URL: https://www.galottery.com/en-us/coam.html
Submission: On January 24 via manual from US — Scanned from DE

Summary

This website contacted 24 IPs in 4 countries across 18 domains to perform 71 HTTP transactions. The main IP is 63.232.206.217, located in United States and belongs to GTECH-PRODUCTION, US. The main domain is www.galottery.com. The Cisco Umbrella rank of the primary domain is 608612.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 22nd 2021. Valid for: a year.
This is the only time www.galottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 34 63.232.206.217 54573 (GTECH-PRO...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 143.204.98.8 16509 (AMAZON-02)
1 65.9.61.111 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 34.96.102.137 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.226.174.102 16509 (AMAZON-02)
2 142.250.186.130 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.185.130 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.65 16509 (AMAZON-02)
1 3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 65.9.61.31 16509 (AMAZON-02)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 52.224.31.34 8075 (MICROSOFT...)
1 2 52.142.114.2 8075 (MICROSOFT...)
71 24
Apex Domain
Subdomains
Transfer
34 galottery.com
www.galottery.com — Cisco Umbrella Rank: 608612
981 KB
11 cloudfront.net
d1gszp1bmamha.cloudfront.net
1011 KB
4 clarity.ms
h.clarity.ms — Cisco Umbrella Rank: 2241
c.clarity.ms — Cisco Umbrella Rank: 917
23 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
673 B
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 385
c.bing.com — Cisco Umbrella Rank: 273
12 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 5557
675 B
3 google.com
www.google.com — Cisco Umbrella Rank: 13
635 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 46
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
21 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 106
803960505.privacysandbox.googleadservices.com
16 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
201 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 644
script.hotjar.com — Cisco Umbrella Rank: 919
vars.hotjar.com — Cisco Umbrella Rank: 1012
64 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
80 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5205
2 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2414
256 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
6 KB
71 18
Domain Requested by
34 www.galottery.com 11 redirects www.galottery.com
11 d1gszp1bmamha.cloudfront.net www.galottery.com
4 www.facebook.com www.galottery.com
3 www.google.de www.galottery.com
3 www.google.com 1 redirects www.galottery.com
3 bat.bing.com www.galottery.com
3 www.google-analytics.com www.galottery.com
www.google-analytics.com
3 connect.facebook.net www.galottery.com
connect.facebook.net
2 c.clarity.ms 1 redirects www.galottery.com
2 h.clarity.ms bat.bing.com
www.galottery.com
2 googleads.g.doubleclick.net 1 redirects www.galottery.com
2 www.googleadservices.com www.googletagmanager.com
www.galottery.com
2 www.googletagmanager.com www.galottery.com
www.googletagmanager.com
2 dev.visualwebsiteoptimizer.com www.galottery.com
1 c.bing.com 1 redirects
1 vc.hotjar.io www.galottery.com
1 stats.g.doubleclick.net www.galottery.com
1 vars.hotjar.com www.galottery.com
1 803960505.privacysandbox.googleadservices.com www.galottery.com
1 script.hotjar.com www.galottery.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.hotjar.com www.galottery.com
1 fonts.googleapis.com www.galottery.com
1 cdnjs.cloudflare.com www.galottery.com
71 24
Subject Issuer Validity Valid
www.galottery.com
Go Daddy Secure Certificate Authority - G2
2021-06-22 -
2022-07-24
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-11-02 -
2022-01-31
3 months crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2020-06-19 -
2022-07-06
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2021-12-22 -
2022-06-22
6 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.privacysandbox.googleadservices.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
www.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.hotjar.io
Amazon
2021-08-17 -
2022-09-15
a year crt.sh
*.google.com
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
*.google.de
GTS CA 1C3
2021-12-27 -
2022-03-21
3 months crt.sh
a.clarity.ms
Microsoft RSA TLS CA 01
2021-07-27 -
2022-07-27
a year crt.sh

This page contains 2 frames:

Primary Page: https://www.galottery.com/en-us/coam.html
Frame ID: A4BCAC65F6159BC9AD5E5D2A5C25B237
Requests: 71 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: A107D467E2DEB44ADDC31663AB6FA52B
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

COAM

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/designs/
  • /etc/clientlibs/

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

71
Requests

82 %
HTTPS

52 %
IPv6

18
Domains

24
Subdomains

24
IPs

4
Countries

2460 kB
Transfer

6225 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.galottery.com/content/dam/portal/images/ga-lottery.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/ga-lottery.png
Request Chain 16
  • https://www.galottery.com/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg
Request Chain 17
  • https://www.galottery.com/content/dam/portal/images/sidebar/sidepanel-mail.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/sidebar/sidepanel-mail.png
Request Chain 18
  • https://www.galottery.com/content/dam/portal/images/footer/ihope.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/ihope.png
Request Chain 19
  • https://www.galottery.com/content/dam/portal/images/footer/wla.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/wla.png
Request Chain 20
  • https://www.galottery.com/content/dam/portal/images/footer/nspg.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/nspg.png
Request Chain 21
  • https://www.galottery.com/content/dam/portal/images/footer/icap.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/icap.png
Request Chain 22
  • https://www.galottery.com/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png
Request Chain 37
  • https://www.galottery.com/content/dam/portal/images/spritesheet.png HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/spritesheet.png
Request Chain 41
  • https://www.galottery.com/content/dam/portal/images/temp/hero/bannerGAsample.jpg HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/temp/hero/bannerGAsample.jpg
Request Chain 46
  • https://www.galottery.com/content/dam/portal/images/footer/footer-map.jpg HTTP 301
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/footer-map.jpg
Request Chain 56
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MbvuYZbcFq2px_AP0a-awAY&sscte=1&crd=&eitems=ChAIgLm5jwYQx_OuvoiK5pwlEh0A5iis2U8y09OUHgMVpsoXdkmngkKnRPP6wX39ww HTTP 302
  • https://www.google.com/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MbvuYZbcFq2px_AP0a-awAY&eitems=ChAIgLm5jwYQx_OuvoiK5pwlEh0A5iis2Ybx8jSLFPpVVv8p_FhMFoMd_gktPChhKg&random=1532177903&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MbvuYZbcFq2px_AP0a-awAY&eitems=ChAIgLm5jwYQx_OuvoiK5pwlEh0A5iis2Ybx8jSLFPpVVv8p_FhMFoMd_gktPChhKg&random=1532177903&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Request Chain 66
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&RedC=c.clarity.ms&MXFR=24A7A9ABD6006F2F33C4B89DD2006149 HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&MUID=1802EA1114436C91126AFB2715286D1E

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request coam.html
www.galottery.com/en-us/
219 KB
32 KB
Document
General
Full URL
https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
4495da40e18507adb90685bb1a553ca8f0074e94753f868d6214a6dccea3e89f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Strict-Transport-Security
max-age=31536000; preload
X-XSS-Protection
1; mode=block
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Last-Modified
Mon, 24 Jan 2022 14:43:59 GMT
Accept-Ranges
none
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=0
Expires
Mon, 24 Jan 2022 14:43:59 GMT
X-UA-Compatible
IE=Edge,chrome=1
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Access-Control-Max-Age
1800
portal-login-errorcode
(null)
portal-login-isError
(null)
portal-login-gkse
(null)
Content-Length
32300
Keep-Alive
timeout=5
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:43:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1622950
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ocM8FABS7VOfBEBnCry0QCB9lz6VJosXEPdMU1XjMLRhxPFYAajjdmdeGQLElaaVCg4%2BoK39GJk7kE9UNKWs3YKQSzGlaXQHGgc0mznY5tf%2BkJC9gV4Emj3qpQKppWFTm2WYY13x4rp%2BMB06WvHDZut"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d2a09893e1983a3-MXP
expires
Sat, 14 Jan 2023 14:43:59 GMT
css
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&Lato:300
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 14:09:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 24 Jan 2022 14:43:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jan 2022 14:43:59 GMT
jcr:content.overrideJQueryValidateMessages.js
www.galottery.com/content/portal/en/coam/
3 KB
2 KB
Script
General
Full URL
https://www.galottery.com/content/portal/en/coam/jcr:content.overrideJQueryValidateMessages.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
de83cd2019080479fd8a772fb53a83402f4c2e7753cf994323d12189cbe01037
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
60737
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
955
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 06:35:05 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
3rdparty.min.20211203062244.css
www.galottery.com/etc/designs/interactive/ilottery/
12 KB
3 KB
Stylesheet
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/3rdparty.min.20211203062244.css
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
efba0501584fe5e4590c9a5399e381f39e55e5831dfc5cf5bcc10a4cb1e9f34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
2364
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
2696
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:42:56 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
jquery.min.20211203062244.js
www.galottery.com/etc/clientlibs/granite/
108 KB
38 KB
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/granite/jquery.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
ef8932740dd1a3d8c8c2b3f6753ffb6bbb1e6727af4c65045a1daee8de5b52e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
8
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
37756
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:43:26 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
utils.min.20211203062244.js
www.galottery.com/etc/clientlibs/granite/
9 KB
4 KB
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/granite/utils.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
61b91db7948561ac2ca2e93dcf298c840503ea9c97bf00251e110f7ce5b97415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
753
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
3590
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:43:48 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
3rdparty.min.20211203062244.js
www.galottery.com/etc/designs/interactive/ilottery/
1 MB
318 KB
Script
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/3rdparty.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
5f998409fce2fe4e8282eb6f093c1af66834a0e2a02b8b3ef23e03aab89d7bf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
1038
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
324241
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 05:47:17 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
pdfmake.min.20211203062244.js
www.galottery.com/etc/clientlibs/interactive/ilottery/3rdparty/
569 KB
198 KB
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/interactive/ilottery/3rdparty/pdfmake.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
0d37eca30804cbbc72f838213dd3fb24fd67fc2f60815d5b35f4979822937669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
772
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
201955
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 19:48:33 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
granite.min.20211203062244.js
www.galottery.com/etc/clientlibs/granite/jquery/
3 KB
2 KB
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
3a69a49771e46c671f331ecc759648e34110a672ab5625f085ac92b1e1a8ce23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
4125
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
1542
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:42:56 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
jquery.min.20211203062244.js
www.galottery.com/etc/clientlibs/foundation/
16 B
844 B
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/foundation/jquery.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Strict-Transport-Security
max-age=31536000; preload
portal-login-errorcode
(null)
Age
8
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
16
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 19:43:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
shared.min.20211203062244.js
www.galottery.com/etc/clientlibs/foundation/
23 KB
7 KB
Script
General
Full URL
https://www.galottery.com/etc/clientlibs/foundation/shared.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
11f78c9f38daef0c9b5e110a1b7a1c7f2a9c69be674d6f7dc5fc08d6c9449d88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
2423
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
6765
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:42:59 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
home.min.20211203062244.js
www.galottery.com/etc/designs/interactive/ilottery/common/
574 KB
114 KB
Script
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/common/home.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
581a4d6c35dd4a15215ac1d2d5b07e03956c5d692058b4c219225b84f957e513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:43:59 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
753
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
116124
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:42:56 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
ga-lottery.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/ga-lottery.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/ga-lottery.png
8 KB
9 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/ga-lottery.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
db12313b2be3e2846d2c7a64fced556e28210fca9af7565a7b64345d6a191520

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 08:16:34 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
23247
x-cache
Hit from cloudfront
content-length
8135
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 23:31:30 GMT
server
Apache
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
ghZhzOOx6jP3y73FsraWXzJF92oJSkA6mqy-ivOLW8MGJMcsN9U_pw==
expires
Tue, 25 Jan 2022 08:16:34 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:00 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/ga-lottery.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
285
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:00 GMT
lastwinningnumbers.min.20211203062244.js
www.galottery.com/etc/designs/interactive/ilottery/games/
14 KB
4 KB
Script
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/games/lastwinningnumbers.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
cb0a2d6cbd93b20d58feb5a7555499696bcbfba0a1b4cf8f7330ebd1df64fe01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:44:00 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
9
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
3490
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 19:48:33 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
scGameTiles.min.20211203062244.css
www.galottery.com/etc/designs/interactive/ilottery/games/secondchance/
0
845 B
Stylesheet
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/games/secondchance/scGameTiles.min.20211203062244.css
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
0
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 19:48:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:00 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
content-type
text/css
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Expires
Tue, 25 Jan 2022 14:44:00 GMT
scGameTiles.min.20211203062244.js
www.galottery.com/etc/designs/interactive/ilottery/games/secondchance/
4 KB
2 KB
Script
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/games/secondchance/scGameTiles.min.20211203062244.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
edc208a88eda645b47435e03ff19bb997620e258ead4dbd54106cf8e2b198edc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:44:00 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
578
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
1465
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 05:47:19 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
COAM_ClassMachineImagev2.jpg
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/coam/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg
209 KB
210 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
87f5cc99147fda48495117057c94c0b025d2ad82a4460159cf12cfeedfcbccc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 23 Jan 2022 16:55:29 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
78511
x-cache
Hit from cloudfront
content-length
214438
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Sat, 15 Jan 2022 12:43:10 GMT
server
Apache
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/jpeg
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
Wc7WX2RPr7ftGNdj097NhWLvhv6r1gYUDh7tTT-gJeRcikAxoU2MCg==
expires
Mon, 24 Jan 2022 16:55:29 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/coam/COAM_ClassMachineImagev2.jpg
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
304
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
sidepanel-mail.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/sidebar/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/sidebar/sidepanel-mail.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/sidebar/sidepanel-mail.png
6 KB
7 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/sidebar/sidepanel-mail.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
fdacebdc108336eef67b786b875e77d2222f3035d7920ef576617ed72a9588bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 07:37:40 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
29234
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
5957
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Sat, 15 Jan 2022 13:33:03 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
ncrnJ_v9RG8hamkrPO2M8QQcIe1wvVo1lHH57Orn7HE10X0UKEStpQ==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/sidebar/sidepanel-mail.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
297
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
ihope.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/ihope.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/ihope.png
47 KB
48 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/ihope.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b898044dd4eb4a6d34f8c6cf67e24c0c3f546e1082530f07f74a789db26a68aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
57012
x-cache
Hit from cloudfront
content-length
48486
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 06:53:27 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
date
Sun, 23 Jan 2022 22:53:49 GMT
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400, max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
HJU_Rnvd4csvy7iT4D2uGkng2wegwJBMf6hlNey6_Q9FmJ5EEqgH4Q==
expires
Mon, 24 Jan 2022 22:53:49 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/ihope.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
287
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
wla.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/wla.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/wla.png
13 KB
13 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/wla.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
32cd59f02f6128e43cd1d64248d80c3c238b529663e5440a4046cf1c033e5f61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 06:05:01 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
31140
x-cache
Hit from cloudfront
content-length
13071
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 22:54:50 GMT
server
Apache
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
kTq-eyTfgJCasSoEDFn9kZBGKFbU1emi6vayxcL_8nzWh5kbiEHRbg==
expires
Tue, 25 Jan 2022 06:05:01 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/wla.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
285
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
nspg.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/nspg.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/nspg.png
12 KB
13 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/nspg.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
faffae214dd09215826fdcd06240c1a0b1c6d1f6dc69aa711fba75e4e088ed6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 02:49:59 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
76087
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
12420
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 09:30:19 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
QseD_Xmmz_pkNdHxgT1wqZzNx2DGiukTsDWLleMT6o8iXW0y9VmpXg==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/nspg.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
286
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
icap.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/icap.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/icap.png
17 KB
18 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/icap.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
de930e0aed663d14cda5da6a8cf98d3b82ce70c8ff9087eda2085b01e2faa8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 02:50:01 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
74214
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
17912
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 19:47:07 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
0gCfeUmojHQLU9JBKDAzVDo6aFIqHwaqP_Dgvr2vo5LlBlIR3ybJbw==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/icap.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
286
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
GodaddyVerifiedSecuredSeal.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png
10 KB
10 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
b07da76f99ca19e3b054a566f122bc8d3dad2e1d64f40615b74168fd573835a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 02:50:02 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
50236
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
9900
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 05:58:56 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
56Nw9wvS651KW3CJpe_UrMymnhFlkLjOLdcacuMFcKV3uux3cc4ZSg==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/GodaddyVerifiedSecuredSeal.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
308
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
dict.en.json
www.galottery.com/libs/cq/i18n/
288 KB
77 KB
XHR
General
Full URL
https://www.galottery.com/libs/cq/i18n/dict.en.json
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
6f55a6a76d2890dcec8a19e80624ebe121da5c5c25407da72d8066e43b45f58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.galottery.com/en-us/coam.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
Vary
Accept-Encoding
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:43:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:00 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Language
en
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Content-Type
application/json
Keep-Alive
timeout=5
Expires
Mon, 24 Jan 2022 14:44:00 GMT
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
token.json
www.galottery.com/libs/granite/csrf/
2 B
892 B
XHR
General
Full URL
https://www.galottery.com/libs/granite/csrf/token.json
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
X-Content-Type-Options
nosniff
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
2
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:00 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/json; charset=ISO-8859-1
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
no-cache, max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Expires
Mon, 24 Jan 2022 14:44:00 GMT
userinfo.json
www.galottery.com/libs/cq/security/
171 B
1 KB
XHR
General
Full URL
https://www.galottery.com/libs/cq/security/userinfo.json?cq_ck=1643035440689
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
d541a5bace47c36dca6092ce38daf62055d2723e6ef513240366dba13a78cbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://www.galottery.com/en-us/coam.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
X-Content-Type-Options
nosniff
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
142
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:00 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Expires
Mon, 24 Jan 2022 14:44:00 GMT
session-check
www.galottery.com/
78 B
928 B
XHR
General
Full URL
https://www.galottery.com/session-check
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
b27e668ced0988c8d3d2d69c4e3ec8d8b00a828251007f95d86f81a223e46d86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-User-Agent
portal
Referer
https://www.galottery.com/en-us/coam.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
Via
1.1 www.galottery.com
portal-login-errorcode
(null)
Connection
close
Content-Length
78
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
Pragma
No-cache
portal-login-isError
(null)
portal-login-gkse
(null)
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:00 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
private,no-cache,no-store
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Expires
Thu, 01 Jan 1970 00:00:00 GMT
default.min.20211203062244.css
www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/
703 KB
105 KB
Stylesheet
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
3661d114cb0d35280660f0899436da4015a21d41fc663525a439f2d6118606b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/en-us/coam.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:44:00 GMT
Content-Encoding
gzip
portal-login-errorcode
(null)
Age
3470
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Connection
Keep-Alive
Content-Length
106797
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:43:00 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
hotjar-1673307.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1673307.js?sv=6
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-111.fra56.r.cloudfront.net
Software
/
Resource Hash
8508aca941eebcff00aa1910c8d05a9f14cb6297744c3c3de45f523a7c585579
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:43:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
8
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1904
access-control-allow-origin
*
x-cache-hit
1
etag
W/aabc917f45db903c609cde644a836553
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
mA-daP4Wh0zbKsPT-x80p6110uujjA4DFbFCGnvVeuYea4tCGdOZiQ==
fbevents.js
connect.facebook.net/en_US/
99 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
26187
x-xss-protection
0
pragma
public
x-fb-debug
w7Tks4SPvHTvMmMiSWBcVr/8FsGV7PpRCtz8p1je08nloemG/p0wQJVpHV5nsnqTEo8YzHVDPOYYUkiHAgPl4A==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 24 Jan 2022 14:44:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
j.php
dev.visualwebsiteoptimizer.com/
3 KB
1 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=420328&u=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&r=0.9330113764484709
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
586b38a2481838cb2da4c9dc6f00f060f417eb566f807c0a5fbc088ac61fd95d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 24 Jan 2022 14:44:01 GMT
via
1.1 google
server
gfra1
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type
application/javascript; charset=UTF-8
gtm.js
www.googletagmanager.com/
107 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPX3Q5
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc062951dae86a1c89f28edb166afe07ceb0018486f791ab8f59208eafffd53a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41462
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Jan 2022 14:44:01 GMT
jcr:content.getMessageDictionary.json
www.galottery.com/content/portal/en/coam/
114 KB
27 KB
XHR
General
Full URL
https://www.galottery.com/content/portal/en/coam/jcr:content.getMessageDictionary.json
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
ffbad2575e1701ff9004667b337df830184ca6ae3c111fabf1bae1d45e113b78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.galottery.com/en-us/coam.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
Vary
Accept-Encoding
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
26503
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 06:35:07 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:01 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Expires
Mon, 24 Jan 2022 14:44:01 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&Lato:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.galottery.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 00:14:34 GMT
x-content-type-options
nosniff
age
484167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 19 Jan 2023 00:14:34 GMT
icomoon.ttf
www.galottery.com/etc/designs/interactive/ilottery/common/home/fonts/icomoon/fonts/
25 KB
16 KB
Font
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/common/home/fonts/icomoon/fonts/icomoon.ttf?l22sf6
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
7539f30fd148602e1b8d2c91b0ca325cb4a9ddb5bc4a7bbe2f79be7b1f13e44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Origin
https://www.galottery.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:44:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
portal-login-errorcode
(null)
Age
148368
Content-Disposition
attachment
Connection
Keep-Alive
Vary
Accept-Encoding
Content-Length
15086
X-XSS-Protection
1; mode=block
portal-login-isError
(null)
portal-login-gkse
(null)
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Access-Control-Max-Age
1800
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/x-font-ttf
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
glyphicons-halflings-regular.woff2
www.galottery.com/etc/designs/interactive/ilottery/common/home/fonts/
18 KB
18 KB
Font
General
Full URL
https://www.galottery.com/etc/designs/interactive/ilottery/common/home/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Origin
https://www.galottery.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 24 Jan 2022 14:44:01 GMT
Strict-Transport-Security
max-age=31536000; preload
portal-login-errorcode
(null)
Age
1839
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
18028
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Sat, 15 Jan 2022 05:43:18 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=315360000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Keep-Alive
timeout=5
spritesheet.png
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/spritesheet.png
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/spritesheet.png
588 KB
590 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/spritesheet.png
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
831d1a98d35b51627ffabc7ad23b7fc63dcc9a2fbdce01895fbbc4f1d548d753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 04:35:02 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
37375
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
601854
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Thu, 20 Jan 2022 03:22:23 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/png
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
RBcFAlpgvF4rFRM6HLnULjV2cyQOEpFvFc-XR14LDbXwE-bWShox_Q==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/spritesheet.png
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
286
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
v.gif
dev.visualwebsiteoptimizer.com/
35 B
214 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=420328&d=galottery.com&u=D2FB34D50FF49C3B7E097B8641BE10E31&h=a56fe13fcbb135ae7b5fb58bb2be1ad7&t=false&r=0.08518804227400256
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
modules.923ec619fec69a542e35.js
script.hotjar.com/
229 KB
61 KB
Script
General
Full URL
https://script.hotjar.com/modules.923ec619fec69a542e35.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.174.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-174-102.mxp64.r.cloudfront.net
Software
/
Resource Hash
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 19 Jan 2022 11:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
443695
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61575
access-control-allow-origin
*
last-modified
Wed, 19 Jan 2022 11:29:02 GMT
etag
"6d6c65f494384174cfbb7de0db8782b1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 61fd230060a8ca1a11091c689601a7ea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
MXP64-C3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Leo7UFJZZ3zXMte1XB50zAVOkvXTlVhsUTP2onmsQhBJGmxJQpa_vQ==
622791534541985
connect.facebook.net/signals/config/
306 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/622791534541985?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7cbd645dea0a9d39dc6dbc56cdc516ac29d65b77517b758f48aca59afd3d682c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
EYr7YuvqJiFawsOPqdTmurrgt5hmea/IUeVhZ2wU96Nlw7p7StIO5USC3owABkNDYVU1JTPD2wtTOhUjYkQOig==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 24 Jan 2022 14:44:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
bannerGAsample.jpg
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/temp/hero/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/temp/hero/bannerGAsample.jpg
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/temp/hero/bannerGAsample.jpg
47 KB
48 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/temp/hero/bannerGAsample.jpg
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
f335d1111cca13e21c7b28f894b4e02d9d7680333697e69599fb2fcca2684f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 05:35:04 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
32937
x-cache
Hit from cloudfront
content-length
48312
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Sat, 15 Jan 2022 16:49:44 GMT
server
Apache
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/jpeg
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
3TvFhjWR-xiH6LByzsHyYmGvD4ESiO2MNQJgOzHS80vk4oTIg0DCPQ==
expires
Tue, 25 Jan 2022 05:35:04 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/temp/hero/bannerGAsample.jpg
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
299
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
conversion_async.js
www.googleadservices.com/pagead/
38 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPX3Q5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14846
x-xss-protection
0
server
cafe
etag
1633785920527017951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jan 2022 14:44:01 GMT
js
www.googletagmanager.com/gtag/
98 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-803960505
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPX3Q5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b489395510492182d6dc4fd11144bcc1b0e997895d774c5212458daf4d004272
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39749
x-xss-protection
0
last-modified
Mon, 24 Jan 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 24 Jan 2022 14:44:01 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4147
date
Mon, 24 Jan 2022 13:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 24 Jan 2022 15:34:54 GMT
bat.js
bat.bing.com/
36 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
gzip
last-modified
Fri, 03 Dec 2021 01:53:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C448DBC5C7FA4585AF8E4E2334294418 Ref B: FRAEDGE1507 Ref C: 2022-01-24T14:44:01Z
etag
"0cb09ee8e7d71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
10468
footer-map.jpg
d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/
Redirect Chain
  • https://www.galottery.com/content/dam/portal/images/footer/footer-map.jpg
  • https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/footer-map.jpg
44 KB
45 KB
Image
General
Full URL
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/footer-map.jpg
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/designs/interactive/ilottery/common/home/themes/default.min.20211203062244.css
Protocol
H2
Server
143.204.98.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-8.fra50.r.cloudfront.net
Software
Apache /
Resource Hash
0a94d598201f77f289b28c484468885c4f91713f2431f31efa0252c5bd7574af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 02:49:59 GMT
via
1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
portal-login-errorcode
(null)
age
44448
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000; preload
content-length
44998
x-xss-protection
1; mode=block
portal-login-iserror
(null)
portal-login-gkse
(null)
last-modified
Wed, 19 Jan 2022 21:02:25 GMT
server
Apache
x-frame-options
SAMEORIGIN, SAMEORIGIN
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
content-type
image/jpeg
access-control-allow-origin
https://d1gszp1bmamha.cloudfront.net/
cache-control
public,max-age=86400
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
x-amz-cf-id
dWjF4yweYOAtCF2kt8kG1P0CzM7T9Xv68znxuFkaQtjkMr2bpVa4jw==

Redirect headers

Strict-Transport-Security
max-age=31536000; preload
Server
Apache
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Date
Mon, 24 Jan 2022 14:44:01 GMT
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Content-Type
text/html; charset=iso-8859-1
Location
https://d1gszp1bmamha.cloudfront.net/content/dam/portal/images/footer/footer-map.jpg
Cache-Control
max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=5
Content-Length
292
X-XSS-Protection
1; mode=block
Expires
Mon, 24 Jan 2022 14:44:01 GMT
portalmaintenance.json
www.galottery.com/content/interactive/ilottery/services/
3 KB
1 KB
XHR
General
Full URL
https://www.galottery.com/content/interactive/ilottery/services/portalmaintenance.json
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.232.206.217 , United States, ASN54573 (GTECH-PRODUCTION, US),
Reverse DNS
63-232-206-217.dia.static.centurylink.net
Software
Apache /
Resource Hash
238dde73c6160231ca3dc5f9d63aaea8e80591a635263bf7aeca8bac1d54bc58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.galottery.com/en-us/coam.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; preload
Content-Encoding
gzip
Vary
Accept-Encoding
portal-login-errorcode
(null)
Access-Control-Allow-Headers
X-Accept-Charset, X-Accept, X-Requested-With, Content-Type, origin, authorization, accept
Connection
Keep-Alive
Content-Length
349
X-XSS-Protection
1; mode=block
X-UA-Compatible
IE=Edge,chrome=1
portal-login-isError
(null)
portal-login-gkse
(null)
Last-Modified
Wed, 19 Jan 2022 19:48:31 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
Date
Mon, 24 Jan 2022 14:44:01 GMT
Access-Control-Max-Age
1800
Access-Control-Allow-Methods
OPTIONS,GET,POST,PUT,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
https://d1gszp1bmamha.cloudfront.net/
Cache-Control
public,max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
none
Keep-Alive
timeout=5
Expires
Mon, 24 Jan 2022 14:44:01 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/
1 KB
763 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 13:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3327
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 24 Jan 2022 14:48:34 GMT
/
www.googleadservices.com/pagead/conversion/803960505/
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/803960505/?random=1643035441342&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
fe6a3e6bddef0d196a32f9db60dcaa5778eff88630e9487e5eaf25eab5a4c2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1167
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
803960505.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/803960505/
0
0
Image
General
Full URL
https://803960505.privacysandbox.googleadservices.com/pagead/privacysandbox/conversion/803960505/?random=1643035441342&cv=9&fst=1643035441342&num=1&fmt=3&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&bttype=purchase&async=1
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

/
googleads.g.doubleclick.net/pagead/viewthroughconversion/803960505/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803960505/?random=1643035441349&cv=9&fst=1643035441349&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1j0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6696d8d0c3d9d718dc7bceca91dc18cc07aa5f4804673508dc649214f6d10fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1027
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame A107
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
6ucAohvEmTNIPtkNt9BoIh0QmfYSa6VH9NoLWjcVZ8rCSzhhEJvVlQ==
age
6655122
25147081.js
bat.bing.com/p/action/
684 B
736 B
Script
General
Full URL
https://bat.bing.com/p/action/25147081.js
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2f2c7d71b417f7a9e46e397073227ffbb00ff11065ec673ba8630bac0bf06c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 810C3248788A46CFB3A124F3FC37B81E Ref B: FRAEDGE1507 Ref C: 2022-01-24T14:44:01Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store,no-cache
content-length
585
0
bat.bing.com/action/
0
150 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=25147081&Ver=2&mid=b5c7da3d-abb6-4925-ad39-9442f1b97c76&sid=11df86407d2411ecad8ae9af13a8fea0&vid=11df68b07d2411ec8fb2bbe484212b48&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=COAM&p=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&r=&lt=2908&evt=pageLoad&msclkid=N&sv=1&rn=318483
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BB362E245149462CBE0C7B9C9FC2EC0A Ref B: FRAEDGE1507 Ref C: 2022-01-24T14:44:01Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1717768725&t=pageview&_s=1&dl=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&dp=%2Fen-us%2Fcoam.html&ul=en-us&de=UTF-8&dt=COAM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIRAAAAAC~&jid=909504920&gjid=1671139578&cid=1580485867.1643035441&tid=UA-71678834-1&_gid=853589210.1643035441&_r=1&_slc=1&z=291095426
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.galottery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.galottery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/803960505/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=120...
  • https://www.google.com/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u...
  • https://www.google.de/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MbvuYZbcFq2px_AP0a-awAY&eitems=ChAIgLm5jwYQx_OuvoiK5pwlEh0A5iis2Ybx8jSLFPpVVv8p_FhMFoMd_gktPChhKg&random=1532177903&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H3
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/803960505/?random=338368949&cv=9&fst=1643035441342&num=1&value=0&label=test&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg1j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&auid=1176497845.1643035441&capi=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MbvuYZbcFq2px_AP0a-awAY&eitems=ChAIgLm5jwYQx_OuvoiK5pwlEh0A5iis2Ybx8jSLFPpVVv8p_FhMFoMd_gktPChhKg&random=1532177903&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/803960505/
42 B
548 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/803960505/?random=1643035441349&cv=9&fst=1643032800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&async=1&fmt=3&is_vtc=1&random=2374915191&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/803960505/
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/803960505/?random=1643035441349&cv=9&fst=1643032800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1j0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&tiba=COAM&async=1&fmt=3&is_vtc=1&random=2374915191&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-71678834-1&cid=1580485867.1643035441&jid=909504920&gjid=1671139578&_gid=853589210.1643035441&_u=aGBAAEIQAAAAAC~&z=182001343
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.galottery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 24 Jan 2022 14:44:01 GMT
content-type
text/plain
access-control-allow-origin
https://www.galottery.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1673307
vc.hotjar.io/sessions/
0
256 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/1673307?s=0.25&r=0.018988548305024278
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.61.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-61-31.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
djroGlNW1cRoIJrOxTDIkimn9DsGIw2Qzqp96vSCu0tJfkAFk__sag==
889467985337070
connect.facebook.net/signals/config/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/889467985337070?v=2.9.49&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e2673d74cdb4d70a291243d0d393ee116b9c6f0481c56876aa84054c08178613
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
c5hw92uxjZ5UDFpbrZD7vhA6s1s5qiKckJ6Ql6N0vbQWUjDA4OkdzSN5l0JyIPhjF+Si0xSagFj2jkPnyziXiQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 24 Jan 2022 14:44:01 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
406 B
Image
General
Full URL
https://www.facebook.com/tr/?id=622791534541985&ev=PageView&dl=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&rl=&if=false&ts=1643035441515&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643035441514.1817368490&it=1643035441244&coo=false&exp=p1&rqm=GET
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 24 Jan 2022 14:44:01 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71678834-1&cid=1580485867.1643035441&jid=909504920&_u=aGBAAEIQAAAAAC~&z=919259839
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-71678834-1&cid=1580485867.1643035441&jid=909504920&_u=aGBAAEIQAAAAAC~&z=919259839
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
h.clarity.ms/s/0.6.31/
52 KB
23 KB
Script
General
Full URL
https://h.clarity.ms/s/0.6.31/clarity.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/25147081.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
content-encoding
br
etag
"1d80c819fdf2b00"
last-modified
Tue, 18 Jan 2022 15:39:48 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&RedC=c.clarity.ms&MXFR=24A7A9ABD6006F2F33C4B89DD2006149
  • https://c.clarity.ms/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&MUID=1802EA1114436C91126AFB2715286D1E
42 B
365 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&MUID=1802EA1114436C91126AFB2715286D1E
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H2
Server
52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:00 GMT
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"9ea1ae3587d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 24 Jan 2022 14:44:01 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 9D85AE884DB1484BB47FB1D8A0B26CB0 Ref B: FRAEDGE1507 Ref C: 2022-01-24T14:44:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=AF4BFD6A2B464A599C54D0DD8B9A5D49&MUID=1802EA1114436C91126AFB2715286D1E
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=889467985337070&ev=PageView&dl=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&rl=&if=false&ts=1643035441598&sw=1600&sh=1200&v=2.9.49&r=stable&ec=0&o=30&fbp=fb.1.1643035441514.1817368490&it=1643035441244&coo=false&exp=p1&rqm=GET
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/en-us/coam.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:01 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 14:44:01 GMT
collect
h.clarity.ms/
0
72 B
XHR
General
Full URL
https://h.clarity.ms/collect
Requested by
Host: www.galottery.com
URL: https://www.galottery.com/etc/clientlibs/granite/jquery/granite.min.20211203062244.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.galottery.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://www.galottery.com
date
Mon, 24 Jan 2022 14:44:01 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=622791534541985&ev=Microdata&dl=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&rl=&if=false&ts=1643035443026&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COAM%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1643035441514.1817368490&it=1643035441244&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 14:44:03 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=889467985337070&ev=Microdata&dl=https%3A%2F%2Fwww.galottery.com%2Fen-us%2Fcoam.html&rl=&if=false&ts=1643035443100&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22COAM%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.49&r=stable&ec=1&o=30&fbp=fb.1.1643035441514.1817368490&it=1643035441244&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.galottery.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 24 Jan 2022 14:44:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Mon, 24 Jan 2022 14:44:03 GMT

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| key object| interactive object| CQI18nJqueryValidateMessageMap object| CQURLInfo function| $ function| jQuery object| matched object| browser object| Granite function| regExpQuote function| smartbannerSize function| slidePanel function| _init function| isBreakpoint function| isLargeScreen function| isMediumScreen function| isSmallScreen function| isSmallPhone function| mobileDetect function| isMobile function| iOS function| iOSSafari function| pad function| addThousandsSeparator function| loading function| modalBodyScrollable function| scrollToDiv function| popovers function| backToTop function| background function| addScrollingClass function| removeScrollingClass function| screenReaderVisibility string| css_browser_selector_ns function| SHA256 function| loadXMLDoc object| CQ function| Q function| _ object| Backbone object| jQuery112409252763284256851 object| store object| eventie function| EventEmitter function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| moment undefined| daterangepicker object| Modernizr object| picturefillCFG function| picturefill undefined| IsChromeApp boolean| IsIPhone boolean| IsIPad boolean| IsIOSApp boolean| IsAndroid boolean| IsAndroidPhone boolean| IsAndroidTablet string| message object| html function| css_browser_selector function| sha1 function| hotkeys function| List function| ListPagination function| Snap object| createjs object| _gsQueue object| pdfMake object| _g function| $CQ undefined| G_XHR_HOOK undefined| G_RELOAD_HOOK undefined| G_IS_HOOKED undefined| G_CONTENT_PATH string| pathName string| catValue function| trackFBPixel boolean| isTipOpen function| showTip object| portalGGA object| attrs function| getThemeName boolean| isMinifyEnabled string| cssFileName function| hj object| _hjSettings string| fbTagId string| eventType function| fbq function| _fbq object| _vwo_code number| settings_timer number| _vwo_settings_timer object| dataLayer function| accountBarAuthenticatedMobile function| accountBarNotAuthenticatedMobile object| loginBarMobile function| loginBarNotLoggedInTemplate function| loginBarLoggedInTemplate function| shoppingCartWidgetWrapperTemplate function| shoppingCartWidgetWagerItem function| shoppingCartWidgetSubscriptionItem function| shoppingCartWidgetVoucherItem function| shoppingCartWagerEmpty object| loginBar function| mainTemplate function| gameTemplate function| panelTemplate function| errorTemplate function| modalLastWinningNumbersTemplate function| modalLastWinningNumbersDetailsTemplate object| inst undefined| hashPerameter object| allscGameTileObj object| gameData undefined| gameurl undefined| gameId function| getGameUrl function| submitSCGame function| scGameTilesTemplate function| scGameFormTemplate function| scGameTilesGamePageTemplate undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| vwo_iehack_queue object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_manager function| baseModalTemplate function| errorModalTemplate object| google_tag_data object| bodyelement object| userid string| page string| GoogleAnalyticsObject function| ga object| uetq string| searchKey object| gaplugins object| gaGlobal object| gaData function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET function| UET_init function| UET_push object| ueto_fc6d4588f7 function| clarity

21 Cookies

Domain/Path Name / Value
.galottery.com/ Name: _vwo_uuid_v2
Value: D2FB34D50FF49C3B7E097B8641BE10E31|a56fe13fcbb135ae7b5fb58bb2be1ad7
.galottery.com/ Name: _gcl_au
Value: 1.1.1176497845.1643035441
.galottery.com/ Name: _ga
Value: GA1.2.1580485867.1643035441
.galottery.com/ Name: _gid
Value: GA1.2.853589210.1643035441
.bing.com/ Name: MUID
Value: 1802EA1114436C91126AFB2715286D1E
.galottery.com/ Name: _uetsid
Value: 11df86407d2411ecad8ae9af13a8fea0
.galottery.com/ Name: _uetvid
Value: 11df68b07d2411ec8fb2bbe484212b48
.galottery.com/ Name: _gat
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.galottery.com/ Name: _hjSessionUser_1673307
Value: eyJpZCI6IjY5MDBlZDM0LTg5Y2MtNTcwNi1hMjYyLTVhOGRkN2JjNzgzNiIsImNyZWF0ZWQiOjE2NDMwMzU0NDEzNTksImV4aXN0aW5nIjpmYWxzZX0=
.galottery.com/ Name: _hjFirstSeen
Value: 1
.galottery.com/ Name: _hjSession_1673307
Value: eyJpZCI6IjVjNGJhZTUxLTMzNjYtNDNkMS1hOWQyLTM5ODM5Y2U3YTQ1YiIsImNyZWF0ZWQiOjE2NDMwMzU0NDE0NDIsImluU2FtcGxlIjpmYWxzZX0=
.galottery.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.galottery.com/ Name: _fbp
Value: fb.1.1643035441514.1817368490
.facebook.com/ Name: fr
Value: 0wiQoEbjylb4tfiC0..Bh7rsx...1.0.Bh7rsx.
.c.bing.com/ Name: SRM_B
Value: 1802EA1114436C91126AFB2715286D1E
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1802EA1114436C91126AFB2715286D1E
.c.clarity.ms/ Name: ANONCHK
Value: 0
.galottery.com/ Name: _clck
Value: 1otfxp8|1|eye|0
.galottery.com/ Name: _clsk
Value: 1kahxku|1643035442279|1|1|h.clarity.ms/collect

1 Console Messages

Source Level URL
Text
network error URL: https://www.galottery.com/session-check
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

803960505.privacysandbox.googleadservices.com
bat.bing.com
c.bing.com
c.clarity.ms
cdnjs.cloudflare.com
connect.facebook.net
d1gszp1bmamha.cloudfront.net
dev.visualwebsiteoptimizer.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.clarity.ms
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
vc.hotjar.io
www.facebook.com
www.galottery.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.226.174.102
142.250.185.130
142.250.186.130
143.204.215.65
143.204.98.8
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200a
2a00:1450:400c:c06::9b
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.96.102.137
52.142.114.2
52.224.31.34
63.232.206.217
65.9.61.111
65.9.61.31
0a94d598201f77f289b28c484468885c4f91713f2431f31efa0252c5bd7574af
0ce5d039d3e58fc10808f0695156d2bd99daae7791d26cc5dfc569154b5e0b22
0d37eca30804cbbc72f838213dd3fb24fd67fc2f60815d5b35f4979822937669
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f78c9f38daef0c9b5e110a1b7a1c7f2a9c69be674d6f7dc5fc08d6c9449d88
16c13044cedc5c7482ad7db51913c164ffabc787ec5b6b0246acfec84cd6d01b
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
238dde73c6160231ca3dc5f9d63aaea8e80591a635263bf7aeca8bac1d54bc58
32cd59f02f6128e43cd1d64248d80c3c238b529663e5440a4046cf1c033e5f61
3661d114cb0d35280660f0899436da4015a21d41fc663525a439f2d6118606b6
3a69a49771e46c671f331ecc759648e34110a672ab5625f085ac92b1e1a8ce23
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4495da40e18507adb90685bb1a553ca8f0074e94753f868d6214a6dccea3e89f
581a4d6c35dd4a15215ac1d2d5b07e03956c5d692058b4c219225b84f957e513
586b38a2481838cb2da4c9dc6f00f060f417eb566f807c0a5fbc088ac61fd95d
5f998409fce2fe4e8282eb6f093c1af66834a0e2a02b8b3ef23e03aab89d7bf1
61b91db7948561ac2ca2e93dcf298c840503ea9c97bf00251e110f7ce5b97415
6f55a6a76d2890dcec8a19e80624ebe121da5c5c25407da72d8066e43b45f58e
7539f30fd148602e1b8d2c91b0ca325cb4a9ddb5bc4a7bbe2f79be7b1f13e44c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cbd645dea0a9d39dc6dbc56cdc516ac29d65b77517b758f48aca59afd3d682c
831d1a98d35b51627ffabc7ad23b7fc63dcc9a2fbdce01895fbbc4f1d548d753
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8508aca941eebcff00aa1910c8d05a9f14cb6297744c3c3de45f523a7c585579
87f5cc99147fda48495117057c94c0b025d2ad82a4460159cf12cfeedfcbccc3
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b07da76f99ca19e3b054a566f122bc8d3dad2e1d64f40615b74168fd573835a4
b27e668ced0988c8d3d2d69c4e3ec8d8b00a828251007f95d86f81a223e46d86
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b489395510492182d6dc4fd11144bcc1b0e997895d774c5212458daf4d004272
b808c79adcdbd5df211fb64d05e220a1cb48cae0245fb720e718c7658a1ee5f9
b898044dd4eb4a6d34f8c6cf67e24c0c3f546e1082530f07f74a789db26a68aa
bc062951dae86a1c89f28edb166afe07ceb0018486f791ab8f59208eafffd53a
c084b47104c493fb377b6d35d8c08df67d773f6dcf8294c0a7360710cd8cacbd
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
cb0a2d6cbd93b20d58feb5a7555499696bcbfba0a1b4cf8f7330ebd1df64fe01
d541a5bace47c36dca6092ce38daf62055d2723e6ef513240366dba13a78cbad
db12313b2be3e2846d2c7a64fced556e28210fca9af7565a7b64345d6a191520
de83cd2019080479fd8a772fb53a83402f4c2e7753cf994323d12189cbe01037
de930e0aed663d14cda5da6a8cf98d3b82ce70c8ff9087eda2085b01e2faa8b6
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
e2673d74cdb4d70a291243d0d393ee116b9c6f0481c56876aa84054c08178613
e2f2c7d71b417f7a9e46e397073227ffbb00ff11065ec673ba8630bac0bf06c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafa70aa45c5b3618a387bd0e619e248f8a49cc44cf10bbf24f7bca1190e2c3e
edc208a88eda645b47435e03ff19bb997620e258ead4dbd54106cf8e2b198edc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8932740dd1a3d8c8c2b3f6753ffb6bbb1e6727af4c65045a1daee8de5b52e7
efba0501584fe5e4590c9a5399e381f39e55e5831dfc5cf5bcc10a4cb1e9f34b
f335d1111cca13e21c7b28f894b4e02d9d7680333697e69599fb2fcca2684f84
f6696d8d0c3d9d718dc7bceca91dc18cc07aa5f4804673508dc649214f6d10fe
faffae214dd09215826fdcd06240c1a0b1c6d1f6dc69aa711fba75e4e088ed6d
fdacebdc108336eef67b786b875e77d2222f3035d7920ef576617ed72a9588bc
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe6a3e6bddef0d196a32f9db60dcaa5778eff88630e9487e5eaf25eab5a4c2df
ffbad2575e1701ff9004667b337df830184ca6ae3c111fabf1bae1d45e113b78