF2EFI0kiDRPjXCdQgmJ1DkI3siXRIBSTdGPqDTqsmc9bGPdm37f_wrQy3mlCX-vJqL5ILa4XagsltXaqVP50jJrGz3I-eO5JvNcDghOd_7LvnQBBlVzMGkMEdGwqrL-no2rRmxl3JY2KvbGFQ4WFWR0xoOL5GdnF7BQBEoustaH3bb8EXMMlKjXEgrdpea1JIu1u2LZlzlg8tsyOymExfSdQ7hObyquQNLKTO8DtbmcIDF9FcMT5qdu67lXwjxibYNdMPOeROjJuRTL7JYxqtWHiAJHVuITv9mMvOZNCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.xn--82cz3bcub1a.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 26BC 0
54 B 41ms
41ms Ping
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~kuny7feg&c=2389464758029&slotId=1194732379014.5&qqid=CIjviLvWxPMCFRdo4AodamIPDg&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=1000&br=853&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=15&vhc=0&msm=1&aits=0%2C17%2C36%2C18%2C22%2C43%2C44%2C45%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 28ms
27ms Ping
image/gif 2a00:1450:4007:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kuny7f41&c=3489691193385854&e=31061691%2C31061693&ctx=1&met.3=779.em~164.eq~165.eo_2~166.eg_i~326.h6_1~216.h5_3~215.h5_3~843.h4_3~161.h8~868.h9~889.hh~639.hl~160.hl~914.hl~112.ij_2~629.j7~429.o0~453.o6~754.o8~453.o9~754.o9_1~453.oa~754.oa~453.ob~453.ob~453.ob~454.oc~454.oc~454.oc~453.oc~753.od~353.o1_c~210.pd_1~326.pg~164.pg~165.pe_2~466.pe_2~522.pe_3~161.pg~868.ph~525.pj_4~639.pn~160.pn~914.pn~168.r1~168.r1~168.r1~168.r1~168.ta~168.ta~168.ta~168.ta~168.ta~113.12f_2&met.7=CBsQCMAB87bPqQo~CBsQByD8ATgPwAHwi83wCg~CBsQByD8ATgcwAGl44boCw~CBsQByD8ATgTwAH8n7OXDw~CBsQCiD8ATgjwAG4iP_aCQ~CBsQCiD8ATguwAHT19TJBA~CAEQChgBIPwBKPwBMIADOIQBQKsCSKwCUKwCWMICYKwCaMICcOYCeNqTA4ABrpEDiAHchQmwAQG4AQPAAd6Ov5sB~CBsQCiD8ATh8wAG3wey5BQ~CBsQCiD8ATjSAcABi5uS0gI~CBsQCiD8AThpwAGYwvHQBw~CBsQCiD8ATh_wAHdyqiTAQ~CBsQCiD8ATh7wAGv6aTaCA~CBsQCiD8ATh7wAGb-9iBDw~CBIQAhgBIJkCKJkCMMUCOC1AmQJImQJQmQJYtAJgnwJotAJwxQJ4jAaAAeADiAHAFKoBDwoNS2FuaXQ6NDAwLDcwMLABAbgBA8AB1se7yAo~CBsQChgBINECKNECMKMDOFLAAdWe06YM~CBsQCiDRAjgpwAG8t6K_Aw~CBsQAiDYAjgowAH2qLpg~CBsQAiDaAjgpwAH-8MO9Ag~CBsQAiDaAjg1wAHM4ZPqCA~CBMQAhgBINoCKNoCMJ8DOERA2wJI2wJQ2wJY_wJg2wJo_wJwmwN4jJcBgAHglAGIAeCUAaoBCwoFa2FuaXQQBxgCsAEBuAEDwAG3qOK9Ag~CBsQAiDaAjgxwAG6t5P2Cw~CBsQAiDbAjgywAHpnfrRBQ~CBsQAiDbAjg7wAH9n7WKAw~CBsQAiDfAjgvwAHOnpewDQ~CBMQAhgBIOcCKOcCMJsDODRo_wJwlgN48GmAAcRniAHEZ6oBCwoFa2FuaXQQBxgCsAEBuAEDwAGjxrLaDQ~CAMQChgBIJEEKJEEMMkEODlokQRwtAR4uY0GgAGNiwaIAc-CEbABAbgBA8ABpNTnjA8~CAwQBRgBIJoEKJoEMLgEOB5AmwRInARQnARYsQRgnARosQRwtwR40SaAAaUkiAGiUbABAbgBA8AB4O7ZoQE~CBsQAiC8BDgXwAGVgqCpBA~CBsQBiDIBDgewAGQh_rkAw~CBsQBiDJBDgcwAGI6vCXCg~CBsQBiDJBDgxwAGSzZywDw~CBsQBiDJBDgTwAGziabDBQ~CBsQCiDMBDg0wAHZ67DzCg~CBsQAiDNBDgqwAH5lqOzCA~CBwQChgBIOwEKOwEMPoEOA9o7ARw-AR49aQBgAHJogGIAY6kA7ABAbgBA8ABksK-6AY~CBsQChgBIO8EKO8EMJ4FODBA7wRI7wRQ7wRYjAVg9wRojQVwngV48wOAAccBiAHRAbABAbgBA8AB5Krg8AI~CC8QBxgBIPEEKPEEMKAFOC5A8gRI8gRQ8gRYjQVg9wRojQVwnwV4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIPIEKPIEMJ8FOC1A8gRI8gRQ8gRYjAVg-ARojQVwngV4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQDSCqBTgPwAGAkfKHCA~CAUQBRgBIPgEKPgEMNIGONoBaPsEcM0GeLrvAYABju0BiAHY6wewAQG4AQPAAZDHsvAI~CBwQChgBIOEGKOEGMIgHOCdo4QZwgwd43pwDgAGymgOIAZT0CLABAbgBA8ABzOH4rA4~CAwQBRgBIJcHKJcHMJ8HOAhomAdwnwd40SaAAaUkiAGiUbABAbgBA8AB-ben1As~CC8QBxgBIJYHKJYHMKgHOBNolgdwqAd4kAOAAWSIAWuwAQG4AQPAAe21srAK~CC8QBxgBIJYHKJYHMKkHOBNolwdwqAd4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQBiCuBDi1BsABsfvlzg0~CBsQCDjmCsAB87bPqQo~CCcQDRgBIOUKKOUKMJMLOC1Q5gpY_Apg5gpo_Apwkgt49UOAAclBiAGjVrABAbgBA8AB8_LLrgs~CCcQChgBIJQLKJQLMKsLOBfAAeLBm9oF~CCcQBRgBILELKLELMLoLOAnAAdT_u6UH~CBsQBRgBILMLKLMLMNsLOCjAAc_G2uIB~CBwQBhgBIMkMKMkMMPQMOCtoygxw8wx4rAKwAQG4AQPAAZSE4rUO&met.1=1.kuny7elh~6.1~7.1~8.2~9.2~10.k~11.2~12.k~13.6f~14.6w~15.6i~16.cr~17.f0~18.f1~19.12c~20.12c~21.12e~22.d2~23.d2
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20211007/r20110914/rum_fy2019.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:818::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.xn--82cz3bcub1a.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 12 Oct 2021 10:35:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.xn--82cz3bcub1a.com/	1970-01-20 07:19:50	Name: _pk_id.1.1764 Value: 48f33552ad4b06fd.1634034927.1.1634034927.1634034927.
www.xn--82cz3bcub1a.com/	1970-01-19 21:53:56	Name: _pk_ses.1.1764 Value: *
.xn--82cz3bcub1a.com/	1970-01-20 15:25:06	Name: _ga Value: GA1.2.11563790.1634034927
.xn--82cz3bcub1a.com/	1970-01-19 21:55:21	Name: _gid Value: GA1.2.1529466881.1634034927
.xn--82cz3bcub1a.com/	1970-01-19 21:53:54	Name: _gat_UA-153146014-2 Value: 1
.xn--82cz3bcub1a.com/	1970-01-20 07:15:30	Name: __gads Value: ID=e2ac3dda4109d943-2241f9d8f2ca000c:T=1634034927:RT=1634034927:S=ALNI_MYjqaVf0QTsOZU2awGSHshWrydyVA
.doubleclick.net/	1970-01-20 07:15:30	Name: IDE Value: AHWqTUlp4ahRMm50UhP92D1cbm3MHVjeYp0HaTozGyyP89lLDGU14aW-V5F1z-lMOoU

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20211006_RC00/outstream.min.js(Line 344) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-4g5lznes.c.2mdn.net
secure.gravatar.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.xn--82cz3bcub1a.com
142.250.13.156
142.250.184.226
2606:4700:3036::6815:3c07
2a00:1450:4001:10::8
2a00:1450:4001:800::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2008
2a00:1450:4007:818::2003
2a04:fa87:fffe::c000:4902
09a4be40c90137d981d4518d5b5ccb527d29e369e432e9c5ee092aa638049f80
1381f68a6b37e14e40c56d40db12aadabb56dba213d5ae57b3e3921486b51b8f
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
15179bcf587735652ddf7a4af0ed500881cb4b4eaf3effce1719c1d3de17f79d
16a7b7a50d09178946d64f7fb089f476e501039661dfcea0f584ceb001832b31
185c8f0ba5c84bb93c5ce2c23f353a9f5db8d4b7cdb4a03d816867c2a3871ed0
19f706ee4f5ab8d9775f04b66f3a077a7a860d96a53df1236789eb2da39565f0
1cd1030babfaaa9b68882bcfaae9181fc6f589d4c7cdd5f8b90ee4b5f333d1d2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e3bbf2a6d9503811213baca9f5e309618ca968136199ca532a0a5167c0b0f1c
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24555680b413d9b1d6d8eea400a95ae4e064030afadd57eff2bd67f4df3740a9
2daef5d6e1fd443e7e4f276687bb439f0337beede80c568164acbd4e8c07a0bc
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
35d34aee0afbff1fadddc6998ed625e6d91095157a12035d0e0f06f99032e07e
380ce11f72c311feb35a6f0103e632193dddfe5b17c90ecf2086bd3e19f86b78
3836fdd3b06c0d0b2e6264f08ee21cfac81f1b3d0134576810205ec9c96c09f5
39e7c487b5b1c852e5835db98ffa3881e184890d7173a55050d9a73bfe7b3689
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
3d396ee50b71b66d39864748f6be79477d83cdf904070dd945a3a1e2b84c53c6
3f299b3703fb31e190361befee2e60121f46a7bf4313d7701e26f072a6898e00
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5626ac5fc502bafcb9cf799a1806cda130d641113d82a51a8161e68d88bb0015
5d8ee972e445f7120c198a83a0363cc844a3e55094e4aaa0548ffa9e213b3b9b
62a1871e4b6628d8e7ec4af963840978e11484ed4b96c5798697f01061a526af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c1b2722be99e0f2c4cd70c48f342eb543a3ee0bec1b5dc6f1d72b034e013b47
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
787d76ad6deab67ccf8bac1b584260205e114f508fc5542b612e3f75d49a34e4
86e496b536b26ba60cdb68df9dd9143b19a63b65e30e373b0321833aab1295d6
8e4560c16c7970efa47680450b2cf239d4a482c056d308acea12bb9022906c8b
9baca59ba166134033ba09ce7ce746b1f19292b21d141a0514bb98dd45aefa22
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac57b8948fa16f8d943d98c14ca1f077dfb3de90e29c11547b7b59310b77c704
ae527135a3acdc3971662044dd3869265fcbfacaab816949604b0d37dba6a314
b0afbdd068bd9e7ab578552a0b8fa4024a01415f0951f99771e73576acee1ee3
b21e31867e752e93057a222f088b2adb552ea606862a78b5c1527c1cd3659d9c
b42caef1a29745971a3cb0ae39444bad3338dc56e3b08972af775eb13030ec93
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
d09fae1abdf97e7061702073d5b863236868e425ebb7dc2571a4ee30fd206eab
d19d72f9c6e5bb747a38571cf87013b5fdc205a277e307aaded38c30339bcfd9
d375c8dac1748463424ffa815d9adc8756fc96979ff656c35ecb769e7d16678d
d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6
df25a89baab0bfb1e5b93eaf49ca951ab0ff0dc5bdd63357250b5706b99db798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e898396a63a31caead5610be17a0d5e1465f251e8f7dd0f1df02f144ff5c81d6
e93bd2c231f8dafb549d50594a7c687f89c9db469c72851543e324cb51cad46e
e98cac48f5c13b3fbaa28458f0d8f26a78c9d944f8f4edad9abcb249b9028ca7
ed48fac0897231a6a9e5702abb288242f01e636708e426bc0e8b0dc548ae5a3c
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f685e060ea2385c8f008c5915373f506dcb4a3e5ad648a7693efca4550f2a037
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f8258aae97645953d9cf69c5c09d023c22b963e3684c156fe6851f5c0dfd6d9b
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.xn--82cz3bcub1a.com Open in urlscan Pro Puny www.ตรวจหวย.com IDN 2606:4700:3036::6815:3c07 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

88 %IPv6

12 Domains

19 Subdomains

17 IPs

3 Countries

1471 kBTransfer

3668 kBSize

7 Cookies

25 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.xn--82cz3bcub1a.com Open in urlscan Pro Puny
www.ตรวจหวย.com IDN
2606:4700:3036::6815:3c07 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

88 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1471 kB
Transfer

3668 kB
Size

7
Cookies

72 HTTP transactions
3 data transactions