Submitted URL: http://u4037714.ct.sendgrid.net/ls/click?upn=rtw8KViQQSEp-2FJJaidIBhp39LBOW7kg3rx-2B3AgOBIvXBRmO45YWHVVaFcJxCUFV1Iz8Mul4ZFcCa2RL...
Effective URL: https://www.primolotto.com/grid
Submission: On April 03 via manual from HK

Summary

This website contacted 32 IPs in 7 countries across 34 domains to perform 187 HTTP transactions. The main IP is 54.72.9.210, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.primolotto.com.
TLS certificate: Issued by Amazon on December 23rd 2020. Valid for: a year.
This is the only time www.primolotto.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.123.16 11377 (SENDGRID)
2 17 54.72.9.210 16509 (AMAZON-02)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.141.129.225 48402 (VIOUSLY)
1 2a00:1450:400... 15169 (GOOGLE)
3 185.59.220.196 60068 (CDN77 (^_^)/)
5 35.244.174.68 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:218... 16509 (AMAZON-02)
72 199.232.137.44 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
24 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
3 13.226.158.204 16509 (AMAZON-02)
9 54.36.82.32 16276 (OVH)
2 145.239.193.53 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
2 185.141.129.223 48402 (VIOUSLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 185.33.221.90 29990 (ASN-APPNEX)
1 2 185.86.137.110 201081 (SMARTADSE...)
2 2 195.54.48.25 12516 (WEBORAMA ...)
1 1 23.79.152.128 16625 (AKAMAI-AS)
1 1 2.18.233.201 16625 (AKAMAI-AS)
2 2 54.72.202.169 16509 (AMAZON-02)
1 52.47.175.198 16509 (AMAZON-02)
1 51.89.21.10 16276 (OVH)
1 109.232.197.89 50234 (EULERIAN-AS)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
2 2 95.131.143.205 47841 (OXALIDE)
2 2a00:1450:400... 15169 (GOOGLE)
4 185.141.129.230 48402 (VIOUSLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2606:4700:303... 13335 (CLOUDFLAR...)
5 141.226.228.48 200478 (TABOOLA-AS)
187 32
Apex Domain
Subdomains
Transfer
77 taboola.com
cdn.taboola.com
trc.taboola.com
15.taboola.com
trc-events.taboola.com
vidstat.taboola.com
images.taboola.com
2 MB
24 adgaterewards.com
wall.adgaterewards.com
362 KB
17 primolotto.com
www.primolotto.com
1 MB
10 demand.supply
live.demand.supply
api.demand.supply
34 KB
9 crm4d.com
p.crm4d.com
6 KB
6 agmcdn.com
main-p.agmcdn.com
892 KB
6 viously.com
sonar.viously.com
e.viously.com
5 KB
5 privacy-center.org
sdk.privacy-center.org
api.privacy-center.org
136 KB
5 rlcdn.com
ejp.rlcdn.com
4 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
126 KB
3 google-analytics.com
www.google-analytics.com
39 KB
3 amazon-adsystem.com
c.amazon-adsystem.com
35 KB
3 tagadamedia.com
imgs.tagadamedia.com
215 KB
2 cloudflare.com
cdnjs.cloudflare.com
7 KB
2 commander1.com
sync.commander1.com
1 KB
2 criteo.com
gum.criteo.com
715 B
2 demdex.net
dpm.demdex.net
2 KB
2 weborama.fr
wam.solution.weborama.fr
1 KB
2 smartadserver.com
sync.smartadserver.com
406 B
2 adnxs.com
ib.adnxs.com
2 KB
2 easydmp.net
asset.easydmp.net
5 KB
2 googlesyndication.com
pagead2.googlesyndication.com
132 KB
2 googleapis.com
fonts.googleapis.com
1 KB
1 gstatic.com
www.gstatic.com
333 KB
1 google.com
www.google.com
646 B
1 ew3.io
ew3.io
539 B
1 id5-sync.com
id5-sync.com
1 KB
1 zebestof.com
dpm.zebestof.com
258 B
1 mathtag.com
pixel.mathtag.com
579 B
1 bluekai.com
stags.bluekai.com
876 B
1 pushcrew.com
cdn.pushcrew.com
70 KB
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 getviously.com
getviously.com
1 KB
1 sendgrid.net
u4037714.ct.sendgrid.net
380 B
187 34
Domain Requested by
51 images.taboola.com www.primolotto.com
24 wall.adgaterewards.com www.primolotto.com
wall.adgaterewards.com
17 www.primolotto.com 2 redirects www.primolotto.com
11 cdn.taboola.com www.primolotto.com
cdn.taboola.com
9 p.crm4d.com www.primolotto.com
9 live.demand.supply www.primolotto.com
live.demand.supply
8 trc.taboola.com cdn.taboola.com
6 main-p.agmcdn.com
5 trc-events.taboola.com
5 ejp.rlcdn.com www.primolotto.com
4 e.viously.com www.primolotto.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
wall.adgaterewards.com
3 c.amazon-adsystem.com live.demand.supply
c.amazon-adsystem.com
3 sdk.privacy-center.org www.primolotto.com
sdk.privacy-center.org
3 imgs.tagadamedia.com www.primolotto.com
2 cdnjs.cloudflare.com wall.adgaterewards.com
2 api.privacy-center.org sdk.privacy-center.org
2 sync.commander1.com 2 redirects
2 gum.criteo.com 2 redirects
2 dpm.demdex.net 2 redirects
2 wam.solution.weborama.fr 2 redirects
2 sync.smartadserver.com 1 redirects www.primolotto.com
2 ib.adnxs.com 2 redirects
2 sonar.viously.com getviously.com
sonar.viously.com
2 asset.easydmp.net www.primolotto.com
asset.easydmp.net
2 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
2 pagead2.googlesyndication.com live.demand.supply
pagead2.googlesyndication.com
2 fonts.googleapis.com www.primolotto.com
wall.adgaterewards.com
1 vidstat.taboola.com cdn.taboola.com
1 15.taboola.com cdn.taboola.com
1 www.gstatic.com www.google.com
1 www.google.com wall.adgaterewards.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ew3.io www.primolotto.com
1 id5-sync.com www.primolotto.com
1 dpm.zebestof.com www.primolotto.com
1 pixel.mathtag.com 1 redirects
1 stags.bluekai.com 1 redirects
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 api.demand.supply live.demand.supply
1 cdn.pushcrew.com www.primolotto.com
1 www.googletagmanager.com www.primolotto.com
1 getviously.com www.primolotto.com
1 u4037714.ct.sendgrid.net 1 redirects
187 44
Subject Issuer Validity Valid
tagadamedia.com
Amazon
2020-12-23 -
2022-01-21
a year crt.sh
demand.supply
Cloudflare Inc ECC CA-3
2020-05-22 -
2021-05-22
a year crt.sh
getviously.com
Gandi Standard SSL CA 2
2019-07-18 -
2021-07-28
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
imgs.tagadamedia.com
R3
2021-04-01 -
2021-06-30
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.privacy-center.org
Amazon
2020-05-08 -
2021-06-08
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2
2019-07-23 -
2021-07-31
2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-28 -
2021-07-28
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
c.amazon-adsystem.com
Amazon
2020-08-04 -
2021-08-02
a year crt.sh
crm4d.com
R3
2021-02-25 -
2021-05-26
3 months crt.sh
asset.easy-gain75.com
R3
2021-03-14 -
2021-06-12
3 months crt.sh
*.viously.com
Gandi Standard SSL CA 2
2020-04-22 -
2021-05-14
a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA
2020-01-30 -
2022-02-03
2 years crt.sh
*.zebestof.com
Gandi Standard SSL CA 2
2020-05-19 -
2021-06-07
a year crt.sh
*.id5-sync.com
R3
2021-03-23 -
2021-06-21
3 months crt.sh
ew3.io
R3
2021-02-08 -
2021-05-09
3 months crt.sh
api.privacy-center.org
Amazon
2020-08-08 -
2021-09-07
a year crt.sh
www.google.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-16 -
2021-06-08
3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.primolotto.com/grid
Frame ID: 22231A0EE0316A56C390CBBC051621E5
Requests: 149 HTTP requests in this frame

Frame: https://wall.adgaterewards.com/nq6XsA/1956224
Frame ID: 2A07A12370E0D283EDC3FB5890531B5E
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Frame ID: 874E3582106211EFDAAE8A75C138D041
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://u4037714.ct.sendgrid.net/ls/click?upn=rtw8KViQQSEp-2FJJaidIBhp39LBOW7kg3rx-2B3AgOBIvXBRmO45YWHVVaFcJx... HTTP 302
    https://www.primolotto.com/login/auto?i=1956224&k=d82ee52078690beb838b57a1a359777108f3808d&utm_source=e... HTTP 302
    https://www.primolotto.com/?utm_source=emailresultat&utm_campaign=2021-02-09 HTTP 302
    https://www.primolotto.com/grid Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

187
Requests

100 %
HTTPS

43 %
IPv6

34
Domains

44
Subdomains

32
IPs

7
Countries

5833 kB
Transfer

9465 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://u4037714.ct.sendgrid.net/ls/click?upn=rtw8KViQQSEp-2FJJaidIBhp39LBOW7kg3rx-2B3AgOBIvXBRmO45YWHVVaFcJxCUFV1Iz8Mul4ZFcCa2RLGuV7ep-2BTUFwojmW5oK3LQCYBVOFzbHQJWUKrVkdNR7hTaRKjO5ez6u3Admu-2FQHOODRqurUT2DCUEpMF3baOwqUGqt2cWZsh1CVzL4BU9qMrAs8Q6nd1TxfASftW4v1owefpi-2BAcFv297KwycnOhcsqQt5VpXsd3cij5xbOes8Yog6-2FCW0LCWG_tPO0PxvZVoSiRapXkSqT-2BLdpZm6TR7rboBcQYGdGSi87-2FKYTu-2FuDz9XiyqNJ25oDGhtmnxD9MN1kKqlyGuxfZ8RuCBCFCVtogZJLiFajl1YgqZMwRC-2BgqtYrcdJkpYQeTkvSTvfvhGjIorJJufG2-2BImxLkL3Fd5nwbHjb3sdx1CDoEzx-2FIgWpLxA0Cx7OH5VvPBhRbJrgpKgF6a8caYWi2EOFhsS-2BjD9Tuazju6CcTc-3D HTTP 302
    https://www.primolotto.com/login/auto?i=1956224&k=d82ee52078690beb838b57a1a359777108f3808d&utm_source=emailresultat&utm_campaign=2021-02-09&mid=6fcaebdb1228802cbd88ff1d8c18b686 HTTP 302
    https://www.primolotto.com/?utm_source=emailresultat&utm_campaign=2021-02-09 HTTP 302
    https://www.primolotto.com/grid Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID HTTP 302
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=8497725251859350089
Request Chain 53
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Request Chain 54
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D HTTP 302
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=72512&d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D HTTP 302
  • https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=Ba5FF8uiiol5w9UThVTVGu
Request Chain 55
  • https://stags.bluekai.com/site/49123?id=es22lUnuT3BFBVMKpX5ABwBVrfnpQXBYKoAO1_NXW6I&limit=1&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fbluekai%2Fs.gif%3Fbounce%3D1%26uid%3D%24_BK_UUID HTTP 302
  • https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=Ppx4JQ9999Y0NVCQ
Request Chain 56
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fmediamath%2Fs.gif%3Fbounce%3D1%26uid%3D%5BMM_UUID%5D HTTP 302
  • https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=1be16068-6a51-4200-91ff-67d6a910b64f
Request Chain 57
  • https://dpm.demdex.net/ibs:dpid=81351&dpuuid=Gk4Q5oYEOs5gNGXCdeDV8kjMSOR8inGf2ORQPmJwW6Y&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=81351&dpuuid=Gk4Q5oYEOs5gNGXCdeDV8kjMSOR8inGf2ORQPmJwW6Y&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=69352355429102587213183896482237968416
Request Chain 61
  • https://gum.criteo.com/sync?c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40 HTTP 302
  • https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=cShFhheZDd11w6K4qx-EWA_STFXl4OoZ
Request Chain 62
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid HTTP 302
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid&firsttime=1 HTTP 302
  • https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=d2d95165ac43acd12e558a3a52e575c7fef84200cbdacba30042fd6f9caa1940

187 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request grid
www.primolotto.com/
Redirect Chain
  • http://u4037714.ct.sendgrid.net/ls/click?upn=rtw8KViQQSEp-2FJJaidIBhp39LBOW7kg3rx-2B3AgOBIvXBRmO45YWHVVaFcJxCUFV1Iz8Mul4ZFcCa2RLGuV7ep-2BTUFwojmW5oK3LQCYBVOFzbHQJWUKrVkdNR7hTaRKjO5ez6u3Admu-2FQHOOD...
  • https://www.primolotto.com/login/auto?i=1956224&k=d82ee52078690beb838b57a1a359777108f3808d&utm_source=emailresultat&utm_campaign=2021-02-09&mid=6fcaebdb1228802cbd88ff1d8c18b686
  • https://www.primolotto.com/?utm_source=emailresultat&utm_campaign=2021-02-09
  • https://www.primolotto.com/grid
37 KB
10 KB
Document
General
Full URL
https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 / PHP/7.4.11
Resource Hash
0de41fa3160fbde2acde590ca73c333a04e7c82e46d59e149b81e629b6b8cc51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
www.primolotto.com
:scheme
https
:path
/grid
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d=eyJpdiI6ImVVM1paS3AwamtkbGJXc2RqeVgxdFE9PSIsInZhbHVlIjoiQjZ4WlExM29NUmtFcDNHdDR0d2VJeithRlwvSU10R3diWW1Ha3UzbEtLajQ2UDUwUkJWOU9LNHI4Sk51SjhrUDFcL2x0Y0VNK1drb21rSHBhd0pYK3F4N2E2QmNKR1ZmUG01SWxLRWVBeEpOZ0Y1akxjT0hmeVBPUlh5ell1Q1pxTGYxdDQ5UTk2YWRjaXBsdGVQUjNMVjJ4ODhCMHRKSEJjOWVWQUdiNEpNQUlZVEhaamo3dk52YTdWVTJPVEk5TU8iLCJtYWMiOiJmMjgzOTRkMjA2OWIyZGUwNDIxMmM2YjI0YjhlOTg4ZTU5MjM5MmM0N2JkMjc0MzFmMjUzZThmZTU3MDBlMDVjIn0%3D; AWSALB=Eq9J2i7PdNoNZiOHy4ZLztXPGGtywzybzJa6TIhllXbdfUeH6MHZnXVCRTcV+K+qYZKKPZLAQtwWov1CbLu1SHZM69muyfgLYysqHu3Fehtzx+vUXfntTDbXT5GK; AWSALBCORS=Eq9J2i7PdNoNZiOHy4ZLztXPGGtywzybzJa6TIhllXbdfUeH6MHZnXVCRTcV+K+qYZKKPZLAQtwWov1CbLu1SHZM69muyfgLYysqHu3Fehtzx+vUXfntTDbXT5GK; XSRF-TOKEN=eyJpdiI6Ik9kWEZSXC9yQ1wvM1NQOVwvZTlyYXVNQ1E9PSIsInZhbHVlIjoiM2lZRFNkMkNrOTZcLzZuaGNLbHczMWc5YnRlUlk3T0hWS3g3YTMwUzZIYWZmQnNqb2YrQ1ZrdjdOOHVrYTh6RFQiLCJtYWMiOiIwNmRhMzczNmIxNjZlMWU1NGQ2MjBiOTliNDIxMDg0MTIwODYzN2UyYjI3YWYxNmMwZTExYmZkMjYwN2Q2ZjIxIn0%3D; laravel_session=eyJpdiI6Im9BSFkzdVwvbTRWOWFudE5qMFdyMnFRPT0iLCJ2YWx1ZSI6InJhVUQ2WTh5OFRKQ3BzdUszZ1BCcWNGS1Y5eDRuSDN6M1habmYrcmthWVo4SFhwZDkrdmxJcjZJRmpBc0xyRTMiLCJtYWMiOiJmZmE5MmRhZDA0MGQ1YmE1YmI0N2Q5YWI3MjUyNzVhMTY4MDJjYjg3ZmMyNTk1ODAzYjBmMmU1YjM0YzE0MTM5In0%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALB=2HwZtejdV6KbB9oo1/TqTZFwynqJTC662ufBcjurPqQdQ1uf+LYT7hCx+XYtCE0It0Fie8QC9woivnHb83fgdaYYSOLQ+HvU0vxrNIG3ha5owRSKWxqHf6GS5ugg; Expires=Sat, 10 Apr 2021 13:14:56 GMT; Path=/ AWSALBCORS=2HwZtejdV6KbB9oo1/TqTZFwynqJTC662ufBcjurPqQdQ1uf+LYT7hCx+XYtCE0It0Fie8QC9woivnHb83fgdaYYSOLQ+HvU0vxrNIG3ha5owRSKWxqHf6GS5ugg; Expires=Sat, 10 Apr 2021 13:14:56 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6Im55c0JtWVdvNXNNYXpsMW1RM3pMQlE9PSIsInZhbHVlIjoiZVozRFg4ZHRhQ0d3ck1jZTVNWU5neGhUVjBlTHhBdGN2Z2RjK3hwZlBISXF0OCtjbmFxV3R6ak5WSFBJNXdxNSIsIm1hYyI6IjYzNzc4NTc5ZjYwYTdmMzljNDFjMWQwMzdhNWUzYWE5OGMzNGY0MWM3ZmMyZGFjNTEwNzQ5MTQzOTM5NjY3YjgifQ%3D%3D; expires=Sat, 03-Apr-2021 15:14:56 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjhqWGoxVzhVNmVTOFY5NWJsN2NyVmc9PSIsInZhbHVlIjoidEVvK0JTYXk4VTdjOFluUFYwbHlVMnkxc3BjT2YyUUZQSkVlckhmVEhNSWE5eXpVK2RJeEExclhsTW9iN216cCIsIm1hYyI6ImQ3MmU0ZDM1ZmJhNDQzYzc1MjI2NjMzZGQ2ZTllNzllOWNkYjQwYWJmMjk2OWJlYzY3Mzc0ZDMyNWMzYTdkMWUifQ%3D%3D; expires=Sat, 03-Apr-2021 15:14:56 GMT; Max-Age=7200; path=/; httponly
server
nginx/1.19.8
x-powered-by
PHP/7.4.11
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-type
text/html; charset=UTF-8
location
https://www.primolotto.com/grid
set-cookie
AWSALB=Eq9J2i7PdNoNZiOHy4ZLztXPGGtywzybzJa6TIhllXbdfUeH6MHZnXVCRTcV+K+qYZKKPZLAQtwWov1CbLu1SHZM69muyfgLYysqHu3Fehtzx+vUXfntTDbXT5GK; Expires=Sat, 10 Apr 2021 13:14:56 GMT; Path=/ AWSALBCORS=Eq9J2i7PdNoNZiOHy4ZLztXPGGtywzybzJa6TIhllXbdfUeH6MHZnXVCRTcV+K+qYZKKPZLAQtwWov1CbLu1SHZM69muyfgLYysqHu3Fehtzx+vUXfntTDbXT5GK; Expires=Sat, 10 Apr 2021 13:14:56 GMT; Path=/; SameSite=None; Secure XSRF-TOKEN=eyJpdiI6Ik9kWEZSXC9yQ1wvM1NQOVwvZTlyYXVNQ1E9PSIsInZhbHVlIjoiM2lZRFNkMkNrOTZcLzZuaGNLbHczMWc5YnRlUlk3T0hWS3g3YTMwUzZIYWZmQnNqb2YrQ1ZrdjdOOHVrYTh6RFQiLCJtYWMiOiIwNmRhMzczNmIxNjZlMWU1NGQ2MjBiOTliNDIxMDg0MTIwODYzN2UyYjI3YWYxNmMwZTExYmZkMjYwN2Q2ZjIxIn0%3D; expires=Sat, 03-Apr-2021 15:14:56 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Im9BSFkzdVwvbTRWOWFudE5qMFdyMnFRPT0iLCJ2YWx1ZSI6InJhVUQ2WTh5OFRKQ3BzdUszZ1BCcWNGS1Y5eDRuSDN6M1habmYrcmthWVo4SFhwZDkrdmxJcjZJRmpBc0xyRTMiLCJtYWMiOiJmZmE5MmRhZDA0MGQ1YmE1YmI0N2Q5YWI3MjUyNzVhMTY4MDJjYjg3ZmMyNTk1ODAzYjBmMmU1YjM0YzE0MTM5In0%3D; expires=Sat, 03-Apr-2021 15:14:56 GMT; Max-Age=7200; path=/; httponly
server
nginx/1.19.8
x-powered-by
PHP/7.4.11
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
up.js
live.demand.supply/
9 KB
5 KB
Script
General
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fe07f85c838070bcb1cd542dc86e417dd3e126183958ed0a4140bf22778285f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
fbccdc51-afe0-4b00-b495-e6a7236ab48a-23558138
date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
cf-cache-status
HIT
age
948
cf-polished
origSize=9084
cf-request-id
093978630700004eb670ad2000000001
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"764e9324d2998073a1f3235a5b360dca-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
63a2901809144eb6-FRA
link
</impl.v13.0.0.js>; rel=preload; as=script,</p4/v12-6-0/d3d3LnByaW1vbG90dG8uY29tLw==>; rel=preload; as=script
cf-h2-pushed
</impl.v13.0.0.js>,</p4/v12-6-0/d3d3LnByaW1vbG90dG8uY29tLw==>
app.css
www.primolotto.com/css/
232 KB
233 KB
Stylesheet
General
Full URL
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
52a9c07536a2b2ba437ce604b95d32754f75adecb4458e1b4c3038a565f9c168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-39eba"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/css
cache-control
max-age=259200
accept-ranges
bytes
content-length
237242
expires
Tue, 06 Apr 2021 13:14:56 GMT
app.js
www.primolotto.com/js/
481 KB
482 KB
Script
General
Full URL
https://www.primolotto.com/js/app.js?id=c72c7abf953b6dd5841a
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
faf58853644d69d07cc1ab1abb79f7b724ca1e057d90ea1bfb99d2dabfc57548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-782db"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
accept-ranges
bytes
content-length
492251
js
getviously.com/
3 KB
1 KB
Script
General
Full URL
https://getviously.com/js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.225 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
eb4406ac6a8c3323f3153907d843fc4adba65f87481c90b2294eab949251d3ee

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
gzip
last-modified
Mon, 08 Mar 2021 13:33:21 GMT
server
nginx
etag
W/"604627a1-a81"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 14:14:56 GMT
js
www.googletagmanager.com/gtag/
97 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-93113711-1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
facdb1608980a83603750be64207e9d34d000807c485f6a256283e75229f7e63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39136
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 03 Apr 2021 13:14:56 GMT
logo_mail.jpg
www.primolotto.com/img/
4 KB
4 KB
Image
General
Full URL
https://www.primolotto.com/img/logo_mail.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
8a8d52eba8ab85703a684f068b5eac40b2c1525af4c4e347305e1dd6eb286241
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.8
etag
"5efdff0f-e62"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
3682
expires
Tue, 06 Apr 2021 13:14:56 GMT
purple_bg.jpg
www.primolotto.com/img/
49 KB
49 KB
Image
General
Full URL
https://www.primolotto.com/img/purple_bg.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
a2c1937fe1cf16f6ef92bc981984b30e82983ffd4ed81b763d9d8ac70cc1f12a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.8
etag
"5efdff0f-c374"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=259200
accept-ranges
bytes
content-length
50036
expires
Tue, 06 Apr 2021 13:14:56 GMT
prize-132-1589895126.png
imgs.tagadamedia.com/primolotto/prod/prize/
126 KB
127 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-196.datapacket.com
Software
BunnyCDN-DE1-565 /
Resource Hash
a633cc3894b71084834e7448c54597d858bee7441f15c31088e4c99b8457688d

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
cdn-edgestorageid
722
x-amz-request-id
4YT8E58NAMRWK7E0
cdn-cachedat
2021-03-31 17:51:05
cdn-pullzone
61945
content-length
129184
x-amz-id-2
wrTPpnjKFkPoOJ5dGGstQgsE3Imi0/ro87HBCWoICqcpURk1RQr9w0KhdjctQP+4S4ZGScGNqPE=
last-modified
Tue, 19 May 2020 13:32:07 GMT
server
BunnyCDN-DE1-565
cdn-requestpullcode
206
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
71ade083a47bd7e3674e83608baafe34
accept-ranges
bytes
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
20eurLeclerc.png
imgs.tagadamedia.com/primolotto/prize/
74 KB
74 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prize/20eurLeclerc.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-196.datapacket.com
Software
BunnyCDN-DE1-565 /
Resource Hash
4ff0196d53e9640f2ac38561ae37ebee69593f1cf39dcf7072bb48eee0304eb5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
cdn-edgestorageid
632
x-amz-request-id
37ED037394F09A81
cdn-cachedat
2020-05-05 11:39:39
cdn-pullzone
61945
content-length
75647
x-amz-id-2
vcE3wnnQOJykzsyuqFCj03UjsngArySjIwWMDBDiJN4jbBamY1S85ZsVxjaTlElfUrj5LG4qc0w=
last-modified
Fri, 27 Jul 2018 14:06:59 GMT
server
BunnyCDN-DE1-565
content-type
image/png
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
82b340bb7aaaf7f090358f4e87c7dc61
accept-ranges
bytes
cdn-requestcountrycode
DE
gift.png
www.primolotto.com/img/
2 KB
2 KB
Image
General
Full URL
https://www.primolotto.com/img/gift.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
33c1ddf6998b4221d60d27dfea001f5557df4bfc5a42b15ea05f827011601c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/grid
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Thu, 02 Jul 2020 15:36:47 GMT
server
nginx/1.19.8
etag
"5efdff0f-6c5"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
1733
expires
Tue, 06 Apr 2021 13:14:56 GMT
prize-177-1607608268.jpg
imgs.tagadamedia.com/primolotto/prod/prize/
14 KB
14 KB
Image
General
Full URL
https://imgs.tagadamedia.com/primolotto/prod/prize/prize-177-1607608268.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.196 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
unn-185-59-220-196.datapacket.com
Software
BunnyCDN-DE1-565 /
Resource Hash
fbbe6cfc3a3838ec0822469c0dc7339ae0402a8b735955535a715760dd7803dd

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
cdn-edgestorageid
601
x-amz-request-id
BYDN3T7G1WFVAH1W
cdn-cachedat
2020-12-10 14:54:06
cdn-pullzone
61945
content-length
14319
x-amz-id-2
KP6yOFm1sJDJLS2lTlyXYRRCEAutF6TMSltcV2/UWmoJVUbDxfBweXbPQDT9um/fYL2wVlefgEE=
last-modified
Thu, 10 Dec 2020 13:51:09 GMT
server
BunnyCDN-DE1-565
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
5d127034-96a6-45e8-a482-4f40615f18db
cache-control
public, max-age=2592000
cdn-requestid
3a06db066fcc2b6dbeddad003ac27d35
accept-ranges
bytes
cdn-requestcountrycode
DE
473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=39fc8aa5c76c21997fbd5887432e6eda&n=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=39fc8aa5c76c21997fbd5887432e6eda&n=2
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=39fc8aa5c76c21997fbd5887432e6eda&n=3
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=39fc8aa5c76c21997fbd5887432e6eda&n=4
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

473146.gif
ejp.rlcdn.com/
0
0
Image
General
Full URL
https://ejp.rlcdn.com/473146.gif?m=39fc8aa5c76c21997fbd5887432e6eda&n=5
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

impl.v13.0.0.js
live.demand.supply/
76 KB
23 KB
Script
General
Full URL
https://live.demand.supply/impl.v13.0.0.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96298726c168760aab88bfe8927651d1c63328c45a16addb6072b8afe2a66c18

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
2f6a98e6-de4b-4b1c-a8d0-ced0625976ad-13870280
date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
cf-cache-status
HIT
age
233475
cf-polished
origSize=77966
cf-ray
63a2901879d64eb6-FRA
cf-request-id
093978635000004eb65219f000000001
cf-bgj
minify
server
cloudflare
etag
W/"62ecc18f48c0fdfbf82d507980adf9fb-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3LnByaW1vbG90dG8uY29tLw==
live.demand.supply/p4/v12-6-0/
156 B
233 B
Script
General
Full URL
https://live.demand.supply/p4/v12-6-0/d3d3LnByaW1vbG90dG8uY29tLw==
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
63a2901879d74eb6-FRA
cf-request-id
093978635000004eb681b8a000000001
css2
fonts.googleapis.com/
2 KB
629 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@700&display=swap
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 11:32:24 GMT
server
ESF
date
Sat, 03 Apr 2021 13:14:56 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Apr 2021 13:14:56 GMT
loader.js
sdk.privacy-center.org/f71de644-b23f-43ee-a736-546e2396b1dc/
6 KB
3 KB
Script
General
Full URL
https://sdk.privacy-center.org/f71de644-b23f-43ee-a736-546e2396b1dc/loader.js?target=www.primolotto.com
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ca00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
2683d8731f21545156e9e21b126403a0c0ec2d53646d52d955f9aa00c821773f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
DUS51-C1
etag
"560870a85f74d460b5ba30b586736b3a"
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
public, max-age=7200
content-length
2756
x-amz-cf-id
dyV9i9-vhih21tE76kE3YUZvW2L5w9QuziTb0sf3YcTapyXd9lZ57Q==
loader.js
cdn.taboola.com/libtrc/tagadamedia-primolotto/
257 KB
27 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a41107cffe14a96662eb3541cf6f306ad2a221a854a4e82368199cbdeeb3e856

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qT7aSRme_1lljulEZFtynH8cZxWAm5vb
content-encoding
gzip
etag
"c76aef9c8b7dc735416cde341814e215"
age
40
x-cache
HIT
content-length
27118
x-amz-id-2
XYmqVFShLgs1GFsyTHMR8OX9T8HTwGUX2uq1ZI2hZtVIiuDm+Q8NIbD6Xm0DUgf3WXpf+3tsWgs=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:30:49 GMT
server
AmazonS3
x-timer
S1617455697.881704,VS0,VE1
date
Sat, 03 Apr 2021 13:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
RCTG6HV62M7D7TXY
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
57
x-cache-hits
1
38bae9676e0b8236d37b091728844b67.js
cdn.pushcrew.com/js/
243 KB
70 KB
Script
General
Full URL
https://cdn.pushcrew.com/js/38bae9676e0b8236d37b091728844b67.js
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3677 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff724737a3926e6581553d5d4fbeeceee6b69e8a0c9866d1a98f683010db6feb

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1635
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09397863f100000746b3b11000000001
access-control-allow-origin
*
last-modified
Thu, 18 Mar 2021 16:43:43 GMT
server
cloudflare
etag
W/"6053833f-3cd69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 google
cache-control
max-age=43200
cf-ray
63a290198b5a0746-FRA
expires
Sat, 03 Apr 2021 13:17:41 GMT
1956224
wall.adgaterewards.com/nq6XsA/ Frame 2A07
53 KB
11 KB
Document
General
Full URL
https://wall.adgaterewards.com/nq6XsA/1956224
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05e042328d1b9ee6e98dcf6ed26d524666ce16dde3e25d745efe89e6d5a5584

Request headers

:method
GET
:authority
wall.adgaterewards.com
:scheme
https
:path
/nq6XsA/1956224
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc20015e6b7ddebf378f17e6609f03fc01617455696; expires=Mon, 03-May-21 13:14:56 GMT; path=/; domain=.adgaterewards.com; HttpOnly; SameSite=Lax adgate_session=eyJpdiI6IkNhQXVpekh4Y3hWRklBVTRxNytpYVE9PSIsInZhbHVlIjoiRWs4RmVoYlQ0SzBhMmVncnlsUVllZExPUkFtUGRhTWVtT3FhNUhRNjNaWDhwZHM0TTF0VFRBeWtMYWNGVDlGSkJLRjRQQnhCRXdoWmhZeGpSdTBQY1E9PSIsIm1hYyI6IjE2M2I2NWNkMzE3OWMzOTMxYmU2ODJlZjkyMDYzZjM5YTRiNTA4MDVhNjBiNGFjMjE3ZTQ1NDUxNWVjZThmMjkifQ%3D%3D; expires=Sat, 03-Apr-2021 15:14:57 GMT; Max-Age=7200; path=/; HttpOnly
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09397863c400000629d6147000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u0S%2FWxL%2FCT5RekLNolbqmkkg8q5scFT2pT4sVvPTQVS3pyvfkCvMOUyN4pAl54x36chHuNhabVwAerhs9CO2bGnWj4cqOM%2BXkVPkY1EHz2ukH29Wpm%2FU%2FGuGh6V%2Fs692B6az"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
63a290193e3f0629-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
ic_ticket.svg
www.primolotto.com/images/
3 KB
3 KB
Image
General
Full URL
https://www.primolotto.com/images/ic_ticket.svg?75d4489ba75a376cc87ea7c684438cb9
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
f0069af0bb8816687fbd93943c1b72d78919dc44c893e78f2c6aedc0525ebb46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-a35"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
accept-ranges
bytes
content-length
2613
MuseoSans_500.otf
www.primolotto.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_500.otf?62c0135163427c652ae397f327f85010
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-f428"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
accept-ranges
bytes
content-length
62504
expires
Tue, 06 Apr 2021 13:14:56 GMT
webfa-solid-900.woff2
www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/
78 KB
78 KB
Font
General
Full URL
https://www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?b15db15f746f29ffa02638cb455b8ec0
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-13654"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=259200
accept-ranges
bytes
content-length
79444
expires
Tue, 06 Apr 2021 13:14:56 GMT
MuseoSans_900.otf
www.primolotto.com/fonts/
64 KB
64 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_900.otf?f5d070fca3ddc0fce188de14f62bf795
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
3523734aa4e5c25525d494704e645ff08af67b7f7c77addb0d6a3303d08a545a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-fed8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
accept-ranges
bytes
content-length
65240
expires
Tue, 06 Apr 2021 13:14:56 GMT
webfa-regular-400.woff2
www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/
13 KB
14 KB
Font
General
Full URL
https://www.primolotto.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?c20b5b7362d8d7bb7eddf94344ace33e
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-3510"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
font/woff2
cache-control
max-age=259200
accept-ranges
bytes
content-length
13584
expires
Tue, 06 Apr 2021 13:14:56 GMT
MuseoSans_300.otf
www.primolotto.com/fonts/
61 KB
62 KB
Font
General
Full URL
https://www.primolotto.com/fonts/MuseoSans_300.otf?bdb59b808cfc4fb88f3963fa06e6c79b
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Origin
https://www.primolotto.com
Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-f5cc"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/octet-stream
cache-control
max-age=259200
accept-ranges
bytes
content-length
62924
expires
Tue, 06 Apr 2021 13:14:56 GMT
e.js
live.demand.supply/e/
0
489 B
XHR
General
Full URL
https://live.demand.supply/e/e.js?e=ll&d=97&cs=c&dsReferer=aHR0cHM6Ly93d3cucHJpbW9sb3R0by5jb20vZ3JpZA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
4ac87dc3-2f94-4193-b3f0-028da879e832-4736487
date
Sat, 03 Apr 2021 13:14:56 GMT
cf-cache-status
HIT
age
2398290
cf-polished
origSize=2
content-length
1
cf-request-id
09397863f400004a5530a4b000000001
cf-bgj
minify
server
cloudflare
etag
"2877b53dadca8491834caa967b24dba1-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
63a290198c8f4a55-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
133 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47703
x-xss-protection
0
server
cafe
etag
6346030555081020592
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:14:56 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
58 KB
20 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
b196dd7095866bf20a6e0af3e61558f76d47d96db181af09301dfb5ef572a5f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"831 / 246 of 1000 / last-modified: 1617401775"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19743
x-xss-protection
0
expires
Sat, 03 Apr 2021 13:14:56 GMT
d3d3LnByaW1vbG90dG8uY29tL2dyaWQ=
live.demand.supply/p4/v12-6-0/
950 B
530 B
Script
General
Full URL
https://live.demand.supply/p4/v12-6-0/d3d3LnByaW1vbG90dG8uY29tL2dyaWQ=
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d269356be801e8b87d73edb400741a713c8b04e97bec24c27773d0933645cbca

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
63a290197b6f4eb6-FRA
cf-request-id
09397863ec00004eb649a66000000001
ds.2.html
live.demand.supply/
413 B
306 B
XHR
General
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
c0cf22b9-3a51-4afc-9c09-6343eb99a8c3-14576074
date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
113326
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
63a290198c934a55-FRA
cf-request-id
09397863f500004a55e1034000000001
apstag.js
c.amazon-adsystem.com/aax2/
119 KB
31 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 22:11:27 GMT
content-encoding
gzip
server
Server
age
54208
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
x-amz-cf-id
eIysOlviuRY1b-_ZRA0M33qaDAfggftmXOyp_JJw0ivcgME37Fujmw==
uamp.1.json
live.demand.supply/
8 KB
3 KB
XHR
General
Full URL
https://live.demand.supply/uamp.1.json?&dsReferer=aHR0cHM6Ly93d3cucHJpbW9sb3R0by5jb20vZ3JpZA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
82456f1d-a6e0-48b8-a1f8-467226ec84eb-32783145
date
Sat, 03 Apr 2021 13:14:56 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
113326
etag
W/"4bae6468d80060d2f91e0682eaa4b2b2-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
63a290198c914a55-FRA
cf-request-id
09397863f400004a55f6393000000001
gagnant_img.png
www.primolotto.com/images/
10 KB
11 KB
Image
General
Full URL
https://www.primolotto.com/images/gagnant_img.png?c9094453187bfc1ddd9e337e493a76c9
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
8f7a04dfcfe5ffe5e09a0f9d4a91bb2ad737f0d6e261dc8b86538ac49eb7adfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-29b8"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
10680
expires
Tue, 06 Apr 2021 13:14:56 GMT
box-astro.png
www.primolotto.com/images/
92 KB
92 KB
Image
General
Full URL
https://www.primolotto.com/images/box-astro.png?6f42ab2e19cad6423209eb1cc60e0a89
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
d25283aef05052ea413e5e518534f8451ed6e8da9e3ab42587a7b6dc5241a1d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-16e18"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/png
cache-control
max-age=259200
accept-ranges
bytes
content-length
93720
expires
Tue, 06 Apr 2021 13:14:56 GMT
tagada.js
p.crm4d.com/sync/
4 KB
2 KB
Script
General
Full URL
https://p.crm4d.com/sync/tagada.js?r=0.6607102076387279
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
7a9612fcdf977a90229f67fcf6ef33c896332c6b18bb652d47658fbcd5f7d678

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:56 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
mt.js
asset.easydmp.net/mt/squadata/
1 KB
1 KB
Script
General
Full URL
https://asset.easydmp.net/mt/squadata/mt.js?t=224647
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 07:44:55 GMT
X-IPLB-Request-ID
59F940CB:3942_91EFC135:01BB_60686A50_29BA2E6:2DDCC
ETag
"60618577-28f"
X-IPLB-Instance
25256
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
655
e.js
live.demand.supply/x/
0
103 B
XHR
General
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cucHJpbW9sb3R0by5jb20vZ3JpZA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
9c02cb88-5a95-40a1-be26-3b474a3845f1-17882454
date
Sat, 03 Apr 2021 13:14:56 GMT
cf-cache-status
HIT
age
2398290
cf-polished
origSize=2
content-length
1
cf-request-id
093978640400004a5544b41000000001
cf-bgj
minify
server
cloudflare
etag
"2877b53dadca8491834caa967b24dba1-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
63a290199cc34a55-FRA
ball_full.svg
www.primolotto.com/images/
2 KB
2 KB
Image
General
Full URL
https://www.primolotto.com/images/ball_full.svg?285aded41fb2f6ea7a8152b4d866995d
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.9.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-9-210.eu-west-1.compute.amazonaws.com
Software
nginx/1.19.8 /
Resource Hash
b841835671d58155e2265cfcdaa0b54eeea722bee5516ae7594ac35d912765b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.primolotto.com/css/app.css?id=f7e6fd648c9509a51642
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
last-modified
Tue, 30 Mar 2021 13:04:59 GMT
server
nginx/1.19.8
etag
"606321fb-76a"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/svg+xml
accept-ranges
bytes
content-length
1898
impl.20210331-18-RELEASE.js
cdn.taboola.com/libtrc/
471 KB
109 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
36b924eb471bd62b8dcec75c1be9211e19d733f6fc900ff2e65eee3c42149403

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3CdYKdqodsRTqLuiZu7FVK_FY0JR.8m6
content-encoding
br
etag
"122633d29dda942f9c451d18957ff7cb"
age
20808
x-cache
HIT
content-length
110792
x-amz-id-2
L6F7zjJ4zjVUp5e7gqHXQuDxYp21TUJ4m7/Bj0KWjrWZt0prUvO66FctLz9f+mrGlpy91hTg5NQ=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 07:27:54 GMT
server
AmazonS3-br
x-timer
S1617455697.976931,VS0,VE0
date
Sat, 03 Apr 2021 13:14:56 GMT
vary
Accept-Encoding
x-amz-request-id
25X4SKF4QT1D5837
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
0
x-cache-hits
110937
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-93113711-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3831
date
Sat, 03 Apr 2021 12:11:05 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 03 Apr 2021 14:11:05 GMT
js
sonar.viously.com/1617455696983/
11 KB
4 KB
Script
General
Full URL
https://sonar.viously.com/1617455696983/js?w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=
Requested by
Host: getviously.com
URL: https://getviously.com/js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.223 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
8cee5f311af9b900492d054923c138a970f7bfb367cfe2dc5cc0d66811a173f4

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript; charset=UTF-8
server
nginx
content-encoding
gzip
vary
Accept-Encoding
expires
Tue, 24 Nov 2015 00:00:00 GMT
primolotto.com_728x90_sticky_display_bottom
api.demand.supply/v12-6-0/a/
335 B
544 B
XHR
General
Full URL
https://api.demand.supply/v12-6-0/a/primolotto.com_728x90_sticky_display_bottom?&dsReferer=aHR0cHM6Ly93d3cucHJpbW9sb3R0by5jb20vZ3JpZA==
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf4cf7355bba47e74062fa9f4627806d02cc8f797c4f6934c67f9eb982f4708

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1636
etag
W/"14f-A27JOZqICOkVx5nDqOxo2fqZQUg"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
63a2901a4e1e4a55-FRA
cf-request-id
093978646900004a5521bf8000000001
sdb.css
live.demand.supply/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://live.demand.supply/css/sdb.css
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nf-request-id
bcd6f586-84f2-4de9-8284-2e9af42a7905-60357767
date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
441496
etag
W/"3d233b5d02ebdf1ac17fe1067849c9f7-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
63a2901a9db04eb6-FRA
cf-request-id
09397864a300004eb6158a2000000001
pubads_impl_2021032901.js
securepubads.g.doubleclick.net/gpt/
288 KB
101 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021032901.js?31060640
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Mar 2021 08:36:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103062
x-xss-protection
0
expires
Sat, 03 Apr 2021 13:14:57 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 07:13:07 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
21711
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
content-type
application/javascript
x-amz-cf-id
o0qNpDoXSwx6MJ-f6MlGTxpsF6EGtBP1M_ydIq9Z9PSE8v9WNaS7QQ==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/
225 KB
85 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210331/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6174806814869296&plah=www.primolotto.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86022
x-xss-protection
0
server
cafe
etag
6413673484793450264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 03 Apr 2021 13:14:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/ Frame 874E
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210331/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210331/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.primolotto.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.primolotto.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 02 Apr 2021 20:38:57 GMT
expires
Fri, 16 Apr 2021 20:38:57 GMT
content-type
text/html; charset=UTF-8
etag
13254444762018554669
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4647
x-xss-protection
0
age
59760
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
match
p.crm4d.com/sync/tagada/
42 B
534 B
Image
General
Full URL
https://p.crm4d.com/sync/tagada/match?eh=39fc8aa5c76c21997fbd5887432e6eda%2C5bb95fd4f97db1c1b219ea7b1fd03175d2faecba9bc860b3005b47b315a4ae12
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
s.gif
p.crm4d.com/sync/appnexus/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fp.crm4d.com%2Fsync%2Fappnexus%2Fs.gif%3Fbounce%3D1%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp.crm4d.com%252Fsync%252Fappnexus%252Fs.gif%253Fbounce%253D1%2526uid%253D%2524UID
  • https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=8497725251859350089
42 B
550 B
Image
General
Full URL
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=8497725251859350089
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
no-cache
Date
Sat, 03 Apr 2021 13:14:57 GMT
X-Proxy-Origin
89.249.64.203; 89.249.64.203; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.148:80
AN-X-Request-Uuid
5b77c6d5-ea91-4a4a-a50d-a6b424631916
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://p.crm4d.com/sync/appnexus/s.gif?bounce=1&uid=8497725251859350089
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:56 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fsas%2Fs.gif%3Fbounce%3D1%26uid%3D%5Bsas_uid%5D&cklb=1
pragma
no-cache
date
Sat, 03 Apr 2021 13:14:56 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
s.gif
p.crm4d.com/sync/weborama/
Redirect Chain
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D
  • https://wam.solution.weborama.fr/fcgi-bin/dispatch.fcgi?g.bo=OK&g.rn=72512&d.A=rd&d.k=crm4d_id&d.u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fweborama%2Fs.gif%3Fbounce%3D1%26uid%3D%7BWEBO_CID%7D
  • https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=Ba5FF8uiiol5w9UThVTVGu
42 B
567 B
Image
General
Full URL
https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=Ba5FF8uiiol5w9UThVTVGu
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:14:57 GMT
last-modified
Sat, 03 Apr 2021 13:14:57 GMT
server
Apache
access-control-allow-origin
*
transfer-encoding
chunked
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://p.crm4d.com/sync/weborama/s.gif?bounce=1&uid=Ba5FF8uiiol5w9UThVTVGu
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Tue, 03 Jul 2001 06:00:00 GMT
s.gif
p.crm4d.com/sync/bluekai/
Redirect Chain
  • https://stags.bluekai.com/site/49123?id=es22lUnuT3BFBVMKpX5ABwBVrfnpQXBYKoAO1_NXW6I&limit=1&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fbluekai%2Fs.gif%3Fbounce%3D1%26uid%3D%24_BK_UUID
  • https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=Ppx4JQ9999Y0NVCQ
42 B
549 B
Image
General
Full URL
https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=Ppx4JQ9999Y0NVCQ
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Location
https://p.crm4d.com/sync/bluekai/s.gif?bounce=1&uid=Ppx4JQ9999Y0NVCQ
Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Length
0
BK-Server
71a5
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
s.gif
p.crm4d.com/sync/mediamath/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fmediamath%2Fs.gif%3Fbounce%3D1%26uid%3D%5BMM_UUID%5D
  • https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=1be16068-6a51-4200-91ff-67d6a910b64f
42 B
551 B
Image
General
Full URL
https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=1be16068-6a51-4200-91ff-67d6a910b64f
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Server
MT3 3628 75f709e master cdg-pixel-x12
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://p.crm4d.com/sync/mediamath/s.gif?bounce=1&uid=1be16068-6a51-4200-91ff-67d6a910b64f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Sat, 03 Apr 2021 13:16:11 GMT
s.gif
p.crm4d.com/sync/adobeam/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=81351&dpuuid=Gk4Q5oYEOs5gNGXCdeDV8kjMSOR8inGf2ORQPmJwW6Y&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=81351&dpuuid=Gk4Q5oYEOs5gNGXCdeDV8kjMSOR8inGf2ORQPmJwW6Y&redir=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fadobeam%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BDD...
  • https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=69352355429102587213183896482237968416
42 B
565 B
Image
General
Full URL
https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=69352355429102587213183896482237968416
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+7EWr9yvS/Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://p.crm4d.com/sync/adobeam/s.gif?bounce=1&uid=69352355429102587213183896482237968416
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
dpm.zebestof.com/
96 B
258 B
Image
General
Full URL
https://dpm.zebestof.com/sync?url=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fzbo%2Fs.gif%3Fbounce%3D1%26uid%3D%24%7BZBO_ID%7D
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.47.175.198 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-47-175-198.eu-west-3.compute.amazonaws.com
Software
nginx /
Resource Hash
a4931d41ac5d64ce1bd563cf52252495f55bbf9b1dafd58fdb9ee6fe2b1de4ca

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
gzip
server
nginx
cache-control
private, must-revalidate, proxy-revalidate
p3p
CP="CAO PSA OUR"
content-type
image/png
0.gif
id5-sync.com/s/9/OW7HMspikkjBYmrx6ZlOSH1gwGaGNd2bUk-WjdZ7MsQ/
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/9/OW7HMspikkjBYmrx6ZlOSH1gwGaGNd2bUk-WjdZ7MsQ/0.gif
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.10 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p24.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:55 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
1617455696967
ew3.io/r/
163 B
539 B
Image
General
Full URL
https://ew3.io/r/1617455696967?crm4did=Ez5QL4g_wsc5GC78lWfIsXK_unAormY4BuiZVou83gk
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
109.232.197.89 , France, ASN50234 (EULERIAN-AS, FR),
Reverse DNS
e3rd.eulerian.net
Software
EWS /
Resource Hash
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Date
Sat, 03 Apr 2021 13:14:57 GMT
X-Content-Type-Options
nosniff
Server
EWS
Strict-Transport-Security
max-age=604800
Content-Type
image/png
Cache-Control
max-age=0, private
Connection
Close
Accept-Ranges
none
X-Robots-Tag
noindex
Content-Length
163
X-XSS-Protection
0
s.gif
p.crm4d.com/sync/criteo/
Redirect Chain
  • https://gum.criteo.com/sync?c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=346&r=1&a=1&u=https%3A%2F%2Fp.crm4d.com%2Fsync%2Fcriteo%2Fs.gif%3Fbounce%3D1%26uid%3D%40USERID%40
  • https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=cShFhheZDd11w6K4qx-EWA_STFXl4OoZ
42 B
548 B
Image
General
Full URL
https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=cShFhheZDd11w6K4qx-EWA_STFXl4OoZ
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

location
https://p.crm4d.com/sync/criteo/s.gif?bounce=1&uid=cShFhheZDd11w6K4qx-EWA_STFXl4OoZ
strict-transport-security
max-age=31536000
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2391
date
Sat, 03 Apr 2021 13:14:56 GMT
content-length
204
content-type
text/html; charset=utf-8
s.gif
p.crm4d.com/sync/cact/
Redirect Chain
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid
  • https://sync.commander1.com/2261zb2pkr404k1471IJ2y8sS69j6a9Y/getuid&firsttime=1
  • https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=d2d95165ac43acd12e558a3a52e575c7fef84200cbdacba30042fd6f9caa1940
42 B
562 B
Image
General
Full URL
https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=d2d95165ac43acd12e558a3a52e575c7fef84200cbdacba30042fd6f9caa1940
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.82.32 , France, ASN16276 (OVH, FR),
Reverse DNS
ip32.ip-54-36-82.eu
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"

Redirect headers

Pragma
private
Date
Sat, 03 Apr 2021 13:14:57 GMT
Content-Encoding
gzip
Server
web
Vary
Accept-Encoding
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
location
https://p.crm4d.com/sync/cact/s.gif?bounce=1&uid=d2d95165ac43acd12e558a3a52e575c7fef84200cbdacba30042fd6f9caa1940
Cache-Control
private, max-age=486000, pre-check=486000
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Type
text/html
Keep-Alive
timeout=60
Content-Length
20
Expires
Fri, 02 Jul 21 15:14:57 +0200
sdk.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
sdk.privacy-center.org/
361 KB
81 KB
Script
General
Full URL
https://sdk.privacy-center.org/sdk.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/f71de644-b23f-43ee-a736-546e2396b1dc/loader.js?target=www.primolotto.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ca00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e876b5005c6e162ac0180c79bce6894ea035f7a5be6b3da43f9127f517785b95

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 14:47:43 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 14:43:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1617201617/ctime:1617201617/gid:0/gname:root/md5:59f18fad6ba1dcba1953d6cebac8e610/mode:33188/mtime:1617201617/uid:0/uname:root
age
253635
etag
W/"59f18fad6ba1dcba1953d6cebac8e610"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
av8X4ASBX2ToLPNBFBnQvME-rJV7yipJ66ZXAj3V32c2TvR1mC3U1w==
collect
www.google-analytics.com/j/
2 B
390 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=684182308&t=pageview&_s=1&dl=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ul=en-us&de=UTF-8&dt=Primolotto.com%20-%20Loterie%20100%25%20gratuite%20-%20De%20l%27argent%20et%20des%20ch%C3%A8ques%20cadeaux%20%C3%A0%20gagner&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=474773168&gjid=1601042135&cid=1389203881.1617455697&tid=UA-93113711-1&_gid=1750741269.1617455697&_r=1&gtm=2ou3o0&z=1982264356
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:14:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
client.js
asset.easydmp.net/js/
9 KB
4 KB
Script
General
Full URL
https://asset.easydmp.net/js/client.js?t=224647
Requested by
Host: asset.easydmp.net
URL: https://asset.easydmp.net/mt/squadata/mt.js?t=224647
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.53 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2522fed30cc3939843055db41498c0ddaf3f6842204d42ef8f0af70d6d190a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 03 Apr 2021 13:14:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Mar 2021 07:44:55 GMT
X-IPLB-Request-ID
59F940CB:3942_91EFC135:01BB_60686A50_29BA2E9:2DDCC
ETag
"60618577-e8e"
X-IPLB-Instance
25256
Strict-Transport-Security
max-age=31536000
P3P
CP="ALL DSP COR CURa ADMa PSAa PSDa OUR NOR UNI"
Cache-Control
max-age=900, s-maxage=900, public
Content-Type
application/javascript; charset=utf-8
Content-Length
3726
bid
c.amazon-adsystem.com/e/dtb/
23 B
373 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.primolotto.com%2Fgrid&pid=nO8zdK3bWGyWM&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22primolotto.com_728x90_sticky_display_bottom%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%5D&cfgv=0&pubid=66ef05f7-ad53-48f6-873a-ac7543370392&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
via
1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.primolotto.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
4SN0NrmeZkrvYp2JfEVP9UhHogMDsNjmYoM1O_u0hx_UyPgW6ZxqYg==
xdCsKz.gif
e.viously.com/
43 B
178 B
Image
General
Full URL
https://e.viously.com/xdCsKz.gif?ts=1034.89&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Sat, 03 Apr 2021 13:14:56 GMT
raUWL9.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/raUWL9.gif?ts=1034.99&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&sec=4&sem=unkown_domain
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Sat, 03 Apr 2021 13:14:56 GMT
BKaUfB.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/BKaUfB.gif?ts=1038.75&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&wvv=729.9449993297458
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Sat, 03 Apr 2021 13:14:56 GMT
collect
stats.g.doubleclick.net/j/
1 B
87 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-93113711-1&cid=1389203881.1617455697&jid=474773168&gjid=1601042135&_gid=1750741269.1617455697&_u=IEBAAUAAAAAAAC~&z=93465229
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 03 Apr 2021 13:14:57 GMT
content-type
text/plain
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ui-gdpr-en.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
sdk.privacy-center.org/
250 KB
51 KB
Script
General
Full URL
https://sdk.privacy-center.org/ui-gdpr-en.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ca00:5:b7cc:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
861797fc7bbdafcfe16d64f4389f847fa159f98480c5f97be0a9f07663f8830c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 31 Mar 2021 14:47:45 GMT
content-encoding
gzip
last-modified
Wed, 31 Mar 2021 14:44:03 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1617201617/ctime:1617201617/gid:0/gname:root/md5:04d4cf92cbad1006a61f3643f9a6eaa2/mode:33188/mtime:1617201617/uid:0/uname:root
age
253633
etag
W/"04d4cf92cbad1006a61f3643f9a6eaa2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
cache-control
public, max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
x0NOFOxN3gUMRRtn4Fd0qvJtevjI2WRncvZbZVMgtvsGNSsMxET8nw==
events
api.privacy-center.org/v1/ Frame
0
0
Preflight
General
Full URL
https://api.privacy-center.org/v1/events
Protocol
H2
Server
2600:9000:2182:d600:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-requested-with
Origin
https://www.primolotto.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
content-type,x-requested-with
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
date
Sat, 03 Apr 2021 13:14:57 GMT
vary
Access-Control-Request-Headers
x-powered-by
Express
x-cache
Miss from cloudfront
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
Xn3Pw7a95Cr_z4t0l077uC6Aq_n7NqjqqHKynobnzuN7zF02MlOrrQ==
events
api.privacy-center.org/v1/
0
523 B
XHR
General
Full URL
https://api.privacy-center.org/v1/events
Requested by
Host: sdk.privacy-center.org
URL: https://sdk.privacy-center.org/sdk.e8db83eaa9afe264453f2f43993a082ab9347c1b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:d600:d:2044:5c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.primolotto.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
via
1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-C1
surrogate-control
no-store
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
strict-transport-security
max-age=15552000; includeSubDomains
x-xss-protection
1; mode=block
pragma
no-cache
allow
POST
x-frame-options
SAMEORIGIN
etag
W/"4-K+iMpCQsduglOsYkdIUQZQMtaDM"
x-download-options
noopen
vary
Accept
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-amz-cf-id
ZX_ygobNLWfvIcjRMDvYGU0NdtfZX0LUhcGYHgoZ7nb6Q2m8pNo3Dg==
expires
0
css
fonts.googleapis.com/ Frame 2A07
2 KB
614 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 03 Apr 2021 11:17:58 GMT
server
ESF
date
Sat, 03 Apr 2021 13:14:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 03 Apr 2021 13:14:57 GMT
bootstrap.css
wall.adgaterewards.com/assets/css/vc/ Frame 2A07
114 KB
18 KB
Stylesheet
General
Full URL
https://wall.adgaterewards.com/assets/css/vc/bootstrap.css
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c96396f5c59de04878a008c9231a46553cbb06472116a33675a5dbc754c4d68

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2384
cf-polished
origSize=117305
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093978664200000629e12e9000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
W/"6066fc0e-1ca39"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JzLG6NmgS5hCxsQb6qP5SBfjyK%2BrNd%2ByJg6Dz5ARhttAQi%2F%2BjwGezad88HzhXCJ43TI5VoHKrG8%2B3wi7VG1T9OElo32GkbE1YRLOomDJS6VWvmjhYLv3R%2FlLAkMqR3Gkc0wn"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
63a2901d3c430629-FRA
cf-bgj
minify
font-awesome.min.css
wall.adgaterewards.com/assets/fonts/font-awesome-4.7.0/css/ Frame 2A07
30 KB
7 KB
Stylesheet
General
Full URL
https://wall.adgaterewards.com/assets/fonts/font-awesome-4.7.0/css/font-awesome.min.css
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4608
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093978664200000629e2b6c000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
W/"6066fc0e-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fF0M8agjIcBxJUHVs%2F7cJ3AZp5xYpc9JFv479t%2FuteadgIup7RHgNyMW2C%2FxXVyA4EzfupgdgDU7es6B%2Fk73e0kPOo7ib5ARaltoQreTuYXFwqY%2FSukSr0VzRo2UzV35tH0X"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
63a2901d3c440629-FRA
api.js
www.google.com/recaptcha/ Frame 2A07
850 B
646 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Sat, 03 Apr 2021 13:14:57 GMT
adgaterewards.png
wall.adgaterewards.com/assets/img/vc/ Frame 2A07
12 KB
12 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/vc/adgaterewards.png
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698c7a603e5dae46fa689aed50735ad8a3e51466b132210015ae6aa30f3b8068

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11816
cf-request-id
093978667a00000629aeb9d000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-2e28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cGscyGtf4kYD%2F1OBM7qOKa8PyX8fBYZ%2FUqb4nWuhZ9DHIrjpuxXuwauw27FT2WeDgPKBI%2Bz%2FHO7OAKafY29N7hqmInTOlIkvdV0%2F8VA7SEItBmErQQfel1CvM61hb2QAsqKY"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a2901d9cc60629-FRA
es5-shim.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ Frame 2A07
15 KB
6 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-shim.min.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
8500532
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5026
cf-request-id
09397866540000d70d44142000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-3b2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Jk2iCNm8vX4NCSlccBlz%2FicB8%2FUvGKbh%2F49BXhfnKujdb1ZbSdf3YokiRbv%2FxdKf4NqfRwuSOt0qLtJ50jJYIDM75q7ec2nSf2J14sdu8wofn3WnaJkyr%2FoTCwOrU5d8LA%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63a2901d5d84d70d-FRA
expires
Thu, 24 Mar 2022 13:14:57 GMT
es5-sham.min.js
cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/ Frame 2A07
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/es5-shim/4.1.1/es5-sham.min.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
430519d7fdd5ff30e5c83844c4352be35bc55dbd2632e9a70cc474050c44b8f8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
8500532
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1407
cf-request-id
09397866660000d70d37acb000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:56 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e54-1353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FHuL%2BBs4t9oMnjMmGCoA34hhQIP4GBfp%2BhkQ8cLj6HhQKhII8iGaZgUyeWd3OUldKiKZ6H3Z2yKsRZd66JMtMWyhxw0awnxWgVzfcVyH4xQl3CrPeQJOcHkzbyyYbR7XpQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63a2901d6da2d70d-FRA
expires
Thu, 24 Mar 2022 13:14:57 GMT
desktopBundle.js
wall.adgaterewards.com/assets/js/vc/ Frame 2A07
2 MB
291 KB
Script
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/desktopBundle.js?t=1616416182
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
725667be21624bb8675f40e187592ba3e78cd48b19b5301204bd6408ce0f867f

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344
cf-polished
origSize=1653296
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093978667300000629e8ae7000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
W/"6066fc0e-193a30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m15cV2Co78IsYsnOGua5W8wLLnLsrxTX9opMTarHExpBgMB%2BBCfXXlWE5ojyikaxHQCikSHUd0QqKT8D0XI%2FtzuM94aym98%2BVGTfeiAo7YvUcdb4hWvAJbrVzIorDTI6f2N9"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
cf-ray
63a2901d8cb40629-FRA
cf-bgj
minify
advertisement.js
wall.adgaterewards.com/assets/js/vc/ Frame 2A07
30 B
378 B
Script
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/advertisement.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9212967af6330d6bce1b082e672372b651c92379a8ecb40e1922fdb859a5c268

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1344
cf-polished
origSize=32
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
cf-request-id
0939786679000006299c1ba000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-20"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v0%2FvpH5cdmfLWekQ7S806TPZb128SJThSWccD52kb4dVY0VopZxddyj5Oeo8yhgW%2FhaEC2mE9huP7sEqP1uQu5dI2I5%2FLtrGR%2FzKXXhwsIqEGgvozKmZj%2B5AmzycBHW%2F5ydp"}],"max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a2901d8cc00629-FRA
cf-bgj
minify
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 2A07
332 KB
333 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://wall.adgaterewards.com
Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 13:48:26 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
84391
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340168
x-xss-protection
0
expires
Sat, 02 Apr 2022 13:48:26 GMT
analytics.js
www.google-analytics.com/ Frame 2A07
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/nq6XsA/1956224
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
3590
date
Sat, 03 Apr 2021 12:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Sat, 03 Apr 2021 14:15:07 GMT
en.json
wall.adgaterewards.com/assets/js/vc/locale/ Frame 2A07
21 KB
7 KB
Fetch
General
Full URL
https://wall.adgaterewards.com/assets/js/vc/locale/en.json
Requested by
Host: wall.adgaterewards.com
URL: https://wall.adgaterewards.com/assets/js/vc/desktopBundle.js?t=1616416182
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee97dad5bc48f34673bd7ee16f8d93186063b5e60882af7704b306f0584ae1b2

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
W/"6066fc0e-53a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to":"cf-nel","max_age":604800}
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bbje3OkyYNSE01Rv9lwrHYZOE090%2B094MEQANdPTj4hqW7G%2BV65prltobwqqX7tlpyTUsO87QrBNky5dEnGCQHk5w7qWGJXLaJBVFj3Q8ktDDkm1imjJyNbqWcd%2F3NZ%2FEkZ7"}],"max_age":604800}
content-type
application/json
cf-ray
63a2901e7e170629-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
093978670900000629733f9000000001
LvebNC.gif
e.viously.com/
43 B
177 B
Image
General
Full URL
https://e.viously.com/LvebNC.gif?ts=1548.55&udsh=1200&udsw=1600&udso=landscape&ul=en-US&pru=&pu=https%3A%2F%2Fwww.primolotto.com%2Fgrid&ct=4g&wvv=58.00999980419874
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.230 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:57 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Sat, 03 Apr 2021 13:14:56 GMT
mt
sonar.viously.com/1617455698170/
0
128 B
Script
General
Full URL
https://sonar.viously.com/1617455698170/mt?c=&o=https%3A%2F%2Fwww.primolotto.com%2Fgrid&w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=&ex=false&t=Primolotto.com%20-%20Loterie%20100%25%20gratuite%20-%20De%20l%27argent%20et%20des%20ch%C3%A8ques%20cadeaux%20%C3%A0%20gagner&d=Primolotto%20est%20une%20loterie%20100%25%20gratuite%20qui%20vous%20permet%20de%20remporter%20chaque%20jour%20de%20l%27argent%20et%20des%20cadeaux%20en%20validant%20vos%20grilles&pd=&l=fr&v=false&ev=&av=
Requested by
Host: sonar.viously.com
URL: https://sonar.viously.com/1617455696983/js?w=https%3A%2F%2Fwww.primolotto.com%2Fgrid&r=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.141.129.223 , France, ASN48402 (VIOUSLY, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
content-type
application/octet-stream
content-length
0
expires
Tue, 24 Nov 2015 00:00:00 GMT
US.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
765 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/US.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
765
cf-request-id
093978694d0000062973022000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-2fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8V3b%2B8tWh5rbjVIwHabYnsN6%2BZLgLcLCWFwjzT83k7%2FcsJtwtI%2Bka%2BJtd%2B8CmCzKBYr%2FL01hrzFg8rOtovEnb2r4L%2FL1kze%2Fb8xjzLQc3EpEyorl8wKoo1f6qtKH%2BawW9v%2B%2B"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c490629-FRA
DE.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
814 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/DE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
093978694d00000629e131f000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7CpQ7FTs9Hc8fKwt5YL9rnnA6kNIZXG1v14TnkCILwXfT0RZbOKKMg34zTvjDifhvUbTyTq4Oksvc%2FLp40QVC0S950Hle1A1r6joXK5wcRaPVBp9QCSCxOqTA3twCOJMjleU"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c4b0629-FRA
RU.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
520 B
842 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/RU.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4a435a77ba9821779ff039d294facf001ace345b9173c180754f425970b2d1a

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4589
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
520
cf-request-id
093978694e0000062970956000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-208"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oD1t8rNd6uuEkSKs6TIQh1uNK1BGK6TiZhJB1D263Yf2HrWoSxK6%2FkAiAHOEizXK%2BOZgvBiEx99Kswf8WI%2BSwZLR0hJOGYbu0CTMDh6vKpPWVqQ1Be8d4AhuWOaMP4ghtR2Y"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c4c0629-FRA
UA.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
800 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/UA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fc0bbfb3f05a1803fc6289d151b61cabf846ff5b2660d47493c399135f7658c

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
09397869500000062970957000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S93DvD3b%2Bnl1txDdoWrEPG0Yk63nd2P7xObM6yALIliPcxMkw3Pqf19u6kBMjcMl8ui7CUeHiSEklLZPzwe6hb37XZE20xan%2FYdaHwFpWjAiukLHCfuTBQXD7%2FnhwOXeANAG"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c4d0629-FRA
ES.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
705 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/ES.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c246ec07b24762244202158adadb0d006913c39f924c7d01d0ff00d2d024a0af

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
705
cf-request-id
093978694e00000629a0135000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-2c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s216pezDu9EYrDqFps5dcE4hzVnl7kvO4KUxZZAucqUdM0pw3WSpj%2BDdK9tY5D8l48%2ByAC%2BzTCy7twOVrrqfE64wknKquo5v2tEcnAkKwUYvKcNEYXx%2BZbVHgqXkVKYmK%2Fri"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c4e0629-FRA
PT.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
869 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/PT.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e13a24713c60de07775945d4f347acc364ae5f5f156ac3186329c0dcdfa7c69

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
869
cf-request-id
093978694e00000629d49ef000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-365"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sl9SgWVVFH0SahNwXpK2MxpHCB7tNh3fb5x7D0DIWe1b0Qael3CFwfnrG6tqDd%2B3bsXMlziiv9EQkyXUxdnQs%2BCitiM3NMv4jW569owaB%2BFFtN7vVzw9tZpToUydg3zCL6Wg"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c4f0629-FRA
TR.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
718 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/TR.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34e825b0af90621129e3b1da7d4bb8dcb83a970067998c49e42e9572332ca37

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
718
cf-request-id
093978694f000006297e11c000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-2ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FpWpAUDm5DcWmgWHiCsPchq12pVMHk69qd%2B%2BG9whG%2FBtQvN3yP3XIhfp9Lo4wRhnwcpXavlMHcHmheN6eqmSvvBjYM000JHKP%2FsjGhObJVP0C0o%2BQS7vpBr96inbtZpNpAg1"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c510629-FRA
NL.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
985 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/NL.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fbaef854e0f55871aa050995066ea783c517640ba307e4971a5dfa009342b1

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
093978694f00000629a9235000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z7%2BHu3S7YkzBBHax6YKvsvXvyhWUGB7ehHb1gSZf5IqUpkzN6Me%2F29jVk94SSUTm%2BOjhLUJt32VMzo5AawG3fjL14jqc2nl35tJu9%2Frk1tvvtzysHbpS777Pd%2B1Ko5eU%2F7x8"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c520629-FRA
IT.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
851 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/IT.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b6cf86376b18e7013022123018f749c4427bc442df1ca43d05f7514b1984980

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
851
cf-request-id
093978694f00000629c1a0f000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NyhI8jC4tCCDvNnhAQ4lsYR0l9oxzddQapvyzfDZFHJbIVY%2FOMSa%2B6ekjqhLuyjlfY0OAcRNji1hTleARSRXVl%2FqmjQs4s9iPRGkeE3Hb6a14pSnGDzuzJWL6Y%2Bqo8aQenMR"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c530629-FRA
FR.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
851 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/FR.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f494c6d8894113fcc5724294d52ff485c8d28b2d898a00975df52f1b6cb88584

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
851
cf-request-id
093978694f00000629dbaf9000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-353"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hwdh1P4ig2oJ6X26nFx3jQ%2Bxg%2Buxw%2FdZpcgx6o8a9c0XAzLG11m7gBfXn17510fjkMOlYOsBKpBdR%2Fo1NPv79gOI%2F6EV4vIHtmbLw3klW7uarsjAkhg49meia51SG4upyw8g"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c540629-FRA
SE.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
575 B
890 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/SE.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94cc624c94016647682407c6631bdbabb26f5065873f55f6237ab31aa7095154

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
575
cf-request-id
093978694f00000629ea21d000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-23f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kB%2Bl6AFa40fbOtzKiHbS6YqWqBvrdwp73SnXCi0OcMGk9%2B9N5YF%2B2Av6HeqI9fJ0TMp5j5qa%2BFwBfaTVKMDt8I3IwTdmw0lQ%2FAVpu1edDiTiV1%2BJcXjdrLWiaYA3uCVoAXWR"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c550629-FRA
DA.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
437 B
917 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/DA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80a3407ddae570bfd761f497180f58472dad91693b58437210e2af57a835a83

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
437
cf-request-id
093978694f00000629a99ce000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1b5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UFkFekzVHKpzrrU8Fn6EOgLSSc3wb1XxI4iIJVaKUYMCrgZh6OUdYZB7O5a9t2qtarOvJrNBcG7lF%2FWte%2BiI9F01WwbS6H4IoeHh%2FSOWFW7nUtoxnxzV8LuZCVWvSj%2FuNVk3"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c560629-FRA
PL.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
822 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/PL.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df8538a9e4df6cdfd820f455ef945483f2bdf9d130ddad32ab5f91f7dbb76b9d

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
093978695000000629a3819000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uib9Hai2s8rOf65Nj%2FWTTE30UrR8e0rQB5azjY4Vt296SqiV66zwL5RQg5bk4f4j4hzcVwAB5A2N6rUc0gBo%2FOFLvr1lNVJN%2Brv%2FCzlyYt7JZzYNXY5W2by9LG%2B86AtR1x7R"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c570629-FRA
TH.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
811 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/TH.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab6a8190b095272d4f8d0771b1f975c3b6b0992660e5fa1dcdf41a9534e716e

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4592
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
09397869500000062986891000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gwwPecoA8pytwAbnhyyBx5Hb3T2uO5B%2F%2FEYYRXvzsf3Rdq2xZzqzRgvZEgPuhmWL%2Fg2JlX%2BVk6oHw2I0N8QHtHZ%2FyQxcVk%2BCHdTD%2F10zmtHteKWDnk9xOvyfsbky5zMtAxh8"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c580629-FRA
VN.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
615 B
945 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/VN.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817dce8a7cc72dcf653b7883035382ce6db243a40c106598f47c419180d9858a

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
615
cf-request-id
0939786950000006297912f000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-267"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HoK%2B9pkQfugKdaObPPrUUuTW%2B6cyWhlyJ9e51cHnyxP%2FqYT8RudoNhbSpHC9gTantavfIp73v%2Bs8J4m5n3IIztUx%2FP%2F4zfRKRLTy%2FmTG3BiuvUV0e6FKZJ6qXfakOwYEw713"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c590629-FRA
ID.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
509 B
831 B
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/ID.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea41b0db7ca29655f610421075ce1eb794fa892783be830f5cce6be828b5a4cc

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4607
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
509
cf-request-id
093978695000000629eb38b000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-1fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jCFISpmDKFPxZ%2FR2R%2FKRvad5BqUqZ3gro%2FmpEglRqHDrkSJ07H9l%2FobCV5Z5%2BM6mNotjk4cMSBJ53IwXSQCLrywi1wyS2V%2FkWw%2BNYD2GzNMgJko4YIjhR0QDk%2FyETa0umQwa"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c5a0629-FRA
SA.png
wall.adgaterewards.com/assets/img/flags/ Frame 2A07
939 B
1 KB
Image
General
Full URL
https://wall.adgaterewards.com/assets/img/flags/SA.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:3724 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1914089b9ec68a3b941d15a5315684bcb4362329b5ffc2dcf49c667c2964376e

Request headers

Referer
https://wall.adgaterewards.com/nq6XsA/1956224
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
939
cf-request-id
0939786950000006298f3cd000000001
last-modified
Fri, 02 Apr 2021 11:12:14 GMT
server
cloudflare
etag
"6066fc0e-3ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5z8JGH9ZeqJdujlYVyxtpk2OHREMnNcIpXG7jb36QK%2Ff9W5NhEmQgLPGCfLK6h%2FwUW8RLCTFL376zQPSbpljN3lZQpI%2BnxV7JE%2B6Eu5Ba55Q3t6%2FnPvQnm6mwRKP2%2BLUQ2SG"}],"max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63a290221c5b0629-FRA
1616985010791.png
main-p.agmcdn.com/offers/ Frame 2A07
350 KB
351 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1616985010791.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a232281ebb40c01155c461d3673111e9641ebdb0a530b34287d65f9bc29151

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4242
cf-ray
63a2902248a02bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
358283
x-amz-id-2
zjAfOIiQYwlaln9bncULqskTV6WLB8/q8QHxkAuxRru+hFKUTCPaI8Mf5VakyROjGOqak3i/02g=
last-modified
Mon, 29 Mar 2021 02:30:12 GMT
server
cloudflare
etag
"7c5adfd68a9b9f4ba25a7d0f297b20c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JH4mXPKQv%2BsStQGSN%2BIxVrsXz9hIS2uHR7O3xGDcl8ZpvFg9GSxs6nmzyyS9q5UVnTSf9vO9e6xgGbkrpyIFREidruQXRs9%2FNvzf86lnPL8Ck9YTojLL5UBapzaoTA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
1AX8616TWH1209T4
cache-control
max-age=432000
cf-request-id
093978696c00002bce0218f000000001
accept-ranges
bytes
content-type
image/png
340577-3gFMPyAo.jpg
main-p.agmcdn.com/offers/ Frame 2A07
212 KB
213 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/340577-3gFMPyAo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
660d23a83593219127fbe8ee10bf8625f3b500309b3c534a6e28ffb711d5733a

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5362
cf-ray
63a2902248a22bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
217413
x-amz-id-2
rttu8gDdp5zpYPwXz/3UQWX0sa2Z0lJRzEDXOHFE3Pl9teq9gdkWEYI/B1larCvCLJdjaWQ8mcM=
last-modified
Fri, 06 Sep 2019 07:40:25 GMT
server
cloudflare
etag
"a5803580f504d127df60df9d93fcf2f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TsgBo16kkiYb4vAqF5aUqwHbImmg4OKb70bNKoNoKAXzXaPZC3UT%2BQJzwGthDUNLgZ2gr995o9PH%2BGsVCxnBRiLRXMCo8PkCfYPzZUYfRexRlBR6J8O7Y7xASin7vw%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
837D0087949BDD27
cache-control
max-age=432000
cf-request-id
093978696d00002bced7ba1000000001
accept-ranges
bytes
content-type
jpg
21491-hVc8Uizv.png
main-p.agmcdn.com/offers/ Frame 2A07
3 KB
4 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/21491-hVc8Uizv.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19c83bd091eed6528d91f3230623610f12263d983748eb89e8456ff41030da61

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6581
cf-ray
63a2902248a32bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3164
x-amz-id-2
YuldXozcvHASBwqPigb3HZMe3ff0lOUKmx+aIo/CYUw5ir3LUZ1m/ZMc3O/D2Icd//vi6WgnJ00=
last-modified
Thu, 22 Mar 2018 13:40:17 GMT
server
cloudflare
etag
"62794225d67c61fac20ad717082573f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b%2Bg0yBOq9ZIPT%2FEoguLUtmDNPFTV%2FeZ%2FSDq2ETDHidgVrSAWgMFlru1m%2BF8Cycd0IjgN2%2FXrOE%2FPHJp6WDPe10txAgGCWt1qVmfwy21eBYbiBl%2F8OTqj9og8UDjxgQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
737B36EC5355FFDB
cache-control
max-age=432000
cf-request-id
093978696d00002bce95ada000000001
accept-ranges
bytes
content-type
image/png
1613580417599.gif
main-p.agmcdn.com/offers/ Frame 2A07
189 KB
190 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1613580417599.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91f960611508b199cef031bf17d41761dbdbb33c48ffbc2243e2d9a7736de42d

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5488
cf-ray
63a2902248a42bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
193459
x-amz-id-2
eqijDxI3Hv4Y5ytcifFSEyDAHLC9yUmb1utvnW68SeRSJ0aJLb1jfM/o8xJZVBxL+hvx6Lhp0uw=
last-modified
Wed, 17 Feb 2021 16:46:58 GMT
server
cloudflare
etag
"9a9180e60ccfd01c1fdf7adc8e64b8f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q0A%2FQjYPyxXIGuQws%2BKUpAkMAHhsC7R2TtTX%2FXV7A9%2BhVCi5%2Bqjt21gh%2FMpqgEzUzAB8QVLzs%2FnMp%2FdKrD7mZnZrcP9UtAcMqYWrh%2Bz3LwKrHOL6RJugPOaRrw0DSg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
DA4AE0E14EB9CAFB
cache-control
max-age=432000
cf-request-id
093978696d00002bce8aaa0000000001
accept-ranges
bytes
content-type
image/gif
1614031956837.gif
main-p.agmcdn.com/offers/ Frame 2A07
30 KB
30 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1614031956837.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3044fce71db21299e068cec1056281cbba36a820d247231e1fe01272adf8acf0

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4942
cf-ray
63a2902248a52bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30578
x-amz-id-2
imI+98eHLS+yzvVmQGOIVgDMDvdUK7ff2zliNd/+pZmUYZ2UL0jO83TPBH9bkyNOoEs+d85H114=
last-modified
Mon, 22 Feb 2021 22:12:39 GMT
server
cloudflare
etag
"9d3c9635e75118f7903e5ee6c3fbbc60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=k2crN0n%2B1orJuaX%2Bi5tKzq%2FwpKFJFGKFxcOgg%2Bh0TU9HvVSJfBOCDGcZ%2FySlhFN9TjDDpPzUNRQJwApOhTtWA5gn%2BM277N4mvIuq79avWnEc4RqOsgS6mx%2BtmvjbKA%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
5CAA9F1BAF96EBEE
cache-control
max-age=432000
cf-request-id
093978696d00002bcef9aeb000000001
accept-ranges
bytes
content-type
image/gif
1559315455478.gif
main-p.agmcdn.com/offers/ Frame 2A07
104 KB
104 KB
Image
General
Full URL
https://main-p.agmcdn.com/offers/1559315455478.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:56ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42a10ff3b440212dabf7d8e4da5954c7995a5f9610b465ae52a447d3fc15cf5c

Request headers

Referer
https://wall.adgaterewards.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:14:58 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6879
cf-ray
63a2902248a62bce-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
105992
x-amz-id-2
SHzdxp4BZk0PPf6zmRlJC9a+yviTAbDZ6Od0JPnir4uRw1Ua61S/QhrlfsTH7iTOnIwGjWXk9+g=
last-modified
Fri, 31 May 2019 15:10:56 GMT
server
cloudflare
etag
"43c30170783909a3d6660493e868f0e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Hrc76xbZVtxBP58RWvhIBIZIehNdKnqOD7gIdftJYTnXIHl%2Fh6Tdhg3fP1Vucle6aYSUHmyRw2E1Rnv7FGmrQZYt%2B8Lw20kK06YQ7X0U6595%2FUDn%2FGbymVSz2aFzQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-request-id
9961CBC7190EB772
cache-control
max-age=432000
cf-request-id
093978696d00002bcef13c5000000001
accept-ranges
bytes
content-type
image/gif
json
trc.taboola.com/tagadamedia-primolotto/trc/3/
67 KB
18 KB
XHR
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/trc/3/json?tim=15%3A15%3A02.138&lti=deflated&data=%7B%22id%22%3A191%2C%22ii%22%3A%22%2Fgrid%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1617269446397%2C%22vi%22%3A1617455702136%2C%22cv%22%3A%2220210331-18-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.primolotto.com%2Fgrid%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CPEFCcsPEFCcsAHABBENBTCgAAAAAH_AAAqIAAAPVAJMNS-ACzEscGSaNKoUQIQriQ6AUAFFCMLRNYQMrgp2VwEeoIGACA1ARgRAgxBRiwCAAACAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignkrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAD_gAAAAA%22%2C%22gwto%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2274%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22thumbnails-footer%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A1073%2C%22mw%22%3A1046%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
634768c08b65043075a5516f23916b5da1ca08a70e74a227469c8ebaf89b6898

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
372
date
Sat, 03 Apr 2021 13:15:02 GMT
content-encoding
gzip
server
nginx
x-timer
S1617455702.146930,VS0,VE372
x-served-by
cache-hhn11567-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.primolotto.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
78aES2K9e_BQ1VejaFN0QXuuayHCrT6B
content-encoding
gzip
etag
"1da06556d096c84420c24cf4a174b8a5"
age
12648
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4389
x-amz-id-2
4A+/J8t46ZKZGzFzdb/QhVEKdIUcR+8MZCEuIsvts/b+7Hbvf62NSHbmgt0ueUMSH7pPLFEUfH4=
x-served-by
cache-hhn11567-HHN
last-modified
Wed, 31 Mar 2021 09:42:57 GMT
server
AmazonS3
x-timer
S1617455703.539231,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
341P01PHBEB1FEV8
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
0
x-cache-hits
124484
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
3 KB
997 B
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FyU75WazRsiEew8mV1P.ejYIF3IEfCEj
content-encoding
gzip
etag
"fa3c5d1be5ff23d2bbc39878e37cc0ec"
age
28764
x-cache
HIT
x-amz-replication-status
PENDING
content-length
749
x-amz-id-2
LVE8qTvwfCxeC3NEx0CNSwsj4LRwavLtjH5yjqrCvt1Jm57Ii3MttY9SLn6IyEMjYbdDAmuLaUU=
x-served-by
cache-hhn11567-HHN
last-modified
Wed, 17 Mar 2021 13:13:46 GMT
server
AmazonS3
x-timer
S1617455703.539342,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
S946DT5J2F1RHZRP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
0
x-cache-hits
511104
floating-unit.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
7 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
861375dce385e0242f081d8059a7bf42befa2f12d712497ee83d025d85c83d45

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ReBg7ClJDBXhHIr7Jh2VM24NqxJhpfea
content-encoding
gzip
etag
"704e7aa207059fcbe214611e5df0827f"
age
101
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2293
x-amz-id-2
Mp1hDLLP1qp1DupRh91zH8wjrBHzjV31Z7CUrtGKRh54DVsC+i9PTgGMPBJwMRoTiDWnoali1WI=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:27:53 GMT
server
AmazonS3
x-timer
S1617455703.541805,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
MDYJHCTSRXNEEVJ5
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
47
tb
15.taboola.com/
4 KB
3 KB
XHR
General
Full URL
https://15.taboola.com/tb?oid=15&pubnm=tagadamedia-primolotto&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails&uuip=Feed%20-%20Below%20Article%20Thumbnails&cisrf=&cirf=https%3A%2F%2Fwww.primolotto.com%2Fgrid&encoded=1&uid=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback1&cb=1617455702539&tagid=&cntry=DE&platform=1&sesid=f59f4899e6aff3061d10daee8ad23630&itemid=/grid&viewid=1617455702136&geolat=&geoing=&deviceifa=&appid=&sd=&ri=c68e50710ef2c128d46e251966c0d842&appname=&cdb=CPEFCcsPEFCcsAHABBENBTCgAAAAAH_AAAqIAAAPVAJMNS-ACzEscGSaNKoUQIQriQ6AUAFFCMLRNYQMrgp2VwEeoIGACA1ARgRAgxBRiwCAAACAJCIgJADwQCIAiAQAAgBUgIQAEbAILACwMAgAFANCxAigCECQgyOCo5TAgIkWignkrAEou9jTCEMosAKBR_RUYCJUggWBkAAA.YAAAD_gAAAAA&gdprApplies=true&rid=&sii=-5698045850605719970&oee=true&tpubid=1080514&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE&hasGDPRConsent=false&tcfVersion=2&cmpStatus=0&tnetid=1047657&prcnt=&layer=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5a4bf58503b853027f1b7178bfb98140cd8a36790d35376e0685d5f808fed473

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 03 Apr 2021 13:15:02 GMT
content-encoding
gzip
access-control-allow-origin
https://www.primolotto.com
machineid
1450
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-hhn11567-HHN
pragma
no-cache
server
nginx
x-timer
S1617455703.546065,VS0,VE11
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
via
1.1 varnish
expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://am-wf.taboola.com>; rel=preconnect
x-cache-hits
0
feed-card-placeholder.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa7f4b86e4ecf4f563bb5d3b7873fff7f76d79c509a468d80b8cf73343c242b4

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zPKczUg8FtIcCQP898bprQ_na09rTxiK
content-encoding
gzip
etag
"eb921b5a956ecba0291cd94b0f33a800"
age
102
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1269
x-amz-id-2
VkzXw4n+Qlj7jNrgE+XRXM0wnhnB56b5kBSRn2G9f9NlZO4w7iymZx6BttfhxQUrRybrAQy0hko=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:28:00 GMT
server
AmazonS3
x-timer
S1617455703.549661,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
00KT4KHE71AM56EX
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
568
userx.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
23 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1defca322a57dbf6fed8f797e91c03fc7036b884b1f32f2932c93fc7cde6a607

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OZqFSM3teoSTt4scU6AXm2YW2LuJTx_N
content-encoding
gzip
etag
"a0dc960c4f751bc91de70fae4da2ef14"
age
98
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7856
x-amz-id-2
z4bzNqorUX5Taar7poL02i72shZAyLSmM4vHj1hySDQVsanRd9yyVfdKaBG2c6XRQY67J6OQ+ZI=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:27:30 GMT
server
AmazonS3
x-timer
S1617455703.560600,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
XM1P82T7PW267RBW
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
142
explore-more.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
18 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83ab9d1975ce2a57b6d73d1dbd6b982890ee2e5c360c3d3ee6bd2bd8d4c78d83

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
J_StDMm1jv12ja5nQ_B3.cxTU1bodzM4
content-encoding
gzip
etag
"607a9ae36e10ce3d08d2b23375572b59"
age
66
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6620
x-amz-id-2
rLD7Zg40RlADF2muhHslvqTVGxG0FH5VMJ6FyXLDyzbydFivCYPgq6TvzDU7VfSPQxibDbtIyPg=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:28:03 GMT
server
AmazonS3
x-timer
S1617455703.576643,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
7JSTT4VNZF4VSCSB
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
110
supply-feature
trc.taboola.com/tagadamedia-primolotto/log/3/
0
267 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/supply-feature?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=15%3A15%3A02.537&id=1213&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.594727,VS0,VE8
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=15%3A15%3A02.581&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&id=8584&cv=20210331-18-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
server
nginx
x-fastly-to-nlb-rtt
14447
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.34.201:10213
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=15%3A15%3A02.583&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-y-em-delta&id=5304&cv=20210331-18-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
server
nginx
x-fastly-to-nlb-rtt
14447
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.40.0.134:10213
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
276 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=15%3A15%3A02.585&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&id=2751&cv=20210331-18-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
server
nginx
x-fastly-to-nlb-rtt
14447
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.22.84:10213
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
age
110
via
1.1 varnish
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
NEmU1ZLGBivh17attqjutVeDItpvUZXBnAqIjCXHVmq+ljcnqasABW9FxsaZow932JBDe4UzNuo=
x-served-by
cache-hhn11567-HHN
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1617455703.595430,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
11HNEHRPNXTPWD7Z
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/svg+xml
access-control-allow-headers
*
abp
0
x-cache-hits
272
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/1.4.0/
80 KB
24 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/1.4.0/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront), 1.1 varnish
age
2470222
x-cache
Hit from cloudfront, HIT
content-encoding
gzip
content-length
23966
x-served-by
cache-hhn11567-HHN
last-modified
Tue, 31 Mar 2020 13:14:35 GMT
server
AmazonS3
x-timer
S1617455703.608635,VS0,VE0
etag
"9284c0ece401137f8f576e2e3ba9e6c1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
fgdDBrZQGy7sVYbEYeSo7MrUShcOJFr-FBtz0J4kiaiuPLgS-7p86w==
x-cache-hits
45175
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
68 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22animated_story%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1617455702621%7D&tim=15%3A15%3A02.621&id=1817&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.627557,VS0,VE9
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
55 KB
56 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
25c321fdeff70d896eb1eb9b19d133ac0bed4ee7c9757d154878b89664360b97

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1012857
edge-cache-tag
302479151993994568927198867523656057236,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length
56536
x-request-id
498b14e77cdf78ad5ed966bb51d4fb25
x-backend-name
fastlyshield--shield_cache_dca17735_DCA
last-modified
Mon, 22 Mar 2021 17:18:40 GMT
server
cloudinary
x-timer
S1617455703.639965,VS0,VE0
etag
"17bdbeedce4d009d4babce04d1b6f884"
x-served-by
cache-wdc5559-WDC, cache-dca17735-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 58
a940a7cc56071c6ca38fc4c34569e834.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1e4a168390ea66a6b9a16df30c6fef0c943404a1c25fabc159a51bf0fb77a7c8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3898935
edge-cache-tag
410891002735770969283850878468202153166,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Tue, 09 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
content-length
26881
x-served-by
cache-dca17738-DCA, cache-dca17735-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17735_DCA
last-modified
Sat, 06 Feb 2021 08:15:40 GMT
server
cloudinary
x-timer
S1617455703.639943,VS0,VE1
etag
"58643b20648c41ac3a9a6ab97dcaca5e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2367628e4db4d1989db627d24644950f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5ada45480d40f3d71ca3fb47f2a14d2b755456978dbf5a16c6bab554c80542b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
210877
edge-cache-tag
560952082588307530373478635776183580204,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
content-length
25848
x-served-by
cache-dca17734-DCA, cache-dca17723-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17723_DCA
last-modified
Tue, 02 Mar 2021 13:48:51 GMT
server
cloudinary
x-timer
S1617455703.639963,VS0,VE1
etag
"07e92b3ae82d9b30157743daa5628301"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
47b17b2f8278eb7a3cea40991dba329b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
130 KB
131 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a1857176302e9cc89102f04503bf4b2fcc17e3935a12eb319b66468e33ba9f80

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2105339
edge-cache-tag
506457124904231911538684922565345591831,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
content-length
133137
x-served-by
cache-wdc5575-WDC, cache-dca17772-DCA, cache-hhn11567-HHN
last-modified
Thu, 04 Mar 2021 10:10:53 GMT
server
cloudinary
x-timer
S1617455703.639978,VS0,VE1
etag
"23a8b1765ef4a53a4321affbc595b10e"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0f24f42963b8d3d16100583319de7cc393ec95e283a732aa23adb0b9df9813d5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2683388
edge-cache-tag
425801378762179973494883324893306690491,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 24 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
content-length
20824
x-served-by
cache-dca17768-DCA, cache-dca17734-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17734_DCA
last-modified
Sun, 21 Feb 2021 11:55:31 GMT
server
cloudinary
x-timer
S1617455703.639920,VS0,VE1
etag
"72223cdb566c8d5306593403bc06eab3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
88722f7968c78d0ca9c4954f727edf19.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
31 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88722f7968c78d0ca9c4954f727edf19.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b11c5230fdce057bb5ebeb6900ea539897ceca694232f5beacf2eb503d6882be

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
360484
edge-cache-tag
328523411518517619580317740566410988770,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88722f7968c78d0ca9c4954f727edf19.png
content-length
30922
x-served-by
cache-dca17762-DCA, cache-dca17781-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17781_DCA
last-modified
Tue, 02 Mar 2021 05:42:37 GMT
server
cloudinary
x-timer
S1617455703.640053,VS0,VE1
etag
"08eb1a194a1ddf9405b37a84b77af201"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
7ed9384111280ed707c5b749feafebca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
23 KB
24 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ed9384111280ed707c5b749feafebca.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5bb6e3ec1307e4105ec8d138fccedb2a9ab0ed6a62dbc10de1721f1c3b4aa227

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1185349
edge-cache-tag
355918727765860482042918501108758764170,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 03 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ed9384111280ed707c5b749feafebca.jpg
content-length
23839
x-served-by
cache-dca17722-DCA, cache-dca17727-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17727_DCA
last-modified
Wed, 03 Mar 2021 15:43:05 GMT
server
cloudinary
x-timer
S1617455703.650576,VS0,VE1
etag
"50e965610eb831d02be008cae9185563"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
5dde6d951a50cd066a5dd37c3e57050a.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5dde6d951a50cd066a5dd37c3e57050a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9796cccb1fb69a252f04afdcabb9f4e0a437d87213f8617d90e9c56ffe4b9d7f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
202425
edge-cache-tag
539234573559035707578243152623424059327,338848012102976433221236059758866112134,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 11 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5dde6d951a50cd066a5dd37c3e57050a.jpg
content-length
21097
x-served-by
cache-dca17780-DCA, cache-dca17729-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17729_DCA
last-modified
Thu, 11 Mar 2021 09:16:20 GMT
server
cloudinary
x-timer
S1617455703.650745,VS0,VE1
etag
"4dbcc54b749d7423d8d29a6b8570478a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d45b3a9deb16d8edb459906a969c8948aa8a211d37a9af0ec370145f959c0bf4

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
565309
edge-cache-tag
349378007093772544449862418486176033690,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
content-length
20888
x-request-id
01a15f0cd052782fc10004ba3a835b3d
x-backend-name
fastlyshield--shield_cache_dca17765_DCA
last-modified
Sat, 27 Feb 2021 22:07:57 GMT
server
cloudinary
x-timer
S1617455703.650741,VS0,VE0
etag
"d1a9ffa85ad4a3b476a0849434aa7bb2"
x-served-by
cache-dca17772-DCA, cache-dca17765-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
1094963710__d4CWL1iV.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1094963710__d4CWL1iV.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
99c4cddd50827808ecd5b27b576e29f647138ca7717fbb03dcdd25129bdb0416

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
355955
edge-cache-tag
506116494555659855850587701211678851910,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1094963710__d4CWL1iV.jpg
content-length
21772
x-request-id
b08d934f8b58ba0a6ea8c604756462be
x-backend-name
fastlyshield--shield_cache_dca12925_DCA
last-modified
Mon, 29 Mar 2021 16:19:53 GMT
server
cloudinary
x-timer
S1617455703.652447,VS0,VE0
etag
"0940c6c841c452e32bd32982b4495507"
x-served-by
cache-dca17766-DCA, cache-dca12925-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 19
TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
19e22027cf760674d2d0aebb7cdb99001527af2bfa8bf3034e53765eacf0fe9c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1134501
edge-cache-tag
494662383250422263618241524490352602534,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 08 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
content-length
8669
x-served-by
cache-dca17753-DCA, cache-dca17769-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17769_DCA
last-modified
Mon, 08 Mar 2021 07:25:18 GMT
server
cloudinary
x-timer
S1617455703.657410,VS0,VE1
etag
"a80f1cb1ac1b94f798873105da142dc1"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
1246943486__z3kOGbDb.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
29 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1246943486__z3kOGbDb.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
febce705449f65a7ae0a697705684c615005552560d8bec08bb8b08674f0c836

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3431908
edge-cache-tag
631019966757027087423363094708805189951,495096208016477213552032429393292319971,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1246943486__z3kOGbDb.jpg
content-length
29441
x-served-by
cache-dca17735-DCA, cache-dca17743-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17743_DCA
last-modified
Thu, 04 Feb 2021 10:27:05 GMT
server
cloudinary
x-timer
S1617455703.658273,VS0,VE0
etag
"3f01305ae46cd97340e3537b956fd3a8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
5eee4fe090a1d180f2afd94bd3635d27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eee4fe090a1d180f2afd94bd3635d27.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
cb8548af0507dcee282d26b77e74fa9a125816da358c78e0edb0a51af62a5442

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1622568
edge-cache-tag
445388319310074360313678203481020615376,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eee4fe090a1d180f2afd94bd3635d27.jpg
content-length
13590
x-served-by
cache-wdc5521-WDC, cache-dca17751-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17751_DCA
last-modified
Thu, 04 Mar 2021 10:39:04 GMT
server
cloudinary
x-timer
S1617455703.664624,VS0,VE1
etag
"af0a1e596e6dbb5cf2b5d36035f8152b"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
45875d056483d54313bb40f9bb1eb3e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
17 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45875d056483d54313bb40f9bb1eb3e1.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
72d2ded206a0362620261f23b368f2254b53b83dc83cf48b5cc941f0119d63bc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1410331
edge-cache-tag
320540904094012805405726035641903581999,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45875d056483d54313bb40f9bb1eb3e1.png
content-length
17400
x-served-by
cache-dca17720-DCA, cache-dca17722-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17722_DCA
last-modified
Thu, 04 Mar 2021 07:34:43 GMT
server
cloudinary
x-timer
S1617455703.664606,VS0,VE1
etag
"bed2876a50b8b90b2a7909d31fc0fac4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d107e2cd0da4d05bc2e3f3a31561bb5797ebee60069cfacfb364f775c1ed0656

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
441990
edge-cache-tag
343428097885865995397772189077046093457,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
content-length
30318
x-request-id
c3193111bf5936f59bb3982c0beb49fe
x-backend-name
fastlyshield--shield_cache_dca17730_DCA
last-modified
Mon, 29 Mar 2021 10:06:37 GMT
server
cloudinary
x-timer
S1617455703.664567,VS0,VE1
etag
"c267140b5ccaa844c568bbfbf979af32"
x-served-by
cache-dca17759-DCA, cache-dca17730-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
1ef76dae1268aad708c21fef0705bbf6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef76dae1268aad708c21fef0705bbf6.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f755de0d436fac042fe6b369c29b416c4cf3f49ba4b6dfe22beb4c6a93dab034

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1289434
edge-cache-tag
455027293606458570288736528954472633839,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef76dae1268aad708c21fef0705bbf6.jpeg
content-length
20868
x-served-by
cache-dca17753-DCA, cache-dca17744-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17744_DCA
last-modified
Thu, 04 Mar 2021 00:34:19 GMT
server
cloudinary
x-timer
S1617455703.664574,VS0,VE1
etag
"969b273f8c7537c0b3957e24b7515dc6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
72880f440b6ba0112431d9e67ccfadfa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72880f440b6ba0112431d9e67ccfadfa.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f4a892758991f4f7f9634a79d7a099b5de134c2debe4f7a791ffacd353634fb3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1663399
edge-cache-tag
629209398523125182868789843164481460898,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 10 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72880f440b6ba0112431d9e67ccfadfa.jpg
content-length
32497
x-served-by
cache-dca17749-DCA, cache-dca17775-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17775_DCA
last-modified
Wed, 10 Mar 2021 16:24:26 GMT
server
cloudinary
x-timer
S1617455703.666500,VS0,VE1
etag
"97ba67fe6902798052eca3e8b00d0bc4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
589e33216d742ef7c36ad627e2a8a779.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/589e33216d742ef7c36ad627e2a8a779.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b69d76595dd16f7151533f0c6a97ab226e5915644a7856d7971e98aca312cedc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
433452
edge-cache-tag
393555317054778643000865268862173500353,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/589e33216d742ef7c36ad627e2a8a779.jpg
content-length
25448
x-request-id
651d6fc0a577769d6580672b083ef37e
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17721_DCA
last-modified
Tue, 23 Mar 2021 14:03:48 GMT
server
cloudinary
x-timer
S1617455703.668369,VS0,VE1
etag
"9e78aea9ee7001474e9aab76013d052e"
x-served-by
cache-dca17783-DCA, cache-dca17721-DCA, cache-hhn11567-HHN
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
9d30a90dcef73f282a504ea461a53b35.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
63 KB
63 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d30a90dcef73f282a504ea461a53b35.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
13b3481e73acfd2e79c2d51e120101c2659f51adeab0cf6d47f0747471e057e2

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2600969
edge-cache-tag
494238936561265763502256852825152019559,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d30a90dcef73f282a504ea461a53b35.jpg
content-length
64200
x-served-by
cache-dca17755-DCA, cache-dca17782-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17782_DCA
last-modified
Wed, 10 Feb 2021 20:25:40 GMT
server
cloudinary
x-timer
S1617455703.677390,VS0,VE0
etag
"26e14d44b43535f689de15c3c4f79314"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 49
46ef22c679da56a548add8dd900dd39e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/
132 KB
132 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/46ef22c679da56a548add8dd900dd39e.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
3aeacf2f2918c1af0af240603a62e7a4a458c9a98ebfd9216eb9de5f9e906a3c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
438111
edge-cache-tag
471486614425122233880365651885541200806,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/46ef22c679da56a548add8dd900dd39e.jpeg
content-length
135132
x-request-id
22cac40ac06e2672f632932414c41784
x-backend-name
fastlyshield--shield_cache_dca17726_DCA
last-modified
Mon, 29 Mar 2021 11:10:50 GMT
server
cloudinary
x-timer
S1617455703.677388,VS0,VE1
etag
"6692dab556394b85cfab73af0cb167ea"
x-served-by
cache-dca17769-DCA, cache-dca17726-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1
308fe21bdd22894ed084a3caa028c871.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/308fe21bdd22894ed084a3caa028c871.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
80241d7a8783b4eca269b072ba1beda80dd63d16e65d972aed0081f603affbe2

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2342004
edge-cache-tag
448708690954280335381354953151495613255,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 27 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/308fe21bdd22894ed084a3caa028c871.jpg
content-length
12236
x-served-by
cache-dca17743-DCA, cache-dca17768-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17768_DCA
last-modified
Wed, 24 Feb 2021 05:30:08 GMT
server
cloudinary
x-timer
S1617455703.677356,VS0,VE1
etag
"82d2dc9c83a55bf01603f8bf6b405423"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ae85ed2dbaf0dd69b244a109de885497.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
19 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae85ed2dbaf0dd69b244a109de885497.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
47c3df021d31abb0318c3eaf656eff7d4227987201ecfe3fe24d083d18e2d6b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2688822
edge-cache-tag
602490589889382993155124693621330545851,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae85ed2dbaf0dd69b244a109de885497.jpg
content-length
19447
x-served-by
cache-dca17725-DCA, cache-dca17734-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17734_DCA
last-modified
Thu, 04 Feb 2021 14:12:35 GMT
server
cloudinary
x-timer
S1617455703.677618,VS0,VE0
etag
"9963990f14e37239762bccdbfe30ca51"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 13
01b360ef1ecd94a1d37ccb82d220506f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b360ef1ecd94a1d37ccb82d220506f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c2837626e084af17f6f41d4468088514cb6df0fe95592e6edde33a7216983f16

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1572167
edge-cache-tag
299805503989852990819055057840535014946,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b360ef1ecd94a1d37ccb82d220506f.png
content-length
22223
x-request-id
2e96678228d2ac51b2c9555c38239da5
x-backend-name
fastlyshield--shield_cache_dca17754_DCA
last-modified
Thu, 11 Mar 2021 14:39:59 GMT
server
cloudinary
x-timer
S1617455703.677612,VS0,VE0
etag
"aaa414ba17ca5195ef681002da0f7ec9"
x-served-by
cache-dca17757-DCA, cache-dca17754-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 492
prize-132-1589895126.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/
53 KB
54 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
31b4bf1bcd4c2a2031b46de44765a786aa36318344b4e6424a96a618410a16b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
306230
edge-cache-tag
358866144034612477154796702909255614674,308988584250984091245729376248888710740,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Mon, 12 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imgs.tagadamedia.com/primolotto/prod/prize/prize-132-1589895126.png
content-length
54365
x-served-by
cache-dca17728-DCA, cache-dca17757-DCA, cache-hhn11567-HHN
last-modified
Fri, 12 Mar 2021 11:28:23 GMT
server
cloudinary
x-timer
S1617455703.677647,VS0,VE1
etag
"c968b6dd28ac474963a2a0b3cf803622"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
167 KB
168 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0b43bd40d74098e052d32cded765afc2319e2ea620137c3532cf8754bf15b595

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1015046
edge-cache-tag
302479151993994568927198867523656057236,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length
171188
x-request-id
5977c9751f0baf63e3d4f8a1d55b9811
x-backend-name
fastlyshield--shield_cache_dca12926_DCA
last-modified
Mon, 22 Mar 2021 17:18:40 GMT
server
cloudinary
x-timer
S1617455703.690840,VS0,VE0
etag
"9d84e931889f413f949d1971ced68f9e"
x-served-by
cache-dca17737-DCA, cache-dca12926-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 3
a940a7cc56071c6ca38fc4c34569e834.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
75 KB
76 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
15c79df902419d2668f5ceaaf494d5611374d5aaacab744a695f5327d5826e07

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1139918
edge-cache-tag
410891002735770969283850878468202153166,475000658346574341699039966618312097677,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Tue, 13 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
content-length
77163
x-served-by
cache-dca17725-DCA, cache-dca17733-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17733_DCA
last-modified
Sat, 13 Mar 2021 15:47:33 GMT
server
cloudinary
x-timer
S1617455703.690811,VS0,VE1
etag
"f5e9b88621953b6ca2c5f19714b334ca"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2367628e4db4d1989db627d24644950f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
63a16e7a25b4a9debb3e1a4a67ac421d8c72135e4b1691b2ca95c931fc15e324

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2841017
edge-cache-tag
560952082588307530373478635776183580204,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 06 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
content-length
25029
x-served-by
cache-dca17762-DCA, cache-dca17777-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17777_DCA
last-modified
Wed, 03 Feb 2021 17:58:39 GMT
server
cloudinary
x-timer
S1617455703.690821,VS0,VE1
etag
"8bf304ddb8cb80e78cba3b56f0e5eedc"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
47b17b2f8278eb7a3cea40991dba329b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
73 KB
73 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
8a3bfd24b6743d2d34866574b9a10605a582eccbfae19b806c57ca4ce057e08d

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
376243
edge-cache-tag
506457124904231911538684922565345591831,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 15 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
content-length
74472
x-served-by
cache-dca17731-DCA, cache-dca17766-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17766_DCA
last-modified
Mon, 15 Mar 2021 18:51:30 GMT
server
cloudinary
x-timer
S1617455703.690814,VS0,VE1
etag
"e1ec5ada5b63fad3bb2646b7400c3b69"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
290 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~1759986073959160151~~K_ziPWRrwaK9g%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.42%5C%22%2C%5C%22event%5C%22%3A%5C%22disable_custom%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%201%5C%22%7D%22%2C%22eventTime%22%3A1617455702654%7D&tim=15%3A15%3A02.655&id=1866&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.664614,VS0,VE9
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
79 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22disable_custom%22%2C%22eventTime%22%3A1617455702655%7D&tim=15%3A15%3A02.655&id=224&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.666310,VS0,VE9
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
60 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22CTA%22%2C%22type%22%3A%22%7B%5C%22itemId%5C%22%3A%5C%22~~V1~~1759986073959160151~~K_ziPWRrwaK9g%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-branding%5C%22%2C%5C%22version%5C%22%3A%5C%221.0.42%5C%22%2C%5C%22event%5C%22%3A%5C%22enable_global%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%201%5C%22%7D%22%2C%22eventTime%22%3A1617455702655%7D&tim=15%3A15%3A02.655&id=1856&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.666447,VS0,VE8
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
abtests
trc.taboola.com/tagadamedia-primolotto/log/3/
0
61 B
Image
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/abtests?route=AM:AM:V&tvi2=4518&lti=deflated&ri=727a51165c0c206187836f0ae46d345c&sd=v2_f59f4899e6aff3061d10daee8ad23630_747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6_1617455702_1617455702_CNawjgYQwvlBGPjA_b6JLyABKAEwODib4wlA_4kQSOOG2ANQpuwQWAFgAGixr-m1yv33zq0B&ui=747bb85a-505f-4448-9bf4-9e4a415f39ce-tuct761efd6&pi=/grid&wi=-5698045850605719970&pt=text&vi=1617455702136&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-branding%22%2C%22type%22%3A%22enable_global%22%2C%22eventTime%22%3A1617455702655%7D&tim=15%3A15%3A02.655&id=7293&llvl=1&cv=20210331-18-RELEASE&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455703.666441,VS0,VE10
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
next-up-widget.20210331-18-RELEASE.es6.js
cdn.taboola.com/libtrc/
13 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20210331-18-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tagadamedia-primolotto/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdba216892b1a28445c4dcb4e500df8d13f9bfa15df303dba3689fb83121d822

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
venVhy7wTODEEjqsUxVLAjOeaDGI4x.O
content-encoding
gzip
etag
"6485206fff0de176ac5559396a6c9b92"
age
104
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4367
x-amz-id-2
UrgkyKi7eupCdNzg2bnW6BJ5a1e/TiC28xqo/iCClRJIYdoSKKczeDL8E6X5lTDRe2kmUzfrRTM=
x-served-by
cache-hhn11567-HHN
last-modified
Thu, 01 Apr 2021 09:27:51 GMT
server
AmazonS3
x-timer
S1617455703.664588,VS0,VE0
date
Sat, 03 Apr 2021 13:15:02 GMT
vary
Accept-Encoding
x-amz-request-id
E82WS7S98GQ732XC
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
0
x-cache-hits
42
ef84fc293d41224c184dbdcfd8c83181.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
55 KB
56 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
25c321fdeff70d896eb1eb9b19d133ac0bed4ee7c9757d154878b89664360b97

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1012857
edge-cache-tag
302479151993994568927198867523656057236,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ef84fc293d41224c184dbdcfd8c83181.jpg
content-length
56536
x-request-id
498b14e77cdf78ad5ed966bb51d4fb25
x-backend-name
fastlyshield--shield_cache_dca17735_DCA
last-modified
Mon, 22 Mar 2021 17:18:40 GMT
server
cloudinary
x-timer
S1617455703.683195,VS0,VE0
etag
"17bdbeedce4d009d4babce04d1b6f884"
x-served-by
cache-wdc5559-WDC, cache-dca17735-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 59
2367628e4db4d1989db627d24644950f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5ada45480d40f3d71ca3fb47f2a14d2b755456978dbf5a16c6bab554c80542b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
210877
edge-cache-tag
560952082588307530373478635776183580204,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2367628e4db4d1989db627d24644950f.png
content-length
25848
x-served-by
cache-dca17734-DCA, cache-dca17723-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17723_DCA
last-modified
Tue, 02 Mar 2021 13:48:51 GMT
server
cloudinary
x-timer
S1617455703.684344,VS0,VE0
etag
"07e92b3ae82d9b30157743daa5628301"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0f24f42963b8d3d16100583319de7cc393ec95e283a732aa23adb0b9df9813d5

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2683388
edge-cache-tag
425801378762179973494883324893306690491,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Wed, 24 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.gettyimages.com/photos/confident-attractive-man-looking-at-camera-modern-laptop-and-cup-of-picture-id1297787231%3Fb%3D1%26k%3D6%26m%3D1297787231%26s%3D170667a%26w%3D0%26h%3DzBBMKwZ5LcqUw7_EAjYq-4SfxiIUMBBArOnjprw8hMU%3D
content-length
20824
x-served-by
cache-dca17768-DCA, cache-dca17734-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17734_DCA
last-modified
Sun, 21 Feb 2021 11:55:31 GMT
server
cloudinary
x-timer
S1617455703.695101,VS0,VE0
etag
"72223cdb566c8d5306593403bc06eab3"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
88722f7968c78d0ca9c4954f727edf19.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
30 KB
31 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88722f7968c78d0ca9c4954f727edf19.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b11c5230fdce057bb5ebeb6900ea539897ceca694232f5beacf2eb503d6882be

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
360484
edge-cache-tag
328523411518517619580317740566410988770,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Fri, 02 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/88722f7968c78d0ca9c4954f727edf19.png
content-length
30922
x-served-by
cache-dca17762-DCA, cache-dca17781-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17781_DCA
last-modified
Tue, 02 Mar 2021 05:42:37 GMT
server
cloudinary
x-timer
S1617455703.695195,VS0,VE0
etag
"08eb1a194a1ddf9405b37a84b77af201"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
a940a7cc56071c6ca38fc4c34569e834.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
1e4a168390ea66a6b9a16df30c6fef0c943404a1c25fabc159a51bf0fb77a7c8

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3898935
edge-cache-tag
410891002735770969283850878468202153166,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Tue, 09 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a940a7cc56071c6ca38fc4c34569e834.jpg
content-length
26881
x-served-by
cache-dca17738-DCA, cache-dca17735-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17735_DCA
last-modified
Sat, 06 Feb 2021 08:15:40 GMT
server
cloudinary
x-timer
S1617455703.704471,VS0,VE0
etag
"58643b20648c41ac3a9a6ab97dcaca5e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
47b17b2f8278eb7a3cea40991dba329b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
130 KB
131 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
a1857176302e9cc89102f04503bf4b2fcc17e3935a12eb319b66468e33ba9f80

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2105339
edge-cache-tag
506457124904231911538684922565345591831,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/47b17b2f8278eb7a3cea40991dba329b.jpg
content-length
133137
x-served-by
cache-wdc5575-WDC, cache-dca17779-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17779_DCA
last-modified
Thu, 04 Mar 2021 10:10:53 GMT
server
cloudinary
x-timer
S1617455703.704557,VS0,VE1
etag
"23a8b1765ef4a53a4321affbc595b10e"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
7ed9384111280ed707c5b749feafebca.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
23 KB
24 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ed9384111280ed707c5b749feafebca.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
5bb6e3ec1307e4105ec8d138fccedb2a9ab0ed6a62dbc10de1721f1c3b4aa227

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1185349
edge-cache-tag
355918727765860482042918501108758764170,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 03 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ed9384111280ed707c5b749feafebca.jpg
content-length
23839
x-served-by
cache-dca17722-DCA, cache-dca17727-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17727_DCA
last-modified
Wed, 03 Mar 2021 15:43:05 GMT
server
cloudinary
x-timer
S1617455703.705011,VS0,VE0
etag
"50e965610eb831d02be008cae9185563"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
5dde6d951a50cd066a5dd37c3e57050a.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5dde6d951a50cd066a5dd37c3e57050a.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
9796cccb1fb69a252f04afdcabb9f4e0a437d87213f8617d90e9c56ffe4b9d7f

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
202425
edge-cache-tag
539234573559035707578243152623424059327,338848012102976433221236059758866112134,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 11 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_782,y_354/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5dde6d951a50cd066a5dd37c3e57050a.jpg
content-length
21097
x-served-by
cache-dca17780-DCA, cache-dca17729-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17729_DCA
last-modified
Thu, 11 Mar 2021 09:16:20 GMT
server
cloudinary
x-timer
S1617455703.704978,VS0,VE0
etag
"4dbcc54b749d7423d8d29a6b8570478a"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d45b3a9deb16d8edb459906a969c8948aa8a211d37a9af0ec370145f959c0bf4

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
565309
edge-cache-tag
349378007093772544449862418486176033690,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB646-hearing_aid_on_fingertips-1200x800_d0eba13891a6d546eed99ed05ec4977e.jpg
content-length
20888
x-request-id
01a15f0cd052782fc10004ba3a835b3d
x-backend-name
fastlyshield--shield_cache_dca17765_DCA
last-modified
Sat, 27 Feb 2021 22:07:57 GMT
server
cloudinary
x-timer
S1617455703.704961,VS0,VE0
etag
"d1a9ffa85ad4a3b476a0849434aa7bb2"
x-served-by
cache-dca17772-DCA, cache-dca17765-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 4
1094963710__d4CWL1iV.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1094963710__d4CWL1iV.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
99c4cddd50827808ecd5b27b576e29f647138ca7717fbb03dcdd25129bdb0416

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
355955
edge-cache-tag
506116494555659855850587701211678851910,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1094963710__d4CWL1iV.jpg
content-length
21772
x-request-id
b08d934f8b58ba0a6ea8c604756462be
x-backend-name
fastlyshield--shield_cache_dca12925_DCA
last-modified
Mon, 29 Mar 2021 16:19:53 GMT
server
cloudinary
x-timer
S1617455703.704945,VS0,VE0
etag
"0940c6c841c452e32bd32982b4495507"
x-served-by
cache-dca17766-DCA, cache-dca12925-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 20
TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
19e22027cf760674d2d0aebb7cdb99001527af2bfa8bf3034e53765eacf0fe9c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1134501
edge-cache-tag
494662383250422263618241524490352602534,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Thu, 08 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/b9476698-227d-4478-b354-042472d9181c/TB2039-old-woman-finger-HA_1000x600_1000x600_2d9cc9b0fe6f80258fa232922403292d.png
content-length
8669
x-served-by
cache-dca17753-DCA, cache-dca17769-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17769_DCA
last-modified
Mon, 08 Mar 2021 07:25:18 GMT
server
cloudinary
x-timer
S1617455703.717006,VS0,VE0
etag
"a80f1cb1ac1b94f798873105da142dc1"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
1246943486__z3kOGbDb.jpg
images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/
29 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1246943486__z3kOGbDb.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
febce705449f65a7ae0a697705684c615005552560d8bec08bb8b08674f0c836

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
3431908
edge-cache-tag
631019966757027087423363094708805189951,495096208016477213552032429393292319971,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_234,w_420,c_fill,g_xy_center,x_1063,y_792/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/SKP/1246943486__z3kOGbDb.jpg
content-length
29441
x-served-by
cache-dca17735-DCA, cache-dca17743-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17743_DCA
last-modified
Thu, 04 Feb 2021 10:27:05 GMT
server
cloudinary
x-timer
S1617455703.717384,VS0,VE0
etag
"3f01305ae46cd97340e3537b956fd3a8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 3
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=15%3A15%3A02.696&type=warn&msg=mode%20-%20blend-next-up-a%20has%20no%20config%20%3A-%20fallback%20-%20blend-next-up-a&id=8457&cv=20210331-18-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
server
nginx
x-fastly-to-nlb-rtt
13477
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.14.127:10213
debug
trc-events.taboola.com/tagadamedia-primolotto/log/2/
0
277 B
Image
General
Full URL
https://trc-events.taboola.com/tagadamedia-primolotto/log/2/debug?tim=15%3A15%3A02.696&type=error&msg=TRCRBox.loadScriptCallback%3A%20Mode%20name%20%27blend-next-up-a%27%20doesn%27t%20exist%20in%20configuration%20file%20&id=7532&cv=20210331-18-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 03 Apr 2021 13:15:02 GMT
server
nginx
x-fastly-to-nlb-rtt
13477
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
tbl-x-upstream
10.41.34.222:10213
5eee4fe090a1d180f2afd94bd3635d27.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eee4fe090a1d180f2afd94bd3635d27.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
cb8548af0507dcee282d26b77e74fa9a125816da358c78e0edb0a51af62a5442

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1622568
edge-cache-tag
445388319310074360313678203481020615376,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5eee4fe090a1d180f2afd94bd3635d27.jpg
content-length
13590
x-served-by
cache-wdc5521-WDC, cache-dca17751-DCA, cache-hhn11567-HHN
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17751_DCA
last-modified
Thu, 04 Mar 2021 10:39:04 GMT
server
cloudinary
x-timer
S1617455703.717372,VS0,VE0
etag
"af0a1e596e6dbb5cf2b5d36035f8152b"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
45875d056483d54313bb40f9bb1eb3e1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
17 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45875d056483d54313bb40f9bb1eb3e1.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
72d2ded206a0362620261f23b368f2254b53b83dc83cf48b5cc941f0119d63bc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1410331
edge-cache-tag
320540904094012805405726035641903581999,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/45875d056483d54313bb40f9bb1eb3e1.png
content-length
17400
x-served-by
cache-dca17720-DCA, cache-dca17722-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17722_DCA
last-modified
Thu, 04 Mar 2021 07:34:43 GMT
server
cloudinary
x-timer
S1617455703.717363,VS0,VE0
etag
"bed2876a50b8b90b2a7909d31fc0fac4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/
30 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d107e2cd0da4d05bc2e3f3a31561bb5797ebee60069cfacfb364f775c1ed0656

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
441990
edge-cache-tag
343428097885865995397772189077046093457,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/d166bdcc-25a7-46f9-9569-be6743c08c1c/iStock-135385082_1000x600_1000x600_d90557aaade53d602d545338327a1e7e.png
content-length
30318
x-request-id
c3193111bf5936f59bb3982c0beb49fe
x-backend-name
fastlyshield--shield_cache_dca17730_DCA
last-modified
Mon, 29 Mar 2021 10:06:37 GMT
server
cloudinary
x-timer
S1617455703.717332,VS0,VE0
etag
"c267140b5ccaa844c568bbfbf979af32"
x-served-by
cache-dca17759-DCA, cache-dca17730-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
1ef76dae1268aad708c21fef0705bbf6.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
20 KB
21 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef76dae1268aad708c21fef0705bbf6.jpeg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f755de0d436fac042fe6b369c29b416c4cf3f49ba4b6dfe22beb4c6a93dab034

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1289434
edge-cache-tag
455027293606458570288736528954472633839,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 04 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ef76dae1268aad708c21fef0705bbf6.jpeg
content-length
20868
x-served-by
cache-dca17753-DCA, cache-dca17744-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17744_DCA
last-modified
Thu, 04 Mar 2021 00:34:19 GMT
server
cloudinary
x-timer
S1617455703.718195,VS0,VE0
etag
"969b273f8c7537c0b3957e24b7515dc6"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
72880f440b6ba0112431d9e67ccfadfa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72880f440b6ba0112431d9e67ccfadfa.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f4a892758991f4f7f9634a79d7a099b5de134c2debe4f7a791ffacd353634fb3

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1663399
edge-cache-tag
629209398523125182868789843164481460898,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 10 Apr 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/72880f440b6ba0112431d9e67ccfadfa.jpg
content-length
32497
x-served-by
cache-dca17749-DCA, cache-dca17775-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17775_DCA
last-modified
Wed, 10 Mar 2021 16:24:26 GMT
server
cloudinary
x-timer
S1617455703.728276,VS0,VE0
etag
"97ba67fe6902798052eca3e8b00d0bc4"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
589e33216d742ef7c36ad627e2a8a779.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/589e33216d742ef7c36ad627e2a8a779.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b69d76595dd16f7151533f0c6a97ab226e5915644a7856d7971e98aca312cedc

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
433452
edge-cache-tag
393555317054778643000865268862173500353,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/589e33216d742ef7c36ad627e2a8a779.jpg
content-length
25448
x-request-id
651d6fc0a577769d6580672b083ef37e
x-backend-name
CLOUDINARY:fastlyshield--shield_cache_dca17721_DCA
last-modified
Tue, 23 Mar 2021 14:03:48 GMT
server
cloudinary
x-timer
S1617455703.728402,VS0,VE0
etag
"9e78aea9ee7001474e9aab76013d052e"
x-served-by
cache-dca17783-DCA, cache-dca17721-DCA, cache-hhn11567-HHN
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
9d30a90dcef73f282a504ea461a53b35.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
63 KB
63 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d30a90dcef73f282a504ea461a53b35.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
13b3481e73acfd2e79c2d51e120101c2659f51adeab0cf6d47f0747471e057e2

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2600969
edge-cache-tag
494238936561265763502256852825152019559,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 13 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9d30a90dcef73f282a504ea461a53b35.jpg
content-length
64200
x-served-by
cache-dca17755-DCA, cache-dca17782-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17782_DCA
last-modified
Wed, 10 Feb 2021 20:25:40 GMT
server
cloudinary
x-timer
S1617455703.728496,VS0,VE0
etag
"26e14d44b43535f689de15c3c4f79314"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 50
308fe21bdd22894ed084a3caa028c871.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/308fe21bdd22894ed084a3caa028c871.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
80241d7a8783b4eca269b072ba1beda80dd63d16e65d972aed0081f603affbe2

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2342004
edge-cache-tag
448708690954280335381354953151495613255,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sat, 27 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/308fe21bdd22894ed084a3caa028c871.jpg
content-length
12236
x-served-by
cache-dca17743-DCA, cache-dca17768-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17768_DCA
last-modified
Wed, 24 Feb 2021 05:30:08 GMT
server
cloudinary
x-timer
S1617455703.728467,VS0,VE0
etag
"82d2dc9c83a55bf01603f8bf6b405423"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
ae85ed2dbaf0dd69b244a109de885497.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
19 KB
20 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae85ed2dbaf0dd69b244a109de885497.jpg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
47c3df021d31abb0318c3eaf656eff7d4227987201ecfe3fe24d083d18e2d6b7

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
2688822
edge-cache-tag
602490589889382993155124693621330545851,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
expiration
expiry-date="Sun, 07 Mar 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ae85ed2dbaf0dd69b244a109de885497.jpg
content-length
19447
x-served-by
cache-dca17725-DCA, cache-dca17734-DCA, cache-hhn11567-HHN
x-backend-name
fastlyshield--shield_cache_dca17734_DCA
last-modified
Thu, 04 Feb 2021 14:12:35 GMT
server
cloudinary
x-timer
S1617455703.728637,VS0,VE0
etag
"9963990f14e37239762bccdbfe30ca51"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 14
01b360ef1ecd94a1d37ccb82d220506f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b360ef1ecd94a1d37ccb82d220506f.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
c2837626e084af17f6f41d4468088514cb6df0fe95592e6edde33a7216983f16

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
1572167
edge-cache-tag
299805503989852990819055057840535014946,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/01b360ef1ecd94a1d37ccb82d220506f.png
content-length
22223
x-request-id
2e96678228d2ac51b2c9555c38239da5
x-backend-name
fastlyshield--shield_cache_dca17754_DCA
last-modified
Thu, 11 Mar 2021 14:39:59 GMT
server
cloudinary
x-timer
S1617455703.728614,VS0,VE0
etag
"aaa414ba17ca5195ef681002da0f7ec9"
x-served-by
cache-dca17757-DCA, cache-dca17754-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 493
46ef22c679da56a548add8dd900dd39e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/
132 KB
133 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/46ef22c679da56a548add8dd900dd39e.jpeg
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
3aeacf2f2918c1af0af240603a62e7a4a458c9a98ebfd9216eb9de5f9e906a3c

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sat, 03 Apr 2021 13:15:02 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
438111
edge-cache-tag
471486614425122233880365651885541200806,392933856032853361833841845111496461250,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//native-images.s3.amazonaws.com/46ef22c679da56a548add8dd900dd39e.jpeg
content-length
135132
x-request-id
22cac40ac06e2672f632932414c41784
x-backend-name
fastlyshield--shield_cache_dca17726_DCA
last-modified
Mon, 29 Mar 2021 11:10:50 GMT
server
cloudinary
x-timer
S1617455703.739366,VS0,VE0
etag
"6692dab556394b85cfab73af0cb167ea"
x-served-by
cache-dca17769-DCA, cache-dca17726-DCA, cache-hhn11567-HHN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2
bulk
trc.taboola.com/tagadamedia-primolotto/log/3/
0
314 B
XHR
General
Full URL
https://trc.taboola.com/tagadamedia-primolotto/log/3/bulk?tvi2=4518&route=AM%3AAM%3AV&lti=deflated&bulkSize=15
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
18
pragma
no-cache
date
Sat, 03 Apr 2021 13:15:03 GMT
via
1.1 varnish
server
nginx
x-timer
S1617455704.626835,VS0,VE18
x-served-by
cache-hhn11567-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.primolotto.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
701 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.primolotto.com
URL: https://www.primolotto.com/grid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer
https://www.primolotto.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
20429
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by
cache-hhn11567-HHN
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1617455704.651348,VS0,VE0
date
Sat, 03 Apr 2021 13:15:03 GMT
x-amz-request-id
29D722C296265892
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
0
x-cache-hits
22852

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| tr_grid_is_validated string| tr_please_check_before_submit string| tr_not_enough_ticket string| tr_select_at_least_one string| tr_select_your_numbers_first string| tr_grid_not_entire object| Laravel function| jQuery function| $ function| moment object| app object| grid boolean| gdprAppliesGlobally function| __tcfapi object| _taboola object| _pcq function| gtag object| dataLayer string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi object| demandSupplyTc object| demandSupply object| apstag object| adsbygoogle object| dspbjs object| _app object| _c4d function| __easyMetaTagSqudata object| google_tag_manager object| TRC object| _tblConsole undefined| msg object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| _pc_loaded object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue object| _pc_u boolean| ecomEventsInit object| googletag object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| __tcfapiBuffer number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| didomiRemoteConfig string| didomiCountry object| didomiGeoRegulations object| gaplugins object| gaGlobal object| gaData function| easyMetaTag_HTML object| data boolean| _cookieTest object| CollectSet string| [eedmpact] function| eedmpdo function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| webVitals function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| webpackJsonpDidomi function| setImmediate function| clearImmediate object| Didomi object| didomiOnReady object| didomiEventListeners object| google_persistent_state_async object| didomiState function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState object| regeneratorRuntime number| taboola_view_id string| nam object| placementData number| _cm_wfCounter object| cmTag

9 Cookies

Domain/Path Name / Value
.primolotto.com/ Name: didomi_token
Value: eyJ1c2VyX2lkIjoiMTc4OTdkZjQtZDJiYy02MDA4LTgwZjQtM2FhY2FlMThkYjA5IiwiY3JlYXRlZCI6IjIwMjEtMDQtMDNUMTM6MTQ6NTcuMjMxWiIsInVwZGF0ZWQiOiIyMDIxLTA0LTAzVDEzOjE0OjU3LjIzMVoiLCJ2ZXJzaW9uIjpudWxsfQ==
.primolotto.com/ Name: _gat_gtag_UA_93113711_1
Value: 1
.primolotto.com/ Name: _ga
Value: GA1.2.1389203881.1617455697
www.primolotto.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Im55c0JtWVdvNXNNYXpsMW1RM3pMQlE9PSIsInZhbHVlIjoiZVozRFg4ZHRhQ0d3ck1jZTVNWU5neGhUVjBlTHhBdGN2Z2RjK3hwZlBISXF0OCtjbmFxV3R6ak5WSFBJNXdxNSIsIm1hYyI6IjYzNzc4NTc5ZjYwYTdmMzljNDFjMWQwMzdhNWUzYWE5OGMzNGY0MWM3ZmMyZGFjNTEwNzQ5MTQzOTM5NjY3YjgifQ%3D%3D
www.primolotto.com/ Name: AWSALBCORS
Value: +9ds+VheRABHQuzAP4bvnsCkl/3mUTOxyu8Zfst7j8E3xw5z5jyW43VqF5hG5Ju4Kjzy79b0Nsph7nCkMdNUafreaAs6bWgKtIl8FO6tcqIyoEVToic1ii82BcDm
.primolotto.com/ Name: _gid
Value: GA1.2.1750741269.1617455697
www.primolotto.com/ Name: AWSALB
Value: +9ds+VheRABHQuzAP4bvnsCkl/3mUTOxyu8Zfst7j8E3xw5z5jyW43VqF5hG5Ju4Kjzy79b0Nsph7nCkMdNUafreaAs6bWgKtIl8FO6tcqIyoEVToic1ii82BcDm
www.primolotto.com/ Name: laravel_session
Value: eyJpdiI6IjhqWGoxVzhVNmVTOFY5NWJsN2NyVmc9PSIsInZhbHVlIjoidEVvK0JTYXk4VTdjOFluUFYwbHlVMnkxc3BjT2YyUUZQSkVlckhmVEhNSWE5eXpVK2RJeEExclhsTW9iN216cCIsIm1hYyI6ImQ3MmU0ZDM1ZmJhNDQzYzc1MjI2NjMzZGQ2ZTllNzllOWNkYjQwYWJmMjk2OWJlYzY3Mzc0ZDMyNWMzYTdkMWUifQ%3D%3D
www.primolotto.com/ Name: remember_web_59ba36addc2b2f9401580f014c7f58ea4e30989d
Value: eyJpdiI6ImVVM1paS3AwamtkbGJXc2RqeVgxdFE9PSIsInZhbHVlIjoiQjZ4WlExM29NUmtFcDNHdDR0d2VJeithRlwvSU10R3diWW1Ha3UzbEtLajQ2UDUwUkJWOU9LNHI4Sk51SjhrUDFcL2x0Y0VNK1drb21rSHBhd0pYK3F4N2E2QmNKR1ZmUG01SWxLRWVBeEpOZ0Y1akxjT0hmeVBPUlh5ell1Q1pxTGYxdDQ5UTk2YWRjaXBsdGVQUjNMVjJ4ODhCMHRKSEJjOWVWQUdiNEpNQUlZVEhaamo3dk52YTdWVTJPVEk5TU8iLCJtYWMiOiJmMjgzOTRkMjA2OWIyZGUwNDIxMmM2YjI0YjhlOTg4ZTU5MjM5MmM0N2JkMjc0MzFmMjUzZThmZTU3MDBlMDVjIn0%3D

6 Console Messages

Source Level URL
Text
console-api warning URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js(Line 222)
Message:
AdSense head tag doesn't support data-vendor attribute.
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01-b-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-01-y-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js(Line 3)
Message:
Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbs-feed-y-em-delta
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js(Line 3)
Message:
mode - blend-next-up-a has no config :- fallback - blend-next-up-a
console-api log URL: https://cdn.taboola.com/libtrc/impl.20210331-18-RELEASE.js(Line 3)
Message:
TRCRBox.loadScriptCallback: Mode name 'blend-next-up-a' doesn't exist in configuration file

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
api.demand.supply
api.privacy-center.org
asset.easydmp.net
c.amazon-adsystem.com
cdn.pushcrew.com
cdn.taboola.com
cdnjs.cloudflare.com
dpm.demdex.net
dpm.zebestof.com
e.viously.com
ejp.rlcdn.com
ew3.io
fonts.googleapis.com
getviously.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
images.taboola.com
imgs.tagadamedia.com
live.demand.supply
main-p.agmcdn.com
p.crm4d.com
pagead2.googlesyndication.com
pixel.mathtag.com
sdk.privacy-center.org
securepubads.g.doubleclick.net
sonar.viously.com
stags.bluekai.com
stats.g.doubleclick.net
sync.commander1.com
sync.smartadserver.com
trc-events.taboola.com
trc.taboola.com
u4037714.ct.sendgrid.net
vidstat.taboola.com
wall.adgaterewards.com
wam.solution.weborama.fr
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.primolotto.com
109.232.197.89
13.226.158.204
141.226.228.48
145.239.193.53
167.89.123.16
172.217.16.130
185.141.129.223
185.141.129.225
185.141.129.230
185.33.221.90
185.59.220.196
185.86.137.110
195.54.48.25
199.232.137.44
2.18.233.201
23.79.152.128
2600:9000:2182:ca00:5:b7cc:d3c0:93a1
2600:9000:2182:d600:d:2044:5c40:93a1
2606:4700:10::6814:3677
2606:4700:3032::6815:56ac
2606:4700:3034::6815:3724
2606:4700::6810:135e
2606:4700::6810:8516
2a00:1450:4001:803::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::200e
2a00:1450:400c:c04::9a
2a02:2638:1::13
35.244.174.68
51.89.21.10
52.47.175.198
54.36.82.32
54.72.202.169
54.72.9.210
95.131.143.205
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0862c2487c0665ea2123f42a17adf474adee38aab90c6a1a4288a0124d05294a
0b43bd40d74098e052d32cded765afc2319e2ea620137c3532cf8754bf15b595
0de41fa3160fbde2acde590ca73c333a04e7c82e46d59e149b81e629b6b8cc51
0f24f42963b8d3d16100583319de7cc393ec95e283a732aa23adb0b9df9813d5
13b3481e73acfd2e79c2d51e120101c2659f51adeab0cf6d47f0747471e057e2
15c79df902419d2668f5ceaaf494d5611374d5aaacab744a695f5327d5826e07
1914089b9ec68a3b941d15a5315684bcb4362329b5ffc2dcf49c667c2964376e
19c83bd091eed6528d91f3230623610f12263d983748eb89e8456ff41030da61
19e22027cf760674d2d0aebb7cdb99001527af2bfa8bf3034e53765eacf0fe9c
1defca322a57dbf6fed8f797e91c03fc7036b884b1f32f2932c93fc7cde6a607
1e4a168390ea66a6b9a16df30c6fef0c943404a1c25fabc159a51bf0fb77a7c8
1fe07f85c838070bcb1cd542dc86e417dd3e126183958ed0a4140bf22778285f
2522fed30cc3939843055db41498c0ddaf3f6842204d42ef8f0af70d6d190a11
25c321fdeff70d896eb1eb9b19d133ac0bed4ee7c9757d154878b89664360b97
2683d8731f21545156e9e21b126403a0c0ec2d53646d52d955f9aa00c821773f
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
3044fce71db21299e068cec1056281cbba36a820d247231e1fe01272adf8acf0
31b4bf1bcd4c2a2031b46de44765a786aa36318344b4e6424a96a618410a16b7
33c1ddf6998b4221d60d27dfea001f5557df4bfc5a42b15ea05f827011601c1c
3523734aa4e5c25525d494704e645ff08af67b7f7c77addb0d6a3303d08a545a
368f4c343722bcd0da3077d1e117f5462335c5c21066ac5472810f224e07718b
36b924eb471bd62b8dcec75c1be9211e19d733f6fc900ff2e65eee3c42149403
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aeacf2f2918c1af0af240603a62e7a4a458c9a98ebfd9216eb9de5f9e906a3c
42a10ff3b440212dabf7d8e4da5954c7995a5f9610b465ae52a447d3fc15cf5c
430519d7fdd5ff30e5c83844c4352be35bc55dbd2632e9a70cc474050c44b8f8
46428f2c539eecc8b06fecb7ea74dc8f945fd9ab25b8b4cabba1aa55f6d91239
47a232281ebb40c01155c461d3673111e9641ebdb0a530b34287d65f9bc29151
47c3df021d31abb0318c3eaf656eff7d4227987201ecfe3fe24d083d18e2d6b7
4bf4cf7355bba47e74062fa9f4627806d02cc8f797c4f6934c67f9eb982f4708
4e13a24713c60de07775945d4f347acc364ae5f5f156ac3186329c0dcdfa7c69
4ff0196d53e9640f2ac38561ae37ebee69593f1cf39dcf7072bb48eee0304eb5
52a9c07536a2b2ba437ce604b95d32754f75adecb4458e1b4c3038a565f9c168
561aec52e5ec804ee143532298b8677dcf6da42fec6541484f50cdb94611d65b
5a4bf58503b853027f1b7178bfb98140cd8a36790d35376e0685d5f808fed473
5ada45480d40f3d71ca3fb47f2a14d2b755456978dbf5a16c6bab554c80542b7
5b6cf86376b18e7013022123018f749c4427bc442df1ca43d05f7514b1984980
5bb6e3ec1307e4105ec8d138fccedb2a9ab0ed6a62dbc10de1721f1c3b4aa227
5fc0bbfb3f05a1803fc6289d151b61cabf846ff5b2660d47493c399135f7658c
634768c08b65043075a5516f23916b5da1ca08a70e74a227469c8ebaf89b6898
63a16e7a25b4a9debb3e1a4a67ac421d8c72135e4b1691b2ca95c931fc15e324
660d23a83593219127fbe8ee10bf8625f3b500309b3c534a6e28ffb711d5733a
698c7a603e5dae46fa689aed50735ad8a3e51466b132210015ae6aa30f3b8068
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c46829208b5004ded357c146a2dd4c56641ca4a8f93c782081dee56c9a332f1
6e2297899242fa4c800ff7320c93d3cd0bbb89770cf0a1d5614b0f183c94dc70
6e9e9281d32d8730c476f6b15142000f649937da3ec328c73487462cdb49c16c
725667be21624bb8675f40e187592ba3e78cd48b19b5301204bd6408ce0f867f
72d2ded206a0362620261f23b368f2254b53b83dc83cf48b5cc941f0119d63bc
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9612fcdf977a90229f67fcf6ef33c896332c6b18bb652d47658fbcd5f7d678
7ee65ec4e6687e75cf0082dffb5a452a42d4353263efe439959072d89b7f437b
7ee8a97200cf0e24af175070d017d0bdabe6c619ede7bf7c5585e90de0f39798
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
80241d7a8783b4eca269b072ba1beda80dd63d16e65d972aed0081f603affbe2
802a3cb7595f14f16c36837989c3891dec2b38166b5a75bfdb2fde7c4ab09a4d
817dce8a7cc72dcf653b7883035382ce6db243a40c106598f47c419180d9858a
83ab9d1975ce2a57b6d73d1dbd6b982890ee2e5c360c3d3ee6bd2bd8d4c78d83
83c54916208ba4fec97b8c109dc1d26f5e2231ced12bee8032864c219b7d14e4
861375dce385e0242f081d8059a7bf42befa2f12d712497ee83d025d85c83d45
861797fc7bbdafcfe16d64f4389f847fa159f98480c5f97be0a9f07663f8830c
8907c988abce36758d87a639ef2ddaa025c0338402a80f4e71b7b2450cc7861c
8a3bfd24b6743d2d34866574b9a10605a582eccbfae19b806c57ca4ce057e08d
8a8d52eba8ab85703a684f068b5eac40b2c1525af4c4e347305e1dd6eb286241
8c96396f5c59de04878a008c9231a46553cbb06472116a33675a5dbc754c4d68
8cee5f311af9b900492d054923c138a970f7bfb367cfe2dc5cc0d66811a173f4
8f7a04dfcfe5ffe5e09a0f9d4a91bb2ad737f0d6e261dc8b86538ac49eb7adfd
91f960611508b199cef031bf17d41761dbdbb33c48ffbc2243e2d9a7736de42d
9212967af6330d6bce1b082e672372b651c92379a8ecb40e1922fdb859a5c268
94cc624c94016647682407c6631bdbabb26f5065873f55f6237ab31aa7095154
96298726c168760aab88bfe8927651d1c63328c45a16addb6072b8afe2a66c18
9796cccb1fb69a252f04afdcabb9f4e0a437d87213f8617d90e9c56ffe4b9d7f
99456b3711ac205efcbdbc08ae9dae0124aa6a94d0edf9701a80caa6fc38b5db
99c4cddd50827808ecd5b27b576e29f647138ca7717fbb03dcdd25129bdb0416
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1857176302e9cc89102f04503bf4b2fcc17e3935a12eb319b66468e33ba9f80
a2c1937fe1cf16f6ef92bc981984b30e82983ffd4ed81b763d9d8ac70cc1f12a
a34e825b0af90621129e3b1da7d4bb8dcb83a970067998c49e42e9572332ca37
a41107cffe14a96662eb3541cf6f306ad2a221a854a4e82368199cbdeeb3e856
a4931d41ac5d64ce1bd563cf52252495f55bbf9b1dafd58fdb9ee6fe2b1de4ca
a4a435a77ba9821779ff039d294facf001ace345b9173c180754f425970b2d1a
a633cc3894b71084834e7448c54597d858bee7441f15c31088e4c99b8457688d
a80a3407ddae570bfd761f497180f58472dad91693b58437210e2af57a835a83
aa7f4b86e4ecf4f563bb5d3b7873fff7f76d79c509a468d80b8cf73343c242b4
b11c5230fdce057bb5ebeb6900ea539897ceca694232f5beacf2eb503d6882be
b196dd7095866bf20a6e0af3e61558f76d47d96db181af09301dfb5ef572a5f8
b1fbaef854e0f55871aa050995066ea783c517640ba307e4971a5dfa009342b1
b69d76595dd16f7151533f0c6a97ab226e5915644a7856d7971e98aca312cedc
b841835671d58155e2265cfcdaa0b54eeea722bee5516ae7594ac35d912765b9
bab6a8190b095272d4f8d0771b1f975c3b6b0992660e5fa1dcdf41a9534e716e
bdba216892b1a28445c4dcb4e500df8d13f9bfa15df303dba3689fb83121d822
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
c05e042328d1b9ee6e98dcf6ed26d524666ce16dde3e25d745efe89e6d5a5584
c246ec07b24762244202158adadb0d006913c39f924c7d01d0ff00d2d024a0af
c2837626e084af17f6f41d4468088514cb6df0fe95592e6edde33a7216983f16
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
cb8548af0507dcee282d26b77e74fa9a125816da358c78e0edb0a51af62a5442
ced7e817b2e92e1c3ef51e66ea4ff33aaf248786c319a079d7da46f8a97bc408
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d107e2cd0da4d05bc2e3f3a31561bb5797ebee60069cfacfb364f775c1ed0656
d25283aef05052ea413e5e518534f8451ed6e8da9e3ab42587a7b6dc5241a1d3
d269356be801e8b87d73edb400741a713c8b04e97bec24c27773d0933645cbca
d4225d93450a787911838ab1eba4905d767f559b8bd904c15e51be0ad9d9a63d
d45b3a9deb16d8edb459906a969c8948aa8a211d37a9af0ec370145f959c0bf4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df8538a9e4df6cdfd820f455ef945483f2bdf9d130ddad32ab5f91f7dbb76b9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e876b5005c6e162ac0180c79bce6894ea035f7a5be6b3da43f9127f517785b95
ea41b0db7ca29655f610421075ce1eb794fa892783be830f5cce6be828b5a4cc
eb4406ac6a8c3323f3153907d843fc4adba65f87481c90b2294eab949251d3ee
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ecc24f40f565ce3d863f4ab0fe3258c6d92ca796776a4cae7d68fb52fdddeb7d
ee97dad5bc48f34673bd7ee16f8d93186063b5e60882af7704b306f0584ae1b2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0069af0bb8816687fbd93943c1b72d78919dc44c893e78f2c6aedc0525ebb46
f494c6d8894113fcc5724294d52ff485c8d28b2d898a00975df52f1b6cb88584
f4a892758991f4f7f9634a79d7a099b5de134c2debe4f7a791ffacd353634fb3
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f755de0d436fac042fe6b369c29b416c4cf3f49ba4b6dfe22beb4c6a93dab034
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f9d92dd8d88ba717b48727e906af9b299672a5d3714ed8209e2fbada39b7f94c
facdb1608980a83603750be64207e9d34d000807c485f6a256283e75229f7e63
faf58853644d69d07cc1ab1abb79f7b724ca1e057d90ea1bfb99d2dabfc57548
fb94b462f27f138f78bc2f58584c8e4377ea23828ec4bf2de9a76b624419b6d0
fbbe6cfc3a3838ec0822469c0dc7339ae0402a8b735955535a715760dd7803dd
febce705449f65a7ae0a697705684c615005552560d8bec08bb8b08674f0c836
ff724737a3926e6581553d5d4fbeeceee6b69e8a0c9866d1a98f683010db6feb