www.thelotter.com Open in urlscan Pro
107.154.132.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://savethewater.org/
Effective URL:
https://www.thelotter.com/?tl_affid=8828
Submission: On May 24 via api (May 24th 2024, 2:57:55 pm UTC) from US — Scanned from DE

Summary HTTP 373 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 51 IPs in 10 countries across 39 domains to perform 373 HTTP transactions. The main IP is 107.154.132.27, located in United States and belongs to INCAPSULA, US. The main domain is www.thelotter.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on November 12th 2023. Valid for: a year.

This is the only time www.thelotter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
134	162.241.253.213 162.241.253.213	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
2	172.67.209.227 172.67.209.227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	104.22.54.118 104.22.54.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	142.250.185.196 142.250.185.196	15169 (GOOGLE) (GOOGLE)
2	172.67.152.194 172.67.152.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1178:1:4... 2a00:1178:1:4b::e	35415 (WEBZILLA) (WEBZILLA)
1 7	138.128.241.162 138.128.241.162	36007 (KAMATERA) (KAMATERA)
1 1	2606:4700:10:... 2606:4700:10::6816:1e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
114	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1	146.185.171.17 146.185.171.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	23.38.201.81 23.38.201.81	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
2	43.152.26.235 43.152.26.235	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
2	172.104.226.213 172.104.226.213	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:29:1... 2620:1ec:29:1::43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	107.154.213.27 107.154.213.27	19551 (INCAPSULA) (INCAPSULA)
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
6	178.249.97.99 178.249.97.99	11054 (LIVEPERSON) (LIVEPERSON)
7	34.120.154.120 34.120.154.120	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
5	43.132.32.113 43.132.32.113	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
6	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	52.178.209.216 52.178.209.216	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.92.33.202 52.92.33.202	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
1	65.108.188.9 65.108.188.9	24940 (HETZNER-AS) (HETZNER-AS)
2	104.77.118.51 104.77.118.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	104.21.69.127 104.21.69.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.93 65.9.95.93	16509 (AMAZON-02) (AMAZON-02)
1	65.9.95.8 65.9.95.8	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
373	51

134 162.241.253.213 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5821.bluehost.com

savethewater.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stg.savethewater.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.209.227 (United States)

ASN13335 (CLOUDFLARENET, US)

chest.cdntoswitchspirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.cdntoswitchspirit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.54.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

jquery.restartyourchoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
done.restartyourchoices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.152.194 (United States)

ASN13335 (CLOUDFLARENET, US)

from.startfinishthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1178:1:4b::e (Netherlands) 1 redirects

ASN35415 (WEBZILLA, NL)

surprisedexpert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 138.128.241.162 (Secaucus, United States) 1 redirects

ASN36007 (KAMATERA, US)
PTR: 71us.mailspeedy.com

videocampaign.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

114 107.154.132.27 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

www.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tlg-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s11.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.185.171.17 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.38.201.81 (Oslo, Norway)

ASN16625 (AKAMAI-AS, US)
PTR: a23-38-201-81.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 43.152.26.235 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.226.213 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-226-213.ip.linodeusercontent.com

www.thelotter-affiliates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::43 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.154.213.27 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.213.27.ip.incapdns.net

tl-log.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United States)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.249.97.99 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo-accdn.lpsnmedia.net

accdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.120.154.120 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 120.154.120.34.bc.googleusercontent.com

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 43.132.32.113 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

api.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.178.209.216 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.tl-res.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.33.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

tle-dynamic-images.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de

consent.cookie-script.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.77.118.51 (Slough, United Kingdom)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-118-51.deploy.static.akamaitechnologies.com

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.69.127 (None, )

ASN13335 (CLOUDFLARENET, US)

www.lottery-win.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-93.prg50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-8.prg50.r.cloudfront.net

widget.trustpilot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
134	savethewater.org savethewater.org stg.savethewater.org	6 MB
76	thelotter.com www.thelotter.com s11.thelotter.com s4.thelotter.com	3 MB
38	tlg-api.com www.tlg-api.com	34 KB
13	lpsnmedia.net accdn.lpsnmedia.net — Cisco Umbrella Rank: 3782 lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4020	311 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1034 trc.taboola.com — Cisco Umbrella Rank: 748 trc-events.taboola.com — Cisco Umbrella Rank: 2557	24 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	151 KB
7	liveperson.net lptag.liveperson.net — Cisco Umbrella Rank: 3903 va.v.liveperson.net — Cisco Umbrella Rank: 4263	129 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 w.clarity.ms — Cisco Umbrella Rank: 11709 c.clarity.ms — Cisco Umbrella Rank: 1385	29 KB
7	videocampaign.co 1 redirects videocampaign.co — Cisco Umbrella Rank: 156679	9 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32 region1.google-analytics.com — Cisco Umbrella Rank: 2533	42 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	553 KB
5	mythad.com api.mythad.com — Cisco Umbrella Rank: 31131	3 KB
4	lottery-win.org www.lottery-win.org	7 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3210 tr.outbrain.com — Cisco Umbrella Rank: 3148 wave.outbrain.com — Cisco Umbrella Rank: 3203	10 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 345 c.bing.com — Cisco Umbrella Rank: 231	16 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33 ajax.googleapis.com — Cisco Umbrella Rank: 380	88 KB
3	google.de www.google.de — Cisco Umbrella Rank: 7810	189 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3095 www.google.com — Cisco Umbrella Rank: 2	372 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89	758 B
2	trustpilot.com widget.trustpilot.com — Cisco Umbrella Rank: 5554	7 KB
2	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 45055	477 B
2	tl-log.com tl-log.com	947 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
2	reddit.com pixel-config.reddit.com alb.reddit.com — Cisco Umbrella Rank: 1376	763 B
2	thelotter-affiliates.com www.thelotter-affiliates.com — Cisco Umbrella Rank: 772995	7 KB
2	kwai.net s1.kwai.net — Cisco Umbrella Rank: 41341	78 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1160	13 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	cookie-script.com cdn.cookie-script.com — Cisco Umbrella Rank: 24151 consent.cookie-script.com — Cisco Umbrella Rank: 42358	87 KB
2	surprisedexpert.com 1 redirects surprisedexpert.com	2 KB
2	startfinishthis.com from.startfinishthis.com — Cisco Umbrella Rank: 751748 Failed	1 KB
2	restartyourchoices.com jquery.restartyourchoices.com — Cisco Umbrella Rank: 401052 done.restartyourchoices.com — Cisco Umbrella Rank: 658504	10 KB
2	cdntoswitchspirit.com chest.cdntoswitchspirit.com js.cdntoswitchspirit.com — Cisco Umbrella Rank: 312765	22 KB
1	amazonaws.com tle-dynamic-images.s3.eu-west-1.amazonaws.com	5 KB
1	tl-res.com www.tl-res.com	839 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	64 B
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 52019	425 B
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 33628	5 KB
0	run.app Failed server-side-tagging-jay2rczlwq-uc.a.run.app Failed
373	39

	Domain	Requested by
133	savethewater.org	savethewater.org
74	www.thelotter.com	videocampaign.co www.thelotter.com s11.thelotter.com
38	www.tlg-api.com	www.thelotter.com
7	lpcdn.lpsnmedia.net	lptag.liveperson.net
7	videocampaign.co	1 redirects videocampaign.co
6	trc-events.taboola.com	cdn.taboola.com
6	accdn.lpsnmedia.net	lptag.liveperson.net
6	fonts.gstatic.com	fonts.googleapis.com
6	www.googletagmanager.com	savethewater.org www.googletagmanager.com www.thelotter.com www.google-analytics.com
5	api.mythad.com	s1.kwai.net
5	va.v.liveperson.net	lptag.liveperson.net
4	www.lottery-win.org	s11.thelotter.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.thelotter.com
3	w.clarity.ms	www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.thelotter.com
3	www.google.de	savethewater.org
3	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.gstatic.com	www.thelotter.com
2	widget.trustpilot.com	www.thelotter.com widget.trustpilot.com
2	ajax.googleapis.com	s11.thelotter.com
2	logsdk.kwai-pro.com	s1.kwai.net
2	c.clarity.ms	1 redirects
2	tr.outbrain.com	amplify.outbrain.com
2	lptag.liveperson.net	www.thelotter.com
2	tl-log.com	www.thelotter.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	www.thelotter.com
2	www.thelotter-affiliates.com	www.googletagmanager.com www.thelotter-affiliates.com
2	s1.kwai.net	savethewater.org s1.kwai.net
2	www.redditstatic.com	www.googletagmanager.com www.redditstatic.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	surprisedexpert.com	1 redirects
2	from.startfinishthis.com	done.restartyourchoices.com
2	www.google.com	savethewater.org
2	fonts.googleapis.com	savethewater.org www.thelotter.com
1	s4.thelotter.com	s11.thelotter.com
1	consent.cookie-script.com	cdn.cookie-script.com
1	s11.thelotter.com	www.thelotter.com
1	c.bing.com	1 redirects
1	tle-dynamic-images.s3.eu-west-1.amazonaws.com	www.thelotter.com
1	www.tl-res.com	www.thelotter.com
1	wave.outbrain.com	amplify.outbrain.com
1	trc.taboola.com	cdn.taboola.com
1	alb.reddit.com	www.thelotter.com
1	pixel-config.reddit.com	www.redditstatic.com
1	cdn.taboola.com	www.googletagmanager.com
1	amplify.outbrain.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cdn.cookie-script.com	www.thelotter.com
1	cutt.ly	1 redirects
1	done.restartyourchoices.com	jquery.restartyourchoices.com
1	region1.analytics.google.com	www.googletagmanager.com
1	jquery.restartyourchoices.com	js.cdntoswitchspirit.com
1	js.cdntoswitchspirit.com	chest.cdntoswitchspirit.com
1	stg.savethewater.org	savethewater.org
1	widgets.guidestar.org	savethewater.org
1	chest.cdntoswitchspirit.com	savethewater.org
0	server-side-tagging-jay2rczlwq-uc.a.run.app Failed	www.googletagmanager.com
373	59

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
twitter.com
www.instagram.com
www.rgf.org.mt
www.geotrust.com
www.gamblersanonymous.org.uk
authorisation.mga.org.mt
www.thelotter-affiliates.com

Subject Issuer	Validity	Valid
autodiscover.savethewater.org R3	`2024-04-05` - `2024-07-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdntoswitchspirit.com E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
widgets.guidestar.org E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
stg.savethewater.org R3	`2024-05-18` - `2024-08-16`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
restartyourchoices.com E1	`2024-05-02` - `2024-07-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
startfinishthis.com GTS CA 1P5	`2024-05-02` - `2024-07-31`	3 months	crt.sh
surprisedexpert.com R3	`2024-05-19` - `2024-08-17`	3 months	crt.sh
videocampaign.co R3	`2024-05-11` - `2024-08-09`	3 months	crt.sh
*.thelotter.com GeoTrust TLS RSA CA G1	`2023-11-12` - `2024-12-12`	a year	crt.sh
*.cookie-script.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-11` - `2024-07-25`	10 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-05-01` - `2024-06-27`	2 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-05-23` - `2024-11-18`	6 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
www.thelotter-affiliates.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-22` - `2024-12-12`	a year	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-15` - `2024-07-13`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.tl-log.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-14` - `2025-02-12`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-28` - `2024-11-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2023-10-31` - `2024-10-30`	a year	crt.sh
www.tlg-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-02` - `2024-11-30`	a year	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2024-03-12` - `2025-04-13`	a year	crt.sh
*.tl-res.com Sectigo RSA Domain Validation Secure Server CA	`2023-11-22` - `2024-11-22`	a year	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2024-01-31` - `2025-01-15`	a year	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-10` - `2024-09-10`	a year	crt.sh
lottery-win.org E1	`2024-04-24` - `2024-07-23`	3 months	crt.sh
*.trustpilot.com Amazon RSA 2048 M03	`2024-01-03` - `2025-01-31`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.thelotter.com/?tl_affid=8828
Frame ID: F7A2E65783B6B7389EAA2DF6BFF0CA50
Requests: 361 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.html?loc=https%3A%2F%2Fwww.thelotter.com&site=50625536&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Frame ID: BE45621F6433AC366B4C14DE1E04BFBF
Requests: 1 HTTP requests in this frame

Frame: https://s11.thelotter.com/delivery/tlfrm.tlp?zoneid=103&langref=1&usertype=-1&bestsaleid=6678&isplayedscratchcards=False&countryref=217&player=0&cb=wVWI6h3Y&subsiteid=1&domain=https://www.thelotter.com/
Frame ID: 3C47EBD3C62F9A6C0B92F6FAB837620D
Requests: 12 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4f7162ef000064000513f481
Frame ID: 81B7949C54DCEAAFCA2F23BB1D4E454C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://savethewater.org/ Page URL
https://from.startfinishthis.com/firstway Page URL
https://from.startfinishthis.com/k4Pgws Page URL
https://surprisedexpert.com/bc3UVt0gP.3XpJv/bdmHVRJsZdDs0f1mMPj/Mu4/MwTZUP4YL_TCUfylMBzvgDxXNfTIkF Page URL
https://surprisedexpert.com/c.G-Fpzqcrzs9_kuavXwQx9-MzTAcBxCN_jEUF2GMHj-YJ1KNLzMk_4OMPzQYR0-MTDUkVzWN_iY... HTTP 302
https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1 Page URL
https://videocampaign.co/ContinueV/?vid=ZetteDlR&jid=9269148&cc=&cid=HltpE2a9Nvx_373&pubfeed=6DMFDGM9... Page URL
https://cutt.ly/ZetteDlR HTTP 301
https://videocampaign.co/WebLinks/weblink_test.php?cid=HltpE2a9Nvx_373 HTTP 302
https://www.thelotter.com/?tl_affid=8828 Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

particles.js (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

/particles(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

math.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

math(?:\.min)?\.js

Page Statistics

373
Requests

98 %
HTTPS

33 %
IPv6

39
Domains

59
Subdomains

51
IPs

10
Countries

10881 kB
Transfer

22417 kB
Size

51
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thelotteronline

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCQpwixd8NKN390Dl5Ubfsug

Search URL Search Domain Scan URL

URL: https://twitter.com/thelotter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thelotter_playing_it_global

Search URL Search Domain Scan URL

URL: https://www.rgf.org.mt/

Search URL Search Domain Scan URL

URL: https://www.geotrust.com/

Search URL Search Domain Scan URL

URL: https://www.gamblersanonymous.org.uk/

Search URL Search Domain Scan URL

URL: https://authorisation.mga.org.mt/verification.aspx?lang=EN&company=653d15b5-4a2e-461c-8928-13cf3a03b2e5&details=1

Search URL Search Domain Scan URL

URL: https://www.thelotter-affiliates.com/affiliates/signup.php
Title: theLotter Affiliates

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://savethewater.org/ Page URL
https://from.startfinishthis.com/firstway Page URL
https://from.startfinishthis.com/k4Pgws Page URL
https://surprisedexpert.com/bc3UVt0gP.3XpJv/bdmHVRJsZdDs0f1mMPj/Mu4/MwTZUP4YL_TCUfylMBzvgDxXNfTIkF Page URL
https://surprisedexpert.com/c.G-Fpzqcrzs9_kuavXwQx9-MzTAcBxCN_jEUF2GMHj-YJ1KNLzMk_4OMPzQYR0-MTDUkVzWN_iYZZkadbG-tduePfVgV_qiOjWk5lZ-RnHoRp3qO_XsBtzuZvz-NxvyQzUAx_pCZD1EBFv-VHFIQJ4KV_mMtNmOQPz-ZR2SWTFUh_aWJXnYBZ0-bbjc1dDeZ_0gphFiUjl-JlJmSnlol_uqSrnsZtZ-Vv1wJxpyW_VAcB1CaD0-tFpGQHmIp_PKVLEMpNp-WPVQdRGSb_EU5V6WRXX-pZNaVbGch_reWfXgphn-ejFkplHmV_ToFpNqVr0-UtyuTvmwp_Oyaz1ApBq-SDmE1FPGR_0IkJwKWLm-pNEOaPTQF_jSST3UlVC-aXmYlZfac_2cddGeQfW-ph0idjVk9_Bman2odpI-JrnsJtyuZ_XwFxoyPzW-FBkCYDzER_hGNHDIUJ0-MLmMJNmOM_jQIRxSMTm-UV1WYXjYE_0aYbTccd2-Mf2gEh0iZ_DkJlkmYnW-JpiqJrnsJ_yuavWwQx9-MzDAVBkCO_DEYFyGZHT-dJmKYLTMI_zONP2QUR1-NTzUZVhWN_GYJZkaYbz-ddleMfDgI_yiOjDkJlk-NnWoEpmqc_nsNtyuYvz-1xvydzXAQ_mCeDmE9Fu-ZHWIlJkKP_TMUNyOMPz-gRxSNTTUg_ HTTP 302
https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1 Page URL
https://videocampaign.co/ContinueV/?vid=ZetteDlR&jid=9269148&cc=&cid=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&rtp=2&ilsv=0 Page URL
https://cutt.ly/ZetteDlR HTTP 301
https://videocampaign.co/WebLinks/weblink_test.php?cid=HltpE2a9Nvx_373 HTTP 302
https://www.thelotter.com/?tl_affid=8828 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 163

https://surprisedexpert.com/c.G-Fpzqcrzs9_kuavXwQx9-MzTAcBxCN_jEUF2GMHj-YJ1KNLzMk_4OMPzQYR0-MTDUkVzWN_iYZZkadbG-tduePfVgV_qiOjWk5lZ-RnHoRp3qO_XsBtzuZvz-NxvyQzUAx_pCZD1EBFv-VHFIQJ4KV_mMtNmOQPz-ZR2SWTFUh_aWJXnYBZ0-bbjc1dDeZ_0gphFiUjl-JlJmSnlol_uqSrnsZtZ-Vv1wJxpyW_VAcB1CaD0-tFpGQHmIp_PKVLEMpNp-WPVQdRGSb_EU5V6WRXX-pZNaVbGch_reWfXgphn-ejFkplHmV_ToFpNqVr0-UtyuTvmwp_Oyaz1ApBq-SDmE1FPGR_0IkJwKWLm-pNEOaPTQF_jSST3UlVC-aXmYlZfac_2cddGeQfW-ph0idjVk9_Bman2odpI-JrnsJtyuZ_XwFxoyPzW-FBkCYDzER_hGNHDIUJ0-MLmMJNmOM_jQIRxSMTm-UV1WYXjYE_0aYbTccd2-Mf2gEh0iZ_DkJlkmYnW-JpiqJrnsJ_yuavWwQx9-MzDAVBkCO_DEYFyGZHT-dJmKYLTMI_zONP2QUR1-NTzUZVhWN_GYJZkaYbz-ddleMfDgI_yiOjDkJlk-NnWoEpmqc_nsNtyuYvz-1xvydzXAQ_mCeDmE9Fu-ZHWIlJkKP_TMUNyOMPz-gRxSNTTUg_ HTTP 302
https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1

Request Chain 297

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&RedC=c.clarity.ms&MXFR=1C1011D80975646E3CCE05510D756A7C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&MUID=103ED748637F62030B6CC3C1627F63C3

373 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
savethewater.org/ 330 KB
81 KB 2401ms
2023ms Document
text/html 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: a7f89d615833c22820d017934816dc4e6e37e4efd6529687bea0afdf6aa80dc9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 May 2024 14:57:35 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
server: nginx/1.21.6
vary: Accept-Encoding
x-proxy-cache: EXPIRED
x-server-cache: true

GET
H2 200 formidableforms.css
savethewater.org/wp-content/plugins/formidable/css/ 51 KB
13 KB 355ms
345ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/formidable/css/formidableforms.css?ver=2282215
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 560a23e0f46fe8207aab8aaecb7054c1865eb42e0b07b05af9fb18bd0e2d52b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:15:27 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12760

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 912ms
902ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.4
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Sat, 25 Feb 2023 17:47:26 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1054

GET
H2 200 trx_addons_icons.css
savethewater.org/wp-content/plugins/trx_addons/css/font-icons/css/ 20 KB
4 KB 353ms
343ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 35353c001f65a2a15d3547825cc80bb1ba58e5f84a18e2aa2e21e597e4ae98d3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3908

GET
H2 200 swiper.min.css
savethewater.org/wp-content/plugins/trx_addons/js/swiper/ 19 KB
4 KB 208ms
198ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/swiper/swiper.min.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a0a799fa96b605d3919d8a5c3571e2710eda8752fb42155f034a12ec137cf96b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4080

GET
H2 200 magnific-popup.min.css
savethewater.org/wp-content/plugins/trx_addons/js/magnific/ 5 KB
2 KB 208ms
199ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/magnific/magnific-popup.min.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 5bf51d12e86de98c7f594516b6b5c9613da60f64c863a803c3e870fa871f3e7f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1819

GET
H2 200 __styles.css
savethewater.org/wp-content/plugins/trx_addons/css/ 288 KB
60 KB 353ms
344ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/css/__styles.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 33d0c4e7fc48bef2a780e4885afc007eb1c3c727624bd0ce03a4b3947616fc9b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 trx_addons.animation.css
savethewater.org/wp-content/plugins/trx_addons/css/ 85 KB
10 KB 352ms
343ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/css/trx_addons.animation.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: fbc4f46736a91048cd47d27769181edd1c27c046516bdea6e82bedf379591f97

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9954

GET
H2 200 give.css
savethewater.org/wp-content/plugins/give/assets/dist/css/ 74 KB
20 KB 353ms
344ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/give/assets/dist/css/give.css?ver=3.4.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 50338bee5cd172d881b12eee82890858feaa42dec7a25654ca813be2691ad973

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:42 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 give-donation-summary.css
savethewater.org/wp-content/plugins/give/assets/dist/css/ 2 KB
623 B 354ms
344ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/give/assets/dist/css/give-donation-summary.css?ver=3.4.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:42 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 590

GET
H2 200 elementor-icons.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 353ms
344ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.14.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ea8148c79052a55ec1596b4598795a4fa3bc979b9ecab3b0f6beb130e9b1d9e5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3961

GET
H2 200 frontend-legacy.min.css
savethewater.org/wp-content/plugins/elementor/assets/css/ 13 KB
2 KB 532ms
523ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: db78fe169706a9553790792cd6cf32dc41ca8bca111cb3eb812604229a32e3fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1608

GET
H2 200 frontend.min.css
savethewater.org/wp-content/plugins/elementor/assets/css/ 134 KB
26 KB 535ms
526ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 3d8a48c4b9fbc84204bf0ea47818ab0fac740da888078225473d0748bcfe80f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 style.css
savethewater.org/wp-content/plugins/thepack/theme/includes/css/ 334 B
232 B 535ms
526ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/theme/includes/css/style.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: e7ac6a47b4ee22740c7333cf658752428d7303298d31cc5e3d07fa10c638902a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 200

GET
H2 200 header.css
savethewater.org/wp-content/plugins/thepack/theme/includes/css/ 6 KB
2 KB 903ms
894ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/theme/includes/css/header.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 119893800351f3f116511c0728589b562512e0852a9ce98ff0203d61c76be8ea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1544

GET
H2 200 frontend.min.css
savethewater.org/wp-content/plugins/elementor-pro/assets/css/ 431 KB
67 KB 909ms
900ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.6.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 7d9ca80e6e352bce8414a43379b23a0e0e112e9db525852faa67ff52c5f190b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:53:03 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 shortcode.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/ 33 KB
9 KB 904ms
896ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/shortcode.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 94864f5e8a2513ac907962308c6ccea12e450fec27b12ce423f88346ef20070b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9009

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/line-awesome/ 32 KB
6 KB 532ms
524ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/line-awesome/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: fbfb058ef8c94003d93db5ee769f9484215bff1795aed2ac372a3863da4df6c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6091

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/themify-icons/ 16 KB
3 KB 533ms
525ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/themify-icons/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 68fdc6c0d9ce0fbf5aa2914d113592b26b8bf5010f2066cb7e08b5a2fccd10f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2934

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/et-line-font/ 7 KB
2 KB 911ms
903ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/et-line-font/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1874

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_arrows/ 9 KB
1 KB 904ms
897ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_arrows/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 3b8136a4359c93f59bea2d6947e181702c4e90fb1ad40cef47a9cda03c44c429

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1251

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_basic/ 8 KB
1 KB 909ms
901ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_basic/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1d3cdd8faf514d1858be0948a54570adb46507153f5e827fbb1de36ba7c9f0a6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1347

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_ecommerce/ 5 KB
902 B 909ms
902ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_ecommerce/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1eb1c959e78c9b5b0de324e520ac01627a182c515c1be26563aadef108b9e2e6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 869

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_basic_elaboration/ 11 KB
1 KB 902ms
895ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_basic_elaboration/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1b39e84de963a7d68eb99d54430476da91eb794c9b5efed83e6941c378c11ed4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1460

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_music/ 2 KB
611 B 906ms
899ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/linea_music/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 970e84fcd711c2947b53cd355112e0cd02e4d47c396805a710bb67c020eb6df1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 578

GET
H2 200 styles.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/LineIcons/ 14 KB
3 KB 900ms
893ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/LineIcons/styles.css?ver=1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 8797bcd53c85f5f6ddc8342a6d1a68724b3f753e73bd9c4c31df62f6463a2c4c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2617

GET
H2 200 bootstrap.css
savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/ 118 KB
27 KB 910ms
903ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/css/bootstrap.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 all.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 58 KB
13 KB 906ms
900ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12862

GET
H2 200 v4-shims.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 26 KB
4 KB 909ms
903ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4436

GET
H2 200 jegicon.css
savethewater.org/wp-content/plugins/epic-news-element/assets/fonts/jegicon/ 3 KB
705 B 908ms
902ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/epic-news-element/assets/fonts/jegicon/jegicon.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a962a6c4782543b33aa3ad3ed2cf0259015889ccf0e2e5355f7969923a1e5516

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 17:56:31 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 649

GET
H2 200 font-awesome.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 906ms
900ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7112

GET
H2 200 style.min.css
savethewater.org/wp-content/plugins/epic-news-element/assets/css/ 258 KB
56 KB 908ms
902ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/epic-news-element/assets/css/style.min.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b0916eb06dd74d66c60f853302d3c333e9d43095a799a0c98e62183be5327495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 17:56:31 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 popupaoc-public.css
savethewater.org/wp-content/plugins/popup-anything-on-click/assets/css/ 53 KB
8 KB 902ms
897ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/popup-anything-on-click/assets/css/popupaoc-public.css?ver=2.8
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 5782da243859ff823754e78456478ad732b8d874171fc9ec6099c87607e10b1b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:15:00 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8494

GET
H2 200 dynamic.css
savethewater.org/wp-content/plugins/thepack/css/ 3 KB
843 B 906ms
900ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/css/dynamic.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ca470e559ff97fd8fad0e4c5dbbe047dcf605c762902dfa0b8a540a20c808d55

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 811

GET
H2 200 front.css
savethewater.org/wp-content/plugins/wp-gdpr-compliance/Assets/css/ 26 KB
7 KB 901ms
896ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/wp-gdpr-compliance/Assets/css/front.css?ver=1707317148
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 14:45:48 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7611

GET
H2 200 gdpr-main.css
savethewater.org/wp-content/plugins/gdpr-cookie-compliance/dist/styles/ 85 KB
15 KB 903ms
898ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main.css?ver=4.13.1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:34 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 14959

GET
H2 200 fontello.css
savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/css/ 26 KB
5 KB 906ms
901ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/css/fontello.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 4ce09345cdd5ea8177196ff261decad020b24c73b40c8ab1de2cd1a77e3de073

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:57:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5344

GET
H2 200 style.css
savethewater.org/wp-content/themes/impacto-patronus/ 165 KB
41 KB 908ms
903ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/style.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 16d8661b827694c51ce51a112648ec02c99eb7d306b8469159002ded287ed74e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 18 Mar 2020 21:03:16 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 mediaelementplayer-legacy.min.css
savethewater.org/wp-includes/js/mediaelement/ 11 KB
3 KB 899ms
894ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 18:34:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3239

GET
H2 200 wp-mediaelement.min.css
savethewater.org/wp-includes/js/mediaelement/ 4 KB
1 KB 903ms
898ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 18:34:57 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1298

GET
H2 200 __plugins.css
savethewater.org/wp-content/themes/impacto-patronus/css/ 105 KB
22 KB 903ms
899ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/__plugins.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a565f89f7cd22ff25e269b7fb9d20123ba937d18a384c8597659f87febee7279

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 skin.css
savethewater.org/wp-content/themes/impacto-patronus/skins/healthcare/ 2 KB
959 B 900ms
895ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/skins/healthcare/skin.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 5acfa3f00e87c2b46db32adec3e1ae142a806e28bbd77f863fef726bea829206

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:57:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 903

GET
H2 200 __custom.css
savethewater.org/wp-content/themes/impacto-patronus/css/ 19 KB
5 KB 903ms
899ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/__custom.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 3cca6649bb0d5da6fdc41c1ae4c75bd5cb9f5dba670f2c65e48e910db30fe163

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4632

GET
H2 200 __colors-default.css
savethewater.org/wp-content/themes/impacto-patronus/css/ 289 KB
34 KB 900ms
896ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/__colors-default.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: cb3245b20c27970e0651134a1410747369a6587cd74ac73bd851c20c29ebaccb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 __colors-dark.css
savethewater.org/wp-content/themes/impacto-patronus/css/ 280 KB
34 KB 898ms
894ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/__colors-dark.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 2e20f52cdfdd8331a1d5cdc233bd840db9209cabbba8426e0be93a7733de4a06

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 __responsive.css
savethewater.org/wp-content/plugins/trx_addons/css/ 47 KB
9 KB 906ms
902ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/css/__responsive.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 0f8bac2c05034c63e54f839f459f8c9e2febabd4cac2a009bd8eb7510a063a53

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9215

GET
H2 200 __responsive.css
savethewater.org/wp-content/themes/impacto-patronus/css/ 193 KB
33 KB 904ms
901ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/__responsive.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: f2989ed5987442927a50d88dbd36ed5ce14175f24a8dee38ea5cbbed4f3ce4cb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:46 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 skin-responsive.css
savethewater.org/wp-content/themes/impacto-patronus/skins/healthcare/ 9 KB
2 KB 901ms
897ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/skins/healthcare/skin-responsive.css
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 59f43e7d59359fc41b2e6db0990525a46b9d97bfa37b9dfa3f1e6948ac89c01f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:57:04 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2474

GET
H2 200 css
fonts.googleapis.com/ 54 KB
2 KB 44ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.3

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d10af3d92140eb6534a91c7c3129ec01afd917757065b020e20bd01cc422256

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 May 2024 14:57:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 May 2024 14:57:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 May 2024 14:57:35 GMT

GET
H2 200 v4-shims.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/js/ 15 KB
4 KB 901ms
898ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/js/v4-shims.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4359

GET
H3 200 connections.js Show response
chest.cdntoswitchspirit.com/scripts/ 13 KB
6 KB 94ms
64ms Script
application/javascript 172.67.209.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chest.cdntoswitchspirit.com/scripts/connections.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8927b5e3c614b5d0a4f32b781b7916c0a4335f304a2d9f7d1e210317ee034650

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 08:44:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 799925
etag: W/"664475db-356d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fXm9CiF3tfuwaIVKghVTqq1nn53mH0aunOPsh16Fca7zM%2BRbjW9abB1ngr931AwjIZq44N%2BPdXxDFMpO5dYrcOK%2FvKXat2zcbPWfnxOtV3oPEK%2FRa0GbAFTzcnKVC7uzgazhXc95xikM9dEpUhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 888e239dcbcf5d45-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 32e73ee3-4483-490e-8975-9a07d963fce4
https://savethewater.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://savethewater.org/32e73ee3-4483-490e-8975-9a07d963fce4
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length: 1185
Content-Type: text/javascript

GET
H2 200 animations.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/animations/ 18 KB
3 KB 730ms
729ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2997

GET
H2 200 fontawesome.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
12 KB 732ms
732ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12577

GET
H2 200 solid.min.css
savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
365 B 731ms
731ms Stylesheet
text/css 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:10 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 309

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
71 KB 59ms
32ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-163901325-1

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3a2562af673ebe1d5f71f0bd163d9bff3d6bf2cf140fbc54a963537cc618c35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71849
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 14:57:36 GMT

GET
H2 200 stw-site-logo.png
savethewater.org/wp-content/uploads/2019/09/ 25 KB
25 KB 728ms
728ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/09/stw-site-logo.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c2cc9b51d62e6c08aae4d92f1ab2094b7dc309dc7b8a8808376b38609eeeb472

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
last-modified: Thu, 19 Sep 2019 01:09:06 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 25193
content-type: image/png

GET
H2 200 Full-logo-darker-backgrounds.png
savethewater.org/wp-content/uploads/2019/04/ 873 KB
873 KB 361ms
361ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/04/Full-logo-darker-backgrounds.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a492b7f186449ac64a0d813cabb107778da70012272ac61661ea1fd69750a025

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
last-modified: Sun, 14 Aug 2022 06:07:54 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 893458
content-type: image/png

GET
H2 200 blob-shape-1.png
savethewater.org/wp-content/uploads/2019/10/ 429 KB
429 KB 219ms
218ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/10/blob-shape-1.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: cde46f6928a506296578df2b0775c21e2063c9712931d417be98a1006fb6d916

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
last-modified: Mon, 07 Oct 2019 22:15:36 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 438977
content-type: image/png

GET
H2 200 blob-shape-2.png
savethewater.org/wp-content/uploads/2019/10/ 531 KB
531 KB 195ms
194ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/10/blob-shape-2.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 40686ecb48a011a85dfaeb9e37b7f7b5dc0a951ad6029f65ab3361d1cc3dd93a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
last-modified: Mon, 07 Oct 2019 22:35:18 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 543479
content-type: image/png

GET
H2 200 Group-30.png
savethewater.org/wp-content/uploads/2019/10/ 97 KB
97 KB 321ms
314ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/10/Group-30.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c018d737e7c96dc0915e1fa8849dfc5ef748a70537a4bec905b449b86014e135

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Mon, 07 Oct 2019 22:50:57 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 99582
content-type: image/png

GET
H2 200 Group-29.png
savethewater.org/wp-content/uploads/2019/10/ 112 KB
113 KB 320ms
314ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/10/Group-29.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b3e2d4c6450428f8a8291cc52ddd60e13ac5609bbabe6a64663fd001edb5145a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Mon, 07 Oct 2019 22:57:15 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 115110
content-type: image/png

GET
H2 200 Marina-Bay-resort-logo-ft-lauderdale-1.png
savethewater.org/wp-content/uploads/2023/09/ 80 KB
80 KB 744ms
737ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/09/Marina-Bay-resort-logo-ft-lauderdale-1.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 00c988d020f7232cf75d07fd2f246a4baf0cb13e0de3ac29dc4aeebc636afbf3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sat, 09 Sep 2023 11:32:31 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 81599
content-type: image/png

GET
H2 200 Stream2Sea-logo2.webp
savethewater.org/wp-content/uploads/2023/08/ 23 KB
24 KB 756ms
750ms Image
image/webp 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/08/Stream2Sea-logo2.webp
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: nginx/1.21.6 /
Resource Hash: 3ac00ea3548a42b84e0db60f197c7a19827b2d072ac714837175170f02f80493

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sun, 20 Aug 2023 09:30:23 GMT
server: nginx/1.21.6
x-server-cache: true
content-type: image/webp
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
content-length: 24010
x-proxy-cache: HIT

GET
H2 200 University-Of-Miami_Club-Logo_Blue-1.jpg
savethewater.org/wp-content/uploads/2023/09/ 151 KB
151 KB 749ms
743ms Image
image/jpeg 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/09/University-Of-Miami_Club-Logo_Blue-1.jpg
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 61080845c7a857823b6022315e93b159469a66073fdbfe760766ab326a9f0a17

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sat, 09 Sep 2023 11:32:55 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 154666
content-type: image/jpeg

GET
H2 200 Water-Billboards-logo-from-FB-1.jpg
savethewater.org/wp-content/uploads/2023/08/ 19 KB
19 KB 705ms
700ms Image
image/jpeg 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/08/Water-Billboards-logo-from-FB-1.jpg
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 6c03692b1b8ad73400cbd323f01ec7f69bae42c6903629294d06c1bdc4a2d46d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Wed, 09 Aug 2023 20:03:18 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 19469
content-type: image/jpeg

GET
H2 200 brewery-running-series-w-white-1024x1024.png
savethewater.org/wp-content/uploads/2023/12/ 73 KB
73 KB 745ms
740ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/12/brewery-running-series-w-white-1024x1024.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 64cd4ef312af58d2951aab35c2544ed61708b7700c1f042f35cf543521ecab4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Tue, 12 Dec 2023 21:43:59 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 75031
content-type: image/png

GET
H2 200 kendra-scott-logo.png
savethewater.org/wp-content/uploads/2023/12/ 164 KB
164 KB 319ms
314ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/12/kendra-scott-logo.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a8334e63df6b06bc1605d8b4d333bba1ae7719a99f2490f7b85bbdb472d8b1a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Tue, 12 Dec 2023 21:44:33 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 168124
content-type: image/png

GET
H2 200 give-miami-day.png
savethewater.org/wp-content/uploads/2023/12/ 162 KB
162 KB 747ms
742ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/12/give-miami-day.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: a0be1a00b7e9fd66c5dbbc02002df856a5954a3963e62c6099bcba76cace0af9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Tue, 12 Dec 2023 21:44:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 165405
content-type: image/png

GET
H2 200 mcgriff-1024x675.png
savethewater.org/wp-content/uploads/2023/12/ 226 KB
226 KB 705ms
700ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/12/mcgriff-1024x675.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 4dea7aa01fc2be1f1152d7b00d8700c6cd8f357a35954915cce3098d38770b5f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Tue, 12 Dec 2023 21:44:41 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 231576
content-type: image/png

GET
H2 200 logo-1024x358.jpg
savethewater.org/wp-content/uploads/2024/02/ 39 KB
39 KB 744ms
739ms Image
image/jpeg 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2024/02/logo-1024x358.jpg
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: d177c69a8dd4f9da92f37a00308f8d1f842cb33461b3437be5a9d224ecd9e2c9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Wed, 28 Feb 2024 22:21:10 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 39753
content-type: image/jpeg

GET
H2 200 image-1-half.png
savethewater.org/wp-content/uploads/2023/03/ 403 KB
403 KB 705ms
700ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/03/image-1-half.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c0822229593d0a1c56a7e09906d1eefbeaa41c0f06885e991d58912d35a64c98

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Fri, 24 Mar 2023 19:14:05 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 412898
content-type: image/png

GET
H2 200 image-2-half.png
savethewater.org/wp-content/uploads/2023/03/ 399 KB
400 KB 779ms
774ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/03/image-2-half.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Fri, 24 Mar 2023 19:14:12 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 409007
content-type: image/png

GET
H2 200 image-3-half.png
savethewater.org/wp-content/uploads/2023/03/ 471 KB
472 KB 768ms
764ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/03/image-3-half.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 72a37e2dae4779c02dbcbb6b05ab73b2238eaf9a0d809df438d715e0f8d8cbe0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Fri, 24 Mar 2023 19:14:21 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 482672
content-type: image/png

GET
H2 200 SFAS_Logo_Enhanced_041410-2-1-150x150.jpg
savethewater.org/wp-content/uploads/2023/08/ 8 KB
8 KB 769ms
764ms Image
image/jpeg 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/08/SFAS_Logo_Enhanced_041410-2-1-150x150.jpg
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: dd90d9fea46bacff0af0aeee87db6a3add134bcc8e4fe2ccccf40d7c51411c13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Wed, 09 Aug 2023 20:03:17 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8628
content-type: image/jpeg

GET
H2 200 RMG_Logo-with-white-bg1-e1694365853315-150x150.png
savethewater.org/wp-content/uploads/2023/08/ 16 KB
16 KB 774ms
770ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2023/08/RMG_Logo-with-white-bg1-e1694365853315-150x150.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b6bad3c451907e64d0955f41ba2847c8ddbf5d29bd8663adb41d7d3f1ebda380

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sun, 10 Sep 2023 17:10:53 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16343
content-type: image/png

GET
H2 200 STW-logo-for-dark-background-e1662827465208-put2zcdro13kb2jnmo79bbrupgc2cg1c0k8b7kq83o.png
savethewater.org/wp-content/uploads/elementor/thumbs/ 17 KB
17 KB 778ms
774ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/elementor/thumbs/STW-logo-for-dark-background-e1662827465208-put2zcdro13kb2jnmo79bbrupgc2cg1c0k8b7kq83o.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 426db0f29c3e53d395d2557de6b01fbefe8b5011eaa7be61067fb7cf95b8457e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Thu, 15 Sep 2022 16:35:51 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16996
content-type: image/png

GET
H2 200 Facebook.png
savethewater.org/wp-content/uploads/2022/09/ 863 B
894 B 774ms
770ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2022/09/Facebook.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: de93f7fe467137d34cdb1249aeb3fab0fbbc26f513a4add281f3427658c9ceda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Thu, 15 Sep 2022 16:35:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 863
content-type: image/png

GET
H2 200 Instagram.png
savethewater.org/wp-content/uploads/2022/09/ 1 KB
1 KB 774ms
770ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2022/09/Instagram.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 52e47d3fdd4c0fd26eb733f0424b9c100dd184adb5a6afd680e49685c33d1eec

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Thu, 15 Sep 2022 16:35:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1128
content-type: image/png

GET
H2 200 Twitter.png
savethewater.org/wp-content/uploads/2022/09/ 992 B
1023 B 777ms
774ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2022/09/Twitter.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 7d1f9130ec5b75f9c9282cdacb5e8d27e1cc48be4466dfcab8a14909124b8e08

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Thu, 15 Sep 2022 16:35:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 992
content-type: image/png

GET
H2 200 LinkedIn.png
savethewater.org/wp-content/uploads/2022/09/ 907 B
938 B 777ms
773ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2022/09/LinkedIn.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 5ada93afce1fcb325e07004490bc33b3022113d644bbd542447a884796efde00

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Thu, 15 Sep 2022 16:35:23 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 907
content-type: image/png

GET
H2 200 2023-top-rated-badge.png
savethewater.org/wp-content/uploads/2019/03/ 139 KB
139 KB 774ms
770ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2019/03/2023-top-rated-badge.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: be362373acdeffc5d8f1320d89b35ad1fcfb84ac7b928312a1bc2548cd416323

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sun, 03 Dec 2023 13:19:38 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 142226
content-type: image/png

GET
H2 200 9216091
widgets.guidestar.org/TransparencySeal/ 13 KB
5 KB 457ms
413ms Image
image/svg+xml 104.22.54.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/9216091
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.54.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 888e239dd95592a5-FRA
expires: -1

GET
H2 200 jquery.min.js Show response
savethewater.org/wp-includes/js/jquery/ 86 KB
37 KB 211ms
196ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 jquery-migrate.min.js Show response
savethewater.org/wp-includes/js/jquery/ 13 KB
5 KB 203ms
188ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5422

GET
H2 200 tbbootstrap.js Show response
savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/ 36 KB
14 KB 210ms
195ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/tbbootstrap.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 14394

GET
H2 200 lazysizes.min.js Show response
savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/ 8 KB
4 KB 203ms
188ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/lazysizes.min.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1cd40dc0bd78ee7dfb22ce1c779ed0fa3b9420fe6769536366104b18d2b11714

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3977

GET
H2 200 jquery.scrollbar.min.js Show response
savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/ 13 KB
5 KB 229ms
215ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/jquery.scrollbar.min.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5152

GET
H2 200 kc-engine.js Show response
savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/ 6 KB
2 KB 210ms
195ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/kc-engine.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: edf5b379fdacf6f9f80e701495a8b2a9596091b3c1163bac29f1f2ff4bcfd480

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1702

GET
H2 200 particles.min.js Show response
savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/ 23 KB
7 KB 213ms
199ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/ashelement/assets/js/particles.min.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: e143ea82cbb391479838962ed3a39a9f2319679ddf33e689217d26b0e206d724

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7624

GET
H2 200 index.js Show response
savethewater.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 221ms
207ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.4
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Sat, 25 Feb 2023 17:47:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3290

GET
H2 200 index.js Show response
savethewater.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 218ms
204ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.4
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Sat, 25 Feb 2023 17:47:26 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5335

GET
H2 200 popupaoc-public.js Show response
savethewater.org/wp-content/plugins/popup-anything-on-click/assets/js/ 8 KB
3 KB 226ms
212ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/popup-anything-on-click/assets/js/popupaoc-public.js?ver=2.8
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ab68ac9e5c513d8c8dac3d7e18d9e01f9fb029edf76da2d083152ab187b0122e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:59 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2917

GET
H2 200 swiper.min.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/swiper/ 122 KB
42 KB 308ms
294ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/swiper/swiper.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 modernizr.custom.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/elastistack/ 8 KB
4 KB 327ms
313ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/elastistack/modernizr.custom.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 03e9d480a33417d50f67058112e62d1e511540e01a65e94f14c601bb0a4603b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3986

GET
H2 200 draggabilly.pkgd.min.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/elastistack/ 14 KB
5 KB 303ms
289ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/elastistack/draggabilly.pkgd.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 4f8fa41992b10a3dac5eb3d98494c264015dde298b1d463a0eb3c7629819ebcd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5281

GET
H2 200 elastistack.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/elastistack/ 11 KB
3 KB 300ms
286ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/elastistack/elastistack.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 779ece5a9eae5f019af36fb193f9159b4f64783795603e972669f9a10bc7e7f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3387

GET
H2 200 jquery.magnific-popup.min.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/magnific/ 20 KB
9 KB 759ms
746ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/magnific/jquery.magnific-popup.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9204

GET
H2 200 __scripts.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/ 197 KB
63 KB 763ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/__scripts.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 244172f71d8a28cb81e185702d24ba2bfe59534a3e36a850982c63a55f85d82f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:45 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 wp-polyfill-inert.min.js Show response
savethewater.org/wp-includes/js/dist/vendor/ 8 KB
3 KB 758ms
744ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2977

GET
H2 200 regenerator-runtime.min.js Show response
savethewater.org/wp-includes/js/dist/vendor/ 6 KB
3 KB 713ms
700ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2746

GET
H2 200 wp-polyfill.min.js Show response
savethewater.org/wp-includes/js/dist/vendor/ 38 KB
16 KB 326ms
313ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16635

GET
H2 200 hooks.min.js Show response
savethewater.org/wp-includes/js/dist/ 4 KB
2 KB 307ms
294ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/dist/hooks.min.js?ver=2810c76e705dd1a53b18
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1589

GET
H2 200 i18n.min.js Show response
savethewater.org/wp-includes/js/dist/ 9 KB
4 KB 301ms
288ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/dist/i18n.min.js?ver=5e580eb46a90c2b997e6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3937

GET
H2 200 give.js Show response
savethewater.org/wp-content/plugins/give/assets/dist/js/ 158 KB
65 KB 712ms
699ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/give/assets/dist/js/give.js?ver=1f58f4922fc61e82
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 9e8a959349cf5dcdb4022588dcd90c13f771de2a1289edc0d7cd5b132bcd279a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:42 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 give-donation-summary.js Show response
savethewater.org/wp-content/plugins/give/assets/dist/js/ 5 KB
2 KB 306ms
294ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/give/assets/dist/js/give-donation-summary.js?ver=3.4.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: f02ef2616c0d8103ca4eb35615ff6cf01b16f7611723f7a515401ab4c70bf31f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:42 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1876

GET
H2 200 superfish.min.js Show response
savethewater.org/wp-content/plugins/trx_addons/components/cpt/layouts/shortcodes/menu/ 4 KB
2 KB 761ms
749ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/components/cpt/layouts/shortcodes/menu/superfish.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2019

GET
H2 200 ajaxBlog.js Show response
savethewater.org/wp-content/themes/impacto-patronus/js/ 694 B
413 B 306ms
294ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/js/ajaxBlog.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b879922bc60882e4343f9a483e9e1330fba11bdeef5b40852e52c9621233ed16

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 11:46:33 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 357

GET
H2 200 jquery.unveil.min.js Show response
savethewater.org/wp-content/plugins/crazy-lazy/js/ 727 B
509 B 760ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/crazy-lazy/js/jquery.unveil.min.js?ver=1.0.4
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: d5d6151717d6e1632ccc51a9891a3bb71a7e816bb756840a0e8e844cbe11fba3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 20:34:00 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 453

GET
H2 200 imagesloaded.min.js Show response
savethewater.org/wp-includes/js/ 5 KB
2 KB 759ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2112

GET
H2 200 masonry.min.js Show response
savethewater.org/wp-includes/js/ 24 KB
9 KB 760ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 26 Mar 2021 18:34:57 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 9216

GET
H2 200 tb-theme.js Show response
savethewater.org/wp-content/plugins/thepack/theme/includes/js/ 14 KB
4 KB 760ms
749ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/thepack/theme/includes/js/tb-theme.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 6a3b7ff6ba5eda92d115c778684ee63d074e78924151a8177c0e12a551d4d505

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 15:34:36 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3897

GET
H2 200 mediaelement-and-player.min.js Show response
savethewater.org/wp-includes/js/mediaelement/ 154 KB
56 KB 761ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 mediaelement-migrate.min.js Show response
savethewater.org/wp-includes/js/mediaelement/ 1 KB
596 B 756ms
745ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Mon, 15 Aug 2022 13:38:40 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 540

GET
H2 200 wp-mediaelement.min.js Show response
savethewater.org/wp-includes/js/mediaelement/ 1 KB
575 B 758ms
747ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.5.3
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 542

GET
H2 200 script.min.js Show response
savethewater.org/wp-content/plugins/epic-news-element/assets/js/ 143 KB
52 KB 761ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/epic-news-element/assets/js/script.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 488d762c7abb67afc90a78fa02d2f06c26e3fd78fb2ca7893e60818ba43bb8a9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 17:56:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 front.min.js Show response
savethewater.org/wp-content/plugins/wp-gdpr-compliance/Assets/js/ 58 KB
23 KB 755ms
745ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/wp-gdpr-compliance/Assets/js/front.min.js?ver=1707317148
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 07 Feb 2024 14:45:48 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 main.js Show response
savethewater.org/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/ 60 KB
20 KB 757ms
747ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.13.1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 22:14:34 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 __scripts.js Show response
savethewater.org/wp-content/themes/impacto-patronus/js/ 107 KB
33 KB 760ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/js/__scripts.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: e401e14ff96d7556204d0609baa75897fa95a8352c29948b3e84dae76d3c0004

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 28 Feb 2024 20:43:46 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 jquery-numerator.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/jquery-numerator/ 2 KB
769 B 760ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/jquery-numerator/jquery-numerator.min.js?ver=0.2.1
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 736

GET
H2 200 webpack-pro.runtime.min.js Show response
savethewater.org/wp-content/plugins/elementor-pro/assets/js/ 5 KB
2 KB 755ms
746ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.6.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 839999408a482768bb43c799a9aaf75e845ae6e354fe37fd494f1bc82f3f7a2b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:53:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2408

GET
H2 200 webpack.runtime.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/js/ 5 KB
2 KB 758ms
749ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 75479495809d50623a1761b699f6b83b18e42b656e7adc111b69fadfd893ea40

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2286

GET
H2 200 frontend-modules.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/js/ 14 KB
6 KB 773ms
763ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: c021a94db9b98ef2269716a2e77aff78d691ef4d4d92911f566528fa2e3dd447

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5629

GET
H2 200 frontend.min.js Show response
savethewater.org/wp-content/plugins/elementor-pro/assets/js/ 20 KB
7 KB 756ms
746ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.6.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 6c6af31f429c4ab83965684308585a95fdc505aa92afb4828546a405433fa673

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:53:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7230

GET
H2 200 waypoints.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
4 KB 755ms
746ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3747

GET
H2 200 core.min.js Show response
savethewater.org/wp-includes/js/jquery/ui/ 21 KB
8 KB 757ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Fri, 03 May 2024 21:08:09 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 8343

GET
H2 200 swiper.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/swiper/ 136 KB
46 KB 757ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 share-link.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/share-link/ 3 KB
1 KB 757ms
749ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1151

GET
H2 200 dialog.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/lib/dialog/ 10 KB
4 KB 758ms
750ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4200

GET
H2 200 frontend.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/js/ 36 KB
14 KB 755ms
746ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 22f977105367afc342362f5ba6d9361109629a73b66673b2b93c051a43aa7439

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 14489

GET
H2 200 preloaded-elements-handlers.min.js Show response
savethewater.org/wp-content/plugins/elementor-pro/assets/js/ 131 KB
45 KB 757ms
749ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.6.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: b265c36d8af2d1df4f8dbe55c189599874edb65727a5690d9b5574e74ca82fe8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:53:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 preloaded-modules.min.js Show response
savethewater.org/wp-content/plugins/elementor/assets/js/ 42 KB
16 KB 756ms
748ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.5.6
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 1cd03e5224865b618d82386028b8e2434a318437af49ab0b29146e2b0005c0f2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 16:10:11 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16770

GET
H2 200 jquery.sticky.min.js Show response
savethewater.org/wp-content/plugins/elementor-pro/assets/lib/sticky/ 3 KB
1 KB 755ms
747ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.6.2
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Thu, 24 Feb 2022 15:53:03 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1437

GET
H2 200 elementor-frontend.js Show response
savethewater.org/wp-content/plugins/epic-news-element/assets/js/admin/ 928 B
390 B 753ms
745ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/epic-news-element/assets/js/admin/elementor-frontend.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 63ed2becd96740dc7e70e12ba82da7f0052f953edfff37f217435efce91827d6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 17:56:31 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 357

GET
H2 200 tweenmax.min.js Show response
savethewater.org/wp-content/plugins/trx_addons/js/tweenmax/ 113 KB
48 KB 771ms
764ms Script
application/javascript 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/js/tweenmax/tweenmax.min.js
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 081bcc2d88c3606f5b69969219371e465baf5caa114837e300f4c8e88f8822db

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==

GET
H2 200 unnamed.png
stg.savethewater.org/wp-content/uploads/2020/03/ 25 KB
25 KB 714ms
324ms Image
image/png 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.savethewater.org/wp-content/uploads/2020/03/unnamed.png
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: 84eeff37ee9d0cca8e5a29d2c83b97f0abda50f09f1888d85d0297367f3eefe5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Sun, 10 May 2020 16:45:36 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 25449
content-type: image/png

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 223 KB
79 KB 62ms
39ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGH5SCV

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

61af68ed434cd718d4f331ea8d81164d211347b6961f40bfb426ceb6fab012e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80469
x-xss-protection: 0
last-modified: Fri, 24 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 14:57:36 GMT

GET
H2 200 zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 52ms
19ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYXgKVElMYYaJe8bpLHnCwDKhdHeFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=IBM+Plex+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:44:22 GMT
x-content-type-options: nosniff
age: 130394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19156
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:04:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:44:22 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 56ms
23ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjQ76AIFsdA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:51:09 GMT
x-content-type-options: nosniff
age: 129987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20356
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:19:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:51:09 GMT

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 19 KB
19 KB 57ms
24ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjWr7AIFsdA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:51:43 GMT
x-content-type-options: nosniff
age: 129953
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19440
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:08:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:51:43 GMT

GET
H2 200 fontello.woff2
savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/font/ 80 KB
80 KB 736ms
736ms Font
font/woff2 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/font/fontello.woff2?52297722
Requested by: Host: savethewater.org
URL: https://savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/css/fontello.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: eafa64d1a20be5ea4e9151cd4b519de1d8b433148a13eb1d7bacd17eb9663a91

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/wp-content/themes/impacto-patronus/css/font-icons/css/fontello.css
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Wed, 18 Sep 2019 22:57:04 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 81956
content-type: font/woff2

GET
H2 200 zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 44ms
12ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX9KVElMYYaJe8bpLHnCwDKjSL9AIFsdA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 21 May 2024 08:02:29 GMT
x-content-type-options: nosniff
age: 284107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20064
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:58:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 May 2025 08:02:29 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 section-everglades.jpg
savethewater.org/wp-content/uploads/2021/07/ 186 KB
186 KB 733ms
732ms Image
image/jpeg 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://savethewater.org/wp-content/uploads/2021/07/section-everglades.jpg
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash: bb61199da85f518e0b1d41c2afddc583fa4cbff8ac48227e5bb15d945640dd28

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Fri, 09 Jul 2021 12:22:43 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 190254
content-type: image/jpeg

GET
H2 200 trx_addons_icons.woff2
savethewater.org/wp-content/plugins/trx_addons/css/font-icons/font/ 48 KB
48 KB 849ms
848ms Font
font/woff2 162.241.253.213
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://savethewater.org/wp-content/plugins/trx_addons/css/font-icons/font/trx_addons_icons.woff2?59264814
Requested by: Host: savethewater.org
URL: https://savethewater.org/wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.253.213 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box5821.bluehost.com
Software: Apache /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/wp-content/plugins/trx_addons/css/font-icons/css/trx_addons_icons.css
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
last-modified: Wed, 18 Sep 2019 22:58:12 GMT
server: Apache
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 49180
content-type: font/woff2

GET
H2 200 zYX7KVElMYYaJe8bpLHnCwDKhdTmrINcdvfu.woff2
fonts.gstatic.com/s/ibmplexsans/v19/ 20 KB
20 KB 13ms
13ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsans/v19/zYX7KVElMYYaJe8bpLHnCwDKhdTmrINcdvfu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db4ff84a87323090f28887bd003613decc12e854ceae8948fef71d14bb9c55e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://savethewater.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 18:30:07 GMT
x-content-type-options: nosniff
age: 332849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20836
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:03:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 May 2025 18:30:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
102 KB 46ms
45ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0NQPQQLQ6X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163901325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35c6bf0c080478e21db7cc5a5141d7d7078fd29afc0cb7054dde749803901d39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 14:57:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 36ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-163901325-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 May 2024 13:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4594
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 24 May 2024 15:41:03 GMT

GET
H3 200 split.js Show response
js.cdntoswitchspirit.com/source/ 43 KB
16 KB 35ms
24ms Script
application/javascript 172.67.209.227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.cdntoswitchspirit.com/source/split.js
Requested by: Host: chest.cdntoswitchspirit.com
URL: https://chest.cdntoswitchspirit.com/scripts/connections.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.209.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 May 2024 08:18:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 799928
etag: W/"66446fc3-ab1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dG%2BKaSauR0cuFsQe7WaSJ455TMEuWLU9adpt469gZiN%2BEFwjGE4TDwj3ESD4JuHzuMbd%2FHbcQiIMqtUWZW%2FAjPtcblY2tmJalOTGMPnpay2qBq62J6o5xNmHOq4SLkiZAye8CiNj8ZM9vCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 888e23a07fef5d45-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1338007594&t=pageview&_s=1&dl=https%3A%2F%2Fsavethewater.org%2F&ul=de-de&de=UTF-8&dt=Home%20%7C%20Save%20the%20Water&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=712950799&gjid=859406509&cid=911497419.1716562657&tid=UA-163901325-1&_gid=1820921574.1716562657&_r=1&gtm=457e45m0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=1431891126

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savethewater.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cdncollect Show response
jquery.restartyourchoices.com/ 10 KB
5 KB 177ms
151ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jquery.restartyourchoices.com/cdncollect?r1=savethewater.org
Requested by: Host: js.cdntoswitchspirit.com
URL: https://js.cdntoswitchspirit.com/source/split.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zApOQxqKKZvreaYXNqj6NSTPMHBipD81Yacv0MiBPNV2n3z2BIRYv7WBkYdsUm1wceqMA%2FqLrqThsg7j1jhPmoOdm4b8HyfRi%2FqSYCB2urTjH%2FRp6uMYIOn4OYUi18XsGuCiD05ghIbpOTiYlaVMMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 888e23a0fd0f9741-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 May 2024 14:57:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 64ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-163901325-1&cid=911497419.1716562657&jid=712950799&gjid=859406509&_gid=1820921574.1716562657&npa=1&_u=YEBAAUAAAAAAACAAI~&z=1549886602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savethewater.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
246 B 42ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-0NQPQQLQ6X&gtm=45je45m0v898391372za200&_p=1716562656878&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=911497419.1716562657&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1716562657&sct=1&seg=0&dl=https%3A%2F%2Fsavethewater.org%2F&dt=Home%20%7C%20Save%20the%20Water&en=page_view&_fv=1&_ss=1&tfd=3995
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0NQPQQLQ6X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savethewater.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0NQPQQLQ6X&cid=911497419.1716562657&gtm=45je45m0v898391372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0NQPQQLQ6X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://savethewater.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 62ms
31ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0NQPQQLQ6X&cid=911497419.1716562657&gtm=45je45m0v898391372za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=765336148

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
29ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-163901325-1&cid=911497419.1716562657&jid=712950799&npa=1&_u=YEBAAUAAAAAAACAAI~&z=50184923

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 43ms
32ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-163901325-1&cid=911497419.1716562657&jid=712950799&npa=1&_u=YEBAAUAAAAAAACAAI~&z=50184923

Requested by

Host: savethewater.org
URL: https://savethewater.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 stepone
done.restartyourchoices.com/ 9 KB
4 KB 91ms
80ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://done.restartyourchoices.com/stepone
Requested by: Host: jquery.restartyourchoices.com
URL: https://jquery.restartyourchoices.com/cdncollect?r1=savethewater.org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://savethewater.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqeWpqxfrQKULTv33dWmfRtNMfYEktWAorp6fxZsWlEnC%2FYSEzvKy5N2S8%2FOW1Hh%2FAC73D%2Fiqso3t7IgusfNaH8NIOrK8ExwKXP3MVIRaXiMIcES%2B48rpJ%2FGpFDC8mNDTcaQ9vVTJ5ZcJrh4g60%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 888e23a20eac9741-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 24 May 2024 14:57:37 GMT

GET firstway
from.startfinishthis.com/ 0
0

GET
H3 200 firstway Show response
from.startfinishthis.com/ 203 B
643 B 69ms
46ms Document
text/html 172.67.152.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://from.startfinishthis.com/firstway

Requested by

Host: done.restartyourchoices.com
URL: https://done.restartyourchoices.com/stepone

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b0dd0c78236661efd3cea34c18403126c36835eb5818903b94bc8d7eebecd7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://savethewater.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 888e23a33de49963-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 14:57:37 GMT
expires: Fri, 24 May 2024 14:57:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X6Vl%2BTk%2FD1waz9IiHHQr%2FLerxJBorDP4I%2FmjJ3bfqceUhKT1OwMh5G3TsZmzjT6SaiWHx%2BCuuSW%2BtV%2FvZ%2BH4lzLlyUKNi5WvO95JTodu%2Bi%2FwuCBXah4uRVgdNI80kAddy7qklP7q0a7LkQk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 k4Pgws Show response
from.startfinishthis.com/ 262 B
661 B 53ms
52ms Document
text/html 172.67.152.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://from.startfinishthis.com/k4Pgws

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.152.194 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cb89d4ee55c268314417ea13f74502c406c671d05e4616840cf1ead1cd70c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 888e23a3be759963-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 14:57:37 GMT
expires: Fri, 24 May 2024 14:57:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2F4HeNitGhvIGfiHIvi%2FNgPUKwRCYPN4Y1eRjE6EIhRR%2FveE%2BObmpUToGArfT78XBysKD3C%2FlVkOOCYxAiWk%2BOkGvycdSLI0TTe97acgVj4gihzVnfnbtXq7PXqTKs1IszsJ75EYnJzsRg0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 MwTZUP4YL_TCUfylMBzvgDxXNfTIkF
surprisedexpert.com/bc3UVt0gP.3XpJv/bdmHVRJsZdDs0f1mMPj/Mu4/ 2 KB
2 KB 71ms
36ms Document
text/html 2a00:1178:1:4b::e
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL

https://surprisedexpert.com/bc3UVt0gP.3XpJv/bdmHVRJsZdDs0f1mMPj/Mu4/MwTZUP4YL_TCUfylMBzvgDxXNfTIkF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

2a00:1178:1:4b::e , Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: br
content-type: text/html;charset=UTF-8
date: Fri, 24 May 2024 14:57:37 GMT
expires: Mon, 26 Jul 2011 05:00:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1

200
OK

/ Show response
videocampaign.co/Watch/V5/
Redirect Chain

https://surprisedexpert.com/c.G-Fpzqcrzs9_kuavXwQx9-MzTAcBxCN_jEUF2GMHj-YJ1KNLzMk_4OMPzQYR0-MTDUkVzWN_iYZZkadbG-tduePfVgV_qiOjWk5lZ-RnHoRp3qO_XsBtzuZvz-NxvyQzUAx_pCZD1EBFv-VHFIQJ4KV_mMtNmOQPz-ZR2SW...
https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1

18 KB
5 KB

260ms
85ms

Document
text/html

138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d9e6d5f743a782f1e17e0acc78b9b420a2e6a27b7d6780eb80a928f25755fdc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Content-Type: application/x-www-form-urlencoded
Origin: null
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-arch: "x86"
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version: "125.0.6422.112"
sec-ch-ua-full-version-list: "Google Chrome";v="125.0.6422.112", "Chromium";v="125.0.6422.112", "Not.A/Brand";v="24.0.0.0"
sec-ch-ua-mobile: ?0
sec-ch-ua-model: ""
sec-ch-ua-platform: "Win32"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-wow64: ?0

Response headers

Cache-control: private
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 May 2024 14:57:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 24 May 2024 14:57:38 GMT
expires: Mon, 26 Jul 2011 05:00:00 GMT
last-modified: Fri, 24 May 2024 14:57:38 GMT
location: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-content-type-options: nosniff
x-frame-options: DENY

GET
H/1.1 200
OK / Show response
videocampaign.co/Continue/ 300 B
648 B 87ms
87ms XHR
text/html 138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/Continue/?lv=4&rdtp=0&elog=0&bnvref=1&baat=0&njslmt=0&entp=1&ttype=&nct=0&ctmv=&ls=0&cid=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&subid=&la=en-US%2Cen&jsl=1&btp=Chrome&ifr=0&plm=1&usm=1&nvm=1&ibv=1&pltf=Win32&sid=G_849bb9aa-23cd-423c-aed2-2fa7eb4d9503_1716562658&cc=&baej=1&atmp=1&v=3
Requested by: Host: videocampaign.co
URL: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0408811e6c72e1b97f08e558a58374f342542caf42a6a3cff9e36af2f9528945

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:38 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK favicon.ico
videocampaign.co/images/V2/ 1 KB
1 KB 166ms
83ms Other
image/x-icon 138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/images/V2/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 13061618ed73d23464c13744439cbdaededb524a90074620b743cf3fecfbc9da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:38 GMT
Last-Modified: Mon, 27 Jul 2020 13:05:00 GMT
Server: nginx/1.18.0 (Ubuntu)
Accept-Ranges: bytes
ETag: "5f1ed0fc-47e"
Content-Length: 1150
Content-Type: image/x-icon

POST
H/1.1 200
OK / Show response
videocampaign.co/Log/ 0
233 B 116ms
85ms XHR
text/html 138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/Log/?log_V4=1
Requested by: Host: videocampaign.co
URL: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 24 May 2024 14:57:38 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK /
videocampaign.co/Log/ 0
233 B 122ms
88ms XHR
text/html 138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/Log/?log_V4=1
Requested by: Host: videocampaign.co
URL: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 24 May 2024 14:57:38 GMT
Content-Encoding: gzip
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
videocampaign.co/ContinueV/ 1 KB
799 B 88ms
87ms Document
text/html 138.128.241.162
KAMATERA

General

Check archive.org

Show headers Download Go to

Full URL: https://videocampaign.co/ContinueV/?vid=ZetteDlR&jid=9269148&cc=&cid=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&rtp=2&ilsv=0
Requested by: Host: videocampaign.co
URL: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.128.241.162 Secaucus, United States, ASN36007 (KAMATERA, US),
Reverse DNS: 71us.mailspeedy.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://videocampaign.co/Watch/V5/?campaign_id=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&baej=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 24 May 2024 14:57:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2

200

Primary Request / Show response
www.thelotter.com/
Redirect Chain

https://cutt.ly/ZetteDlR
https://videocampaign.co/WebLinks/weblink_test.php?cid=HltpE2a9Nvx_373
https://www.thelotter.com/?tl_affid=8828

551 KB
476 KB

2272ms
1654ms

Document
text/html

107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/?tl_affid=8828

Requested by

Host: videocampaign.co
URL: https://videocampaign.co/ContinueV/?vid=ZetteDlR&jid=9269148&cc=&cid=HltpE2a9Nvx_373&pubfeed=6DMFDGM9N8&rtp=2&ilsv=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

1d9fbed5c9f28a42d9756b672c970b5e971e46ddd2a6d59e015272c816cee19e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 24 May 2024 14:57:41 GMT
server
server-name: NE-WEB2-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-82060841-82060931 NNNN CT(232 477 0) RT(1716562659268 287) q(0 0 7 0) r(9 14) U12
x-incap-sess-cookie-hdr: osEfVZlkYw0pq+a1BYvGAuSqUGYAAAAAQPOVgMHl2BxdHdYejge0TQ==
x-powered-by: ASP.NET
x-ua-compatible: IE=edge

Redirect headers

Content-Type: text/html; charset=UTF-8
Date: Fri, 24 May 2024 14:57:38 GMT
Location: https://www.thelotter.com/?tl_affid=8828
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 5b935606235026e0ce205f7a03ab6101.js Show response
cdn.cookie-script.com/s/ 489 KB
87 KB 65ms
18ms Script
application/javascript 146.185.171.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookie-script.com/s/5b935606235026e0ce205f7a03ab6101.js
Requested by: Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 146.185.171.17 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 343aa641462f4f56c38e20920d8aaf0569e0388ed010cac8a123a65d9711b2ae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
last-modified: Sun, 12 May 2024 11:10:26 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"da9c544ce86594a8bc0343f520720eea"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *

GET
H2 200 css.axd
www.thelotter.com/ 1 MB
236 KB 312ms
311ms Stylesheet
text/css 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

9add35c40eb26f723f1f4771b4378b0e24301bb2c60ce8a541b1b98d7c5f3d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:43 GMT
x-cdn: Imperva
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 2003) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 241248
expires: Sat, 24 May 2025 14:57:41 GMT

GET
H2 200 css.axd
www.thelotter.com/ 48 KB
10 KB 829ms
828ms Stylesheet
text/css 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fregistrationfull.css&v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

8f03c142868f0b1f0f2d4649672f4afbc33a51dab8d173858627cd1e82177764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:44 GMT
x-cdn: Imperva
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 2007) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 10108
expires: Sat, 24 May 2025 14:57:41 GMT

GET
H2 200 css.axd
www.thelotter.com/ 81 KB
15 KB 858ms
857ms Stylesheet
text/css 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fsigninsignup.css&v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

e127c4ad9e36bc21a02bfbc40dfceff57239ba9f67516d98eaa4877f7db64197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:08 GMT
x-cdn: Imperva
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 2012) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 15114
expires: Sat, 24 May 2025 14:57:41 GMT

GET
H2 200 css.axd
www.thelotter.com/ 44 KB
8 KB 1101ms
1101ms Stylesheet
text/css 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

c75c4a32162403d84659545e57a44d13022dcacc4c9a5bc8594bb49a3ea2a944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:43 GMT
x-cdn: Imperva
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 2014) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 8482
expires: Sat, 24 May 2025 14:57:41 GMT

GET
H2 200 jslib.axd Show response
www.thelotter.com/Scripts/ 235 KB
80 KB 1103ms
1103ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/Scripts/jslib.axd?v=20240522103120&d=%24s%24jquery-1.7.1.min.js%2c%24s6%24namespace.js%2c%24s6%24class.js%2c%24s6%24core.js%2c%24s6%24core.math.js%2c%24s6%24core.validations.js%2c%24s6%24core.utils.url.js%2c%24s%24_app%2ftl.js%2c%24s4%24tlglobals.js%2c%24s%24_app%2fservices%2fbaseservice.js%2c%24s%24_app%2fservices%2ffontstylecalculatorservice.js%2c%24s%24_app%2fservices%2fuserloginstatusservice.js%2c%24s%24_app%2fservices%2ffeaturetoggleservice.js%2c%24s4%24siteelements.js%2c%24s%24jstorage%2fjstorage.js%2c%24s3%24formsnormalizer.js%2c%24s%24big.min.js%2c%24s%24mailcheck.min.js%2c%24s%24localforage.js%2c%24s3%24singleframeandpopupcontroller.js

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

12d9ba9507875ba27a37fd3025097d8dfb23d110c101d43a077b0625f0fdd2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:53 GMT
x-cdn: Imperva
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 2015) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 81554
expires: Sat, 24 May 2025 14:57:41 GMT

GET
H2 200 jslib.axd Show response
www.thelotter.com/Scripts/ 136 KB
47 KB 314ms
314ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/Scripts/jslib.axd?v=20240522103120&d=%24s%24common.js%2c%24r%24smallspritebutton%2f%24s%24smallspritebutton.js%2c%24s1%24drawticker.js%2c%24s1%24megamenu.js%2c%24s1%24messagesalertmenuitemcontrol.js%2c%24s1%24signinsignupcontrol.js%2c%24s%24jquery.countdown.min.js%2c%24s%24jquery.json-2.3.min.js%2c%24s%24jquery.vticker.1.4.js%2c%24s%24scroller%2fjquery.li-scroller.1.0.js%2c%24s%24slick-carousel.min.js%2c%24s%24jquery.newsitemellipsis.js%2c%24s%24jquery.tools.min.js%2c%24s%24jquery.simpletip-1.3.1.js%2c%24s%24jquery.placeholder.js%2c%24s%24chosen.min.js

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

13897904cee0ce2e28f2ce202691979509a1b578caded224821b609503167dd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:53 GMT
x-cdn: Imperva
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4062) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 47623
expires: Sat, 24 May 2025 14:57:43 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 36ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 May 2024 14:04:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 24 May 2024 14:57:43 GMT

GET
H2 200 placeholder.svg
www.thelotter.com//images/Common/ 306 B
337 B 315ms
314ms Image
image/svg+xml 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com//images/Common/placeholder.svg?v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:17 GMT
x-cdn: Imperva
etag: "b43ecde2dacda1:0"
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0cNN RT(1716562659268 4069) q(0 -1 -1 -1) r(0 -1)
content-length: 202

GET
H2 200 jslib.axd Show response
www.thelotter.com/Scripts/ 118 KB
54 KB 319ms
318ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

4657ee6a026f68ba6fb72bb554c2a923bd8cc73fbf6e25f58b234f40ebc01481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:53 GMT
x-cdn: Imperva
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4074) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 55086
expires: Sat, 24 May 2025 14:57:43 GMT

GET
H2 200 jslib.axd Show response
www.thelotter.com/Scripts/ 2 MB
450 KB 305ms
304ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/Scripts/jslib.axd?ngm=auth%2cformsshared%2cfullregistration%2cuserdetails%2cpaymentmethods%2cshared%2cxsscontent%2cliveperson%2cgamblingaml%2cgamblingdepositlimit%2cgamblinglicense%2cgamblingtimelimit%2cregulation%2cregulationlocation%2cregulationuser%2ctermsandconditions%2cfrozenuser%2csubsitepolicypermissions%2cconsent%2cuser%2clocationidentification%2cscratchcardshared%2cinstantgamesshared%2cfootercontent%2cheader%2cautologout%2cfinance%2csecurity%2cdesktopheader%2ccontentdirectives%2csitenotifications%2chomepage%2cnoplayablelottery%2cupsalecampaign%2cpushnotification%2capp.js&v=20240522103120

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f7164a75bc37b6acb894a0437a432c034f624516c83b77e19f444084a44efd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:10 GMT
x-cdn: Imperva
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4381) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 460131
expires: Sat, 24 May 2025 14:57:43 GMT

GET
H2 200 jslib.axd Show response
www.thelotter.com/ 833 B
604 B 299ms
298ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/jslib.axd?ngm=$ng-app$/app.config.js&v=20240522103120

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

c94e2c5ded5e37398ea9786300313dfaff640e9dc8be0eb264bfb280c684ab0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:46 GMT
x-cdn: Imperva
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4371) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 495
expires: Sat, 24 May 2025 14:57:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
104 KB 71ms
51ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

455230227a44af7768baec1680db2a6a5dcf2c903a8afeda639f8a14cd696f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105887
x-xss-protection: 0
last-modified: Fri, 24 May 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 May 2024 14:57:43 GMT

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.thelotter.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:58:09 GMT
x-content-type-options: nosniff
age: 129574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:58:09 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 62ms
39ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=813165178.1716562664&url=https%3A%2F%2Fwww.thelotter.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He45m0n81PDQ5493v893815629za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 297 KB
100 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PG6WJ6GTXC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1be78f1bafa3c460dfc7401006728a3333a4fd51e4093af01ae4b4045f596b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102140
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 14:57:44 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 65ms
29ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 24 May 2024 14:57:43 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B4F5CD1F1BCC405AB69C525F8AFB42DB Ref B: FRAEDGE1919 Ref C: 2024-05-24T14:57:44Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 28 KB
9 KB 437ms
142ms Script
application/x-javascript 23.38.201.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.201.81 Oslo, Norway, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-38-201-81.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3fce4a2d785567f0a8dd59648036d665bb645e438ce6eb2adf164ecce19b3575

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 May 2024 14:18:11 GMT
Server: AkamaiNetStorage
ETag: "c8c436ce448d743b9d2866a06b789b64:1716388255.52096"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: EU
Cache-Control: max-age=1200
X-CC: DE
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8559
Expires: Fri, 24 May 2024 15:17:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 34ms
11ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 14:57:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2766, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iUxdu2yPT7pUQPGfCDLS0mK+FoxNCelU7hMRr4HI/bckkDtT7+WC49QNfF7ug4ugoVjZUIdxIYc/ZGlhVnrQlg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1015524/ 69 KB
21 KB 245ms
216ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1015524/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e41d9c1027cd836463bfaf6ffed057058dc8782f396819edc848a048edfa7b56

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: on_aC4eGDjIlxCTgynKvV8mbElp92w85
content-encoding: gzip
via: 1.1 varnish
date: Fri, 24 May 2024 14:57:44 GMT
x-amz-request-id: 2AAJPSV8Z2RBJ56B
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21505
x-amz-id-2: YA4O6hJZWfUcdbb7NCgpUf2vrgysUKnw2vhOtlN7RNuR+rziC857s/mnLJGTtlD4NEduxEguWUo=
x-served-by: cache-fra-eddf8230037-FRA
last-modified: Sun, 12 May 2024 11:12:07 GMT
server: AmazonS3
x-timer: S1716562664.090831,VS0,VE208
etag: "fcac85ebb2b3f88225d5227a9619db4b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 34ms
7ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Wed, 22 May 2024 17:01:28 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "16b7761205515ddc0668c12c434e8f00"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 12104

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 4 KB
3 KB 1459ms
7ms Script
application/javascript 43.152.26.235
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=560249340963860480&lib=kwaiq
Requested by: Host: savethewater.org
URL: https://savethewater.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.235 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 146.70.117.69
Date: Mon, 29 Jan 2024 03:23:36 GMT
Content-Encoding: gzip
x-oss-request-id: 65B71A38D3C1853635F02872
X-Cache-Lookup: Cache Hit
Content-MD5: /21V4wxp4OkgyZ6pUCZL9w==
kwaisign: NULL
Connection: keep-alive
Content-Length: 1691
X-Ks-Request-ID: 2637086660733674066
X-Ks-Cache: Hit from 43.152.26.235
x-oss-object-type: Normal
Last-Modified: Mon, 29 Jan 2024 03:16:14 GMT
Server: Lego Server
Etag: "FF6D55E30C69E0E920C99EA950264BF7"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 2637086660733674066
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 3318901080980820640
x-oss-server-time: 3
Expires: Wed, 28 Feb 2024 03:23:36 GMT

GET
H2 200 n6fzjo23 Show response
www.thelotter-affiliates.com/scripts/ 27 KB
6 KB 50ms
6ms Script
application/javascript 172.104.226.213
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter-affiliates.com/scripts/n6fzjo23

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQ5493

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.104.226.213 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

172-104-226-213.ip.linodeusercontent.com

Software

nginx /

Resource Hash

ec7415839c9d895ce1c49a2754b1cb7f7601eaeccb8a1e5760cacf3a91693ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 varnish (2.lb-app.pap.linode-de)
x-srv: 1
age: 18
content-length: 6134
last-modified: Tue, 09 Apr 2024 13:00:46 GMT
server: nginx
etag: "6ba3-615a982a87b80"
vary: Accept-Encoding
content-type: application/javascript
x-varnish: 133872469 131907976
cache-control: max-age=120
accept-ranges: bytes
expires: Fri, 24 May 2024 14:59:26 GMT

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_3p4qpjct/ 3 B
125 B 34ms
10ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_3p4qpjct/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
via: 1.1 varnish
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
content-length: 27

GET
H2 200 t2_3p4qpjct_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
701 B 35ms
19ms XHR
application/json 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_3p4qpjct_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
server: snooserv
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 98

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
638 B 36ms
16ms Image
image/gif 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1716562664099&id=t2_3p4qpjct&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=77dac384-007c-474a-b3ed-408bd3572490&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_8d515a58&dpm=&dpcc=&dprc=
Requested by: Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 1677291912545174 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1677291912545174?v=2.9.156&r=stable&domain=www.thelotter.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c6cc8be2c9f9123a59ba8f9eada424980a32416f35922f9b1a0590e330025659

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 24 May 2024 14:57:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11862
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=62, mss=1326, tbw=63343, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma: public
x-fb-debug: lPxazMdAluAupi8eLfrrkYwubG3DvoepfTeybAjVpbrbqdwdmlnTwrn3YipkJp60fO7FvCxpWCe5BLhtANITpA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 n6fzro23 Show response
www.thelotter-affiliates.com/scripts/ 66 B
435 B 6ms
6ms Script
application/x-javascript 172.104.226.213
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thelotter-affiliates.com/scripts/n6fzro23?accountId=default1&userId=8828&url=S_www.thelotter.com%2F&referrer=&isInIframe=false&getParams=%3Ftl_affid%3D8828&anchor=
Requested by: Host: www.thelotter-affiliates.com
URL: https://www.thelotter-affiliates.com/scripts/n6fzjo23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.226.213 Frankfurt am Main, Germany, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-104-226-213.ip.linodeusercontent.com
Software: nginx /
Resource Hash: 13a1d596b799baed03c5ef5ed7950b8dbcf65112dbdec9769b385fd36fd390f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: application/octet-stream, application/x-javascript
date: Fri, 24 May 2024 14:57:44 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 25071092.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25071092.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe35e0034201751fd70c5527199f30613771f329d9b14be7e9ec08f785c43374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 24 May 2024 14:57:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A745E0D708744809AD6AE7EAED4E135A Ref B: FRAEDGE1919 Ref C: 2024-05-24T14:57:44Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 31ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1677291912545174&ev=PageView&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&rl=&if=false&ts=1716562664142&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1716562664141.1930680712&ler=empty&cdl=API_unavailable&it=1716562664121&coo=false&tm=1&rqm=GET

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2794, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 24 May 2024 14:57:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 319ms
295ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1677291912545174&ev=PageView&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&rl=&if=false&ts=1716562664142&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1716562664141.1930680712&ler=empty&cdl=API_unavailable&it=1716562664121&coo=false&tm=1&rqm=FGET

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xa410ea822116df40","source_keys":["1","2"]},{"key_piece":"0x5a190714f8256128","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 24 May 2024 14:57:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=3112, tp=-1, tpl=-1, uplat=288, ullat=0
pragma: no-cache
x-fb-debug: hLaLIG/IoRm6aCJtnSCEN8G36a7gWpDegpxoTyZfX0XkkmRAvbT/cwepXlE4WgL+PXED0yQrl0ssoVB5kXaHCQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 39ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981z8893815629za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1716562664&sct=1&seg=0&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=5215
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PG6WJ6GTXC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelotter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET collect
server-side-tagging-jay2rczlwq-uc.a.run.app/g/ 0
0

GET
H2 200 25071092 Show response
www.clarity.ms/tag/uet/ 827 B
1 KB 175ms
111ms Script
application/x-javascript 2620:1ec:29:1::43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/25071092
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/25071092.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bb110762908f29f21e4a57f9506f8068ed7099e4095ea13221c8e845860fb309

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 24 May 2024 14:57:44 GMT
x-azure-ref: 20240524T145744Z-er1596566fb5twlw2qar2s102c00000009eg000000010859
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 827
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

OPTIONS
H2 200 configuration
tl-log.com/api/v1/logging/ Frame 0
0 71ms
48ms Preflight 107.154.213.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://tl-log.com/api/v1/logging/configuration

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.213.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.213.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:44 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB2-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 17-81556501-81550185 PNNN RT(1716562664108 12) q(0 0 0 2) r(0 0) U6
x-incap-sess-cookie-hdr: 9a+4D6N8ETsy3fHyNGAaCuiqUGYAAAAAdungL9Y0FncU2X/2dLBDlw==
x-powered-by: ASP.NET

GET
H2 200 configuration Show response
tl-log.com/api/v1/logging/ 769 B
947 B 38ms
38ms XHR
application/json 107.154.213.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://tl-log.com/api/v1/logging/configuration

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.213.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.213.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d5687032d72a21388b0db59c3d913b6596871653d34c78b7fcbba16fba497ecd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 17-81556501-81550185 PNYN RT(1716562664108 59) q(0 0 0 1) r(0 0) U2
server-name: NE-WEB2-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: pZjoEmfxc34y3fHyNGAaCuiqUGYAAAAABaZ5aGyynZvRq6/G6YzYmA==
expires: -1

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 98 KB
98 KB 275ms
274ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=19765&v=20240521

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

6ed3f9bb49db64879aa23da8ad5e52a90c699dd4f9e0ca94c4542bb4153d5ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:43 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 21 May 2024 10:50:19 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4651) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 100059
expires: Sat, 24 May 2025 14:57:43 GMT

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 26 KB
10 KB 172ms
20ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/tag/tag.js?site=50625536

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
last-modified: Tue, 31 Oct 2023 18:56:18 GMT
server: ws
etag: "65414dd2-24b8"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 9400

GET
H2 204 0
bat.bing.com/action/ 0
287 B 35ms
35ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25071092&tm=gtm002&Ver=2&mid=d5b1e5f3-8460-4e34-9df6-677b360c5c31&sid=f9d8f73019dd11efac5de1ac5938953e&vid=f9d8e4d019dd11ef8cc8c91ab30c0ab8&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Play%20the%20Lottery%20Online%20from%20Anywhere,%20Anytime%20%7C%20theLotter&kw=lottery%20online,%20lottery%20tickets,%20online%20lottery,%20lottery%20ticket,%20lottery&p=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&r=&evt=pageLoad&sv=1&rn=79437

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:43 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F91E92FABF074C8CAF2518C865B026B8 Ref B: FRAEDGE1919 Ref C: 2024-05-24T14:57:44Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1015524/trc/3/ 2 KB
2 KB 30ms
24ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1015524/trc/3/json?tim=1716562664313&data=%7B%22id%22%3A11%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1716562664306%2C%22cv%22%3A%2220240512-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.thelotter.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Ftl_affid%3D8828%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dthelotter-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1716562664312%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1015524/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 57295edac7ff9c3de129a935ecd3d4cda2983e15f72a6473494f5233d64283ac

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 16
date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.25075
x-fastly-to-nlb-rtt: 7299
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230037-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1716562664.325443,VS0,VE16
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.34/ 61 KB
26 KB 14ms
14ms Script
application/javascript 2620:1ec:29:1::43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/25071092
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: br
last-modified: Wed, 22 May 2024 21:57:46 GMT
etag: W/"0x8DC7AAA36FDA8AF"
vary: Accept-Encoding
x-azure-ref: 20240524T145744Z-er1596566fb5twlw2qar2s102c00000009eg00000001085d
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ca81b67a-701e-0001-6810-ad7107000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/ 327 KB
114 KB 40ms
39ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.23 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

Software

ws /

Resource Hash

4559bd877207bb15c5939a45a5e6c49abcfc42a058f8a09116c2d1b2a5af5f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 templates.html Show response
www.thelotter.com/clientapps/ 538 KB
97 KB 281ms
280ms XHR
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/clientapps/templates.html?ngm=Auth,Shared,FullRegistration,UserDetails,PaymentMethods,Consent,Security,FormsShared,GamblingAML,GamblingDepositLimit,GamblingLicense,GamblingTimeLimit,Regulation,RegulationLocation,RegulationUser,TermsAndConditions,FrozenUser,SubSitePolicyPermissions,User,LocationIdentification,ScratchCardShared,InstantGamesShared,FooterContent,Header,AutoLogout,Finance,DesktopHeader,SiteNotifications,HomePage,NoPlayableLottery,UpsaleCampaign&v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

48ffdd7d5e67efa1f1a6a55e882be1296c9a8ca372f3f3f0521591d154718bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:46 GMT
x-cdn: Imperva
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 4964) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 98612
expires: Sat, 24 May 2025 14:57:44 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 327ms
113ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.thelotter.com
Date: Fri, 24 May 2024 14:57:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
517 B 355ms
86ms Ping
image/gif 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?optOut=false&bust=08037280812404015&referrer=&cht=gtm&marketerId=001fb03cf3fe3fdff9b757afa645f85cd8&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&g=1&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, POST
Content-Type: image/gif;
Access-Control-Allow-Origin: https://www.thelotter.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-TraceId: dcd87c881f95a049c418e42efe16b0aa
Access-Control-Allow-Headers: Content-Type, Authorization
Content-Length: 54

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 354ms
87ms Script
application/javascript 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=001fb03cf3fe3fdff9b757afa645f85cd8

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:44 GMT
content-encoding: br
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-TraceId: df12b02adccde056dbc1a776c6e2df32
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 001fb03cf3fe3fdff9b757afa645f85cd8 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 491ms
170ms Script
text/html 23.38.201.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/001fb03cf3fe3fdff9b757afa645f85cd8

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.38.201.81 Oslo, Norway, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-38-201-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
Date: Fri, 24 May 2024 14:57:45 GMT
ob-sent-time: 1716539537876
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: EU
Cache-Control: max-age=60
X-CC: DE
Connection: keep-alive
X-TraceId: 836c0da281bffe76c2bf9566a209b852
Content-Length: 22
Expires: Fri, 24 May 2024 14:58:45 GMT

GET
H2 200 / Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/setting/accountproperties/ 7 KB
2 KB 127ms
22ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/setting/accountproperties/?cb=accountSettingsCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

8d37415b2a64944acefa745613a6fb91b8248e552cf045fe8f081c737a689b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:57:45 GMT

GET
H2 200 ui-framework.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 40 KB
13 KB 105ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ui-framework.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:34:00 GMT
content-encoding: br
age: 33824
x-guploader-uploadid: ABPtcPpkAFrwd-DwhTsMBlZ3aipDfAHq4EFkUu2JOxYGccz4wwL33jxpBY5R3-fH78mSXHN65ILSK0LHpw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12510
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"f50d31809acb60fa6c9d03a6dcdc1ef6"
vary: Accept-Encoding
x-goog-generation: 1716526850660047
x-goog-hash: crc32c=3EPcjg==, md5=9Q0xgJrLYPpsnQOm3Nwe9g==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 40535
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 surveylogicinstance.min.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 8 KB
3 KB 106ms
10ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/surveylogicinstance.min.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:32:25 GMT
content-encoding: br
age: 33919
x-guploader-uploadid: ABPtcPrKyQlEt8wvC8Dhih83DE5sw03FfAF_wMCx6yJvsDnf4g20PdcIjdijY_zm-QnDmdNrPx4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"d53092c1d6e0a7a3d1bb802c67a6e1e9"
vary: Accept-Encoding
x-goog-generation: 1716526850653024
x-goog-hash: crc32c=GIGCsg==, md5=1TCSwdbgp6PRu4AsZ6bh6Q==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 7866
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 zones Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/ 17 KB
3 KB 143ms
42ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

a57447331b31ce5d9102ac9cd17ff92c2ee1c481d5fdb5c679d8d0ed0061288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:44 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:58:42 GMT

GET
H2 200 desktopEmbedded.js Show response
lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/ 1 MB
253 KB 9ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_unified_window/10.37.0-release_1294589553/desktopEmbedded.js?version=10.37.0-release_1294589553
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1e78b01b533ecd1ddd46fad4d4c3a3c366c02e0367cd99ab56cb2a4341315bc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:34:01 GMT
content-encoding: br
age: 33823
x-guploader-uploadid: ABPtcPrWFTHFirqOf8fho9PIOcdfeywMiCbGQnIiilZ6wXo1hThrEDuGXQ4ZsygEtT4EbTJYGog
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259084
last-modified: Fri, 24 May 2024 05:00:50 GMT
server: UploadServer
etag: W/"c51ea7e9356d2a36227deba424c4b0c8"
vary: Accept-Encoding
x-goog-generation: 1716526850475297
x-goog-hash: crc32c=cHYgYA==, md5=xR6n6TVtKjYifeukJMSwyA==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 1070247
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/ 43 KB
15 KB 15ms
15ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.js?loc=https%3A%2F%2Fwww.thelotter.com&site=50625536&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8c34af133bbf58ded59be1142b7ca92810e72c6ca44c0e0be60214425e470e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:32:25 GMT
content-encoding: br
age: 33919
x-guploader-uploadid: ABPtcPr9uLOqH7JWQhBnVYqsy1cEwBYOpiYRKZCDBrXo7TMwjIF47QWIieNxkcrIFNbAypxQqgc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15111
last-modified: Fri, 24 May 2024 04:58:31 GMT
server: UploadServer
etag: W/"98cd62ca3691285d2db5f002c56e5725"
vary: Accept-Encoding
x-goog-generation: 1716526711910358
x-goog-hash: crc32c=9oFm3g==, md5=mM1iyjaRKF0ttfACxW5XJQ==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 44531
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/ Frame BE45 0
0 28ms
8ms Document
text/html 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.28.0-release_1286430736/storage.secure.min.html?loc=https%3A%2F%2Fwww.thelotter.com&site=50625536&ist=sessionStorage&env=prod&accdn=accdn.lpsnmedia.net
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thelotter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: none
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
age: 33919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: br
content-length: 16270
content-type: text/html
date: Fri, 24 May 2024 05:32:25 GMT
etag: W/"08e1e10c1128f5e33067543842258486"
last-modified: Fri, 24 May 2024 04:58:31 GMT
server: UploadServer
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
vary: Accept-Encoding
x-goog-generation: 1716526711896314
x-goog-hash: crc32c=Z19eGg== md5=COHhDBEo9eMwZ1Q4QiWEhg==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 48296
x-guploader-uploadid: ABPtcPr2Wi51CFJPEs96TRoB-TACmYbUoxAjF0tqu98dvv7-VC-NzPp0T7QmqYVcDiJHlOdhww

GET collect
server-side-tagging-jay2rczlwq-uc.a.run.app/g/ 0
0

GET
H2 200 50625536 Show response
va.v.liveperson.net/api/js/ 238 B
1 KB 496ms
183ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/50625536?&cb=lpCb14644x58062&t=sp&ts=1716562664559&pid=7551726814&tid=8347397823&pt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&u=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&sec=%5B%22en-GB%22%5D&df=0&os=0&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22cstatus%22%3A%22N%2FA%22%2C%22ctype%22%3A%22Non%20Registered%22%2C%22customerId%22%3A%22-1%22%2C%22role%22%3A%22N%2FA%22%7D%7D%2C%7B%22type%22%3A%22personal%22%2C%22personal%22%3A%7B%22firstname%22%3A%22N%2FA%22%2C%22lastname%22%3A%22N%2FA%22%2C%22language%22%3A%22en-GB%22%7D%7D%2C%7B%22type%22%3A%22cart%22%2C%22products%22%3A%5B%7B%22product%22%3A%7B%22name%22%3A%22Non%20Registered%22%2C%22category%22%3A%22General%20information%22%7D%7D%5D%7D%5D&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

579a8776521ade2d13f9f02f4f095c2b9eb857511fdae470c1176ecb9070f1bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

OPTIONS
H2 200 rewrite-url
www.tlg-api.com/api/v1/seo/ Frame 0
0 3152ms
2561ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/seo/rewrite-url

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:47 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618977 PNNN RT(1716562665468 1059) q(0 13 13 1) r(15 15) U6
x-incap-sess-cookie-hdr: hKmAMDrnCj0ws+a1BYvGAuyqUGYAAAAAB2wqLfOgZ2RZvugH29L0Zg==
x-powered-by: ASP.NET

POST
H2 200 getexitintentoffer Show response
www.thelotter.com/__ajax/__upsalecampaigns.asmx/ 134 B
333 B 587ms
587ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/__ajax/__upsalecampaigns.asmx/getexitintentoffer

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

0d1c6b08da4a7a15f380b8a2e1052829cd2726fbcb4e09193966f1dfe7bed251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82060931 PNYN RT(1716562659268 5833) q(0 0 0 -1) r(2 2) U6
server-name: NE-WEB2-A
x-ua-compatible: IE=edge
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-incap-sess-cookie-hdr: 5VcEDFObuQ4pq+a1BYvGAumqUGYAAAAARo0bq1hZ+KVxUp1efv0uUg==
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

POST
H2 200 getvalidationtranslations Show response
www.thelotter.com/__ajax/__validations.asmx/ 4 KB
2 KB 1052ms
1050ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/__ajax/__validations.asmx/getvalidationtranslations

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

c221f43fbe2cdc3ac399fc9cdc42a7da164b929559132091bdeb8b87a876f8bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82062528 NNYY CT(232 480 0) RT(1716562659268 5874) q(0 0 0 -1) r(0 7) U6
server-name: NE-WEB1-A
x-ua-compatible: IE=edge
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-incap-sess-cookie-hdr: svgGcIevy0Qpq+a1BYvGAumqUGYAAAAAJYvSGiEzzZ/M5YGJ2E5RAA==
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

GET
H2 200 mga_messenger.html Show response
www.thelotter.com/ClientApps/Modules/FooterContent/Partials/Licenses/ 3 KB
1 KB 312ms
311ms XHR
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/ClientApps/Modules/FooterContent/Partials/Licenses/mga_messenger.html?v=20240522103116

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f640a79e7eaf95c3eafb3cfdbfd18d88df5ad57d575a37e1d48770996ecacdad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:46 GMT
x-cdn: Imperva
etag: "e29ad05b2eacda1:0"
content-type: text/html
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 5878) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 1031
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 policypermissions Show response
www.thelotter.com/api/ 6 KB
2 KB 1562ms
1561ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/api/policypermissions

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

2b47787588f14c87b58dda3c5ce7246ba909ca46fb3ddfb4d0b08b1b98a86835

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82062533 NNYY CT(232 477 0) RT(1716562659268 5881) q(0 0 0 -1) r(0 12) U2
server-name: NE-WEB1-A
x-ua-compatible: IE=edge
pragma: no-cache
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: *
expires: -1

GET
H2 200 is-betting-on Show response
www.thelotter.com/api/subsite/ 125 B
388 B 556ms
556ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/api/subsite/is-betting-on

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

a09f52ca257c838908f314f38e983ef3421cbcc7c35c4a3e36e358622d3bd759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82062536 NNYY CT(232 474 0) RT(1716562659268 5887) q(0 0 0 -1) r(0 2) U2
server-name: NE-WEB1-A
x-ua-compatible: IE=edge
pragma: no-cache
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: *
expires: -1

GET
H2 200 playable Show response
www.tlg-api.com/api/v2/raffle-catalog/raffles/ 7 KB
2 KB 2458ms
1867ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/raffle-catalog/raffles/playable?subSiteRef=1&languageRef=1&userRef=&timeZoneOffset=2

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9792e9543cc29f5d3e60fe258cd85b0dafda40e22518585d92a47060ca14b386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618843 NNYN CT(233 472 0) RT(1716562665468 891) q(0 0 7 19) r(10 10) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: fxI5N8/a020ws+a1BYvGAuuqUGYAAAAAg9nLKc479wGaQ00Zuap8Dw==
expires: -1

POST
H2 200 rewrite-url Show response
www.tlg-api.com/api/v1/seo/ 135 B
513 B 570ms
569ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/seo/rewrite-url

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2f4bb35017bde1b97e36e319cc8f4643e6bb2e7d50e258762b7e215460133d52

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77619012 PNYN RT(1716562665468 2895) q(0 0 0 -1) r(3 3) U6
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: J341W+E/MWows+a1BYvGAuyqUGYAAAAAAh3S8TQ5tt1Xn7QXp57fmQ==
expires: -1

POST
H2 200 getquickdrawcardsmodel Show response
www.thelotter.com/__ajax/__lotterycards.asmx/ 55 KB
4 KB 824ms
824ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/__ajax/__lotterycards.asmx/getquickdrawcardsmodel

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

0b1aa2410cc0bf1f6e5f514e61d1a6de0f03ef0900b1d4865f2a589d668d39bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82062552 NNYY CT(231 466 0) RT(1716562659268 5940) q(0 0 0 -1) r(0 2) U6
server-name: NE-WEB1-A
x-ua-compatible: IE=edge
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-incap-sess-cookie-hdr: T76XY2mP6kIpq+a1BYvGAumqUGYAAAAAoZlbriiIjbcPsVaDr5yYYw==
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

GET
H2 200 user-icon-svg.svg
www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ 402 B
390 B 311ms
310ms Image
image/svg+xml 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/user-icon-svg.svg?v=20240521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

4c63b42179dcc4e6519c49acc18217fde662869d787c50167b93e267071773b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:07 GMT
x-cdn: Imperva
etag: "98c26d92dacda1:0"
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 5943) q(0 -1 -1 -1) r(0 -1)
content-length: 266

GET
H2 200 globe-icon-svg.svg
www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ 1 KB
850 B 513ms
512ms Image
image/svg+xml 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/globe-icon-svg.svg?v=20240521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

d2db8e2f675af962e9393aaf0493f5034cc8c95d6eb63af734329568d1b9fc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:07 GMT
x-cdn: Imperva
etag: "a9181bd92dacda1:0"
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6145) q(0 -1 -1 -1) r(0 -1)
content-length: 749

GET
H2 200 loading-white.gif
www.thelotter.com/App_Themes/Default/images/General/ 14 KB
14 KB 340ms
339ms Image
image/gif 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/App_Themes/Default/images/General/loading-white.gif?v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a0b0cb9ced6df0bf47cc8718f9aa806c2876e1e55e549b269d118e5754dbb666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:53:05 GMT
x-cdn: Imperva
etag: "b584d82dacda1:0"
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6147) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 14619
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 loading-red.gif
www.thelotter.com/App_Themes/Default/images/General/ 48 KB
48 KB 343ms
342ms Image
image/gif 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/App_Themes/Default/images/General/loading-red.gif?v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

1e1a82b691788c7de3e93bd63d6ebef1963817641f5f843eb136f56231d774d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:42 GMT
x-cdn: Imperva
etag: "c233fb582eacda1:0"
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6150) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 49338
expires: Sat, 24 May 2025 14:57:45 GMT

GET
DATA 200
OK truncated
/ 112 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c8dfa50b732efdc00f9ae057496c8956d407d95a7ae1307cda60d3e59034197

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 60 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9ec091ad656eaa8a34cc21135b793c75d61a20e826fffed93935a43a6753908

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 56 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c3d2089bb29bb30f10c31c90452f63d5d571c7c404fd37ca7d919d5ba2b4eec

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 76 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49a5e6846763d4d6076afa503b2f4061ad3952f74928b68139e91774c92a0f9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 91 KB
92 KB 334ms
330ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=35048&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

e9f193b73201df7d8e803009dc9fa04bbb0dd079e1f5eea8efa07b9fc2cf4bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:45 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6153) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 93631
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 14 KB
14 KB 337ms
334ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29496&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

fa8059723d1708797fe88bfe704bffd6a14890255f6bb2d6c113631df655f1cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:45 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6156) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 14751
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 85 KB
85 KB 339ms
336ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=35049&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

e84bd8e1b92366333f670c48334b059eb6d5c50fb10ef6a613b76ed4b180ddbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6159) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 86980
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 13 KB
13 KB 341ms
338ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29364&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f0eaa8ccfb21ad2422fc05c90dda2c94d3bff7c20ad2d3937ca88224552093f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6160) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 12996
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 13 KB
13 KB 342ms
339ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29418&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

16d68a31286796e9542e4416860961fdf70a0a2e5f9b01a7471834763b58e724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:45 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6161) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 13126
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 10 KB
10 KB 342ms
340ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29419&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

6c26b4840d69dae288086ee17864ef10302ca80443eb09b441450baf18bd23ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6162) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 10244
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 13 KB
13 KB 343ms
341ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29388&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

ac7c7e32b44412b200232f0e4b909b3d63ab68d6c643cf0b45258c963b2c5365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:45 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6163) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 13675
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 68 KB
68 KB 345ms
342ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=35543&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

de66104ab7e62991a06d37d16a6a13afd89bcb38188aae10a5476956aab2a4d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6165) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 70018
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 17 KB
17 KB 346ms
344ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29389&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

df8b6d6dc690a9d92fae9404368e6a64c91fd2bccab76d07f582df9bb118a1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:31 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6167) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 17749
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 12 KB
12 KB 349ms
347ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29352&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

8a2ca5e67b01daaa183c8add2feceee9dbc541492c4b23d803ae40f2303ccf4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:31 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6169) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 12278
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 12 KB
12 KB 350ms
349ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29423&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

2c0c2372da39b58111d7196449c7847009dddc1ae9c175efa7bca09b243d842b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:31 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6172) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 12183
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 58 KB
58 KB 354ms
353ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29424&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

b92d89ab36cbfa1faa23243c9a332cc7b9da866cc897383c1d3ee39110efb929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 12:38:42 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6173) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 59222
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 14 KB
14 KB 633ms
632ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29354&v=202405232

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a12405f4c80947eac03f04af3f10415ddfd739123c1bbc11f220dbcd62f93b11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 12:38:42 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6176) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 13895
expires: Sat, 24 May 2025 14:57:45 GMT

GET
H2 200 50625536 Show response
va.v.liveperson.net/api/js/ 790 B
1 KB 100ms
99ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/50625536?sid=wwZHUEdFT9qD6czmxqKDTg&cb=lpCb90663x6390&t=uc&ts=1716562664716&pid=7551726814&tid=8347397823&sdes=%5B%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LP_DIV_1409469653852%22%7D%2C%7B%22type%22%3A%22pagediv%22%2C%22divId%22%3A%22LP_DIV_MESSAGING_FLOATING_BUT_ENG%22%7D%5D&vid=NmMzNjYjRlYmRiYThjZGY5

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

30d34c3597752b022bc3f0892e237780583584fe197fc6bc9077ad448e8ee0ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

POST
H/1.1 200 getGrayInfo Show response
api.mythad.com/rest/n/adintl/gray/ 202 B
624 B 936ms
311ms XHR
application/json 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=560249340963860480&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: 40f7c18091c56f173b5aa277945fd87d5c4cb59edbc6e4296b19985778e62242

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 24 May 2024 14:57:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thelotter.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Alt-Svc: quic=":443";ma=2592000;v="43"

OPTIONS
H/1.1 200 getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 0
0 820ms
264ms Preflight 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.thelotter.com
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc: quic=":443";ma=2592000;v="43"
Connection: keep-alive
Content-Length: 0
Date: Fri, 24 May 2024 14:57:46 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 search
www.tlg-api.com/api/v1/marketing/site-notifications/ Frame 0
0 2233ms
1897ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/marketing/site-notifications/search

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:47 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618871 NNNN CT(230 460 0) RT(1716562665468 978) q(0 0 7 7) r(9 9) U6
x-incap-sess-cookie-hdr: pyZUbzGt0BYws+a1BYvGAuuqUGYAAAAA9HM94hK8xp/0VgAy29pzCQ==
x-powered-by: ASP.NET

OPTIONS
H2 200 header
www.tlg-api.com/api/v2/content/ Frame 0
0 2751ms
2417ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/header

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:47 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77619021 NNNN CT(241 478 0) RT(1716562665468 1022) q(0 5 12 3) r(14 14) U6
x-incap-sess-cookie-hdr: KpunQEVYkRwws+a1BYvGAuuqUGYAAAAA/JUwmdPN6bLquONfTfl8EQ==
x-powered-by: ASP.NET

OPTIONS
H2 200 multiple
www.tlg-api.com/api/v1/content/string-sections/ Frame 0
0 2534ms
2201ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-sections/multiple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:47 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618977 NNNN CT(234 478 0) RT(1716562665468 1011) q(0 3 10 4) r(12 12) U6
x-incap-sess-cookie-hdr: HivAX1ojn1Iws+a1BYvGAuuqUGYAAAAAowViCa5G+zphlOvf2g6l+Q==
x-powered-by: ASP.NET

GET
H2 200 configuration Show response
www.tlg-api.com/api/v1/users/auth/automatic-logout/ 162 B
526 B 2467ms
2131ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/users/auth/automatic-logout/configuration

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

74ae9e64bb94300ee40de3dd6671006e788735a32b974d29b752c4ea4c48f0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618871 PNYN RT(1716562665468 1035) q(0 8 8 11) r(11 11) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: YjpJHDBS0SYws+a1BYvGAuuqUGYAAAAAGFDVgkxPrHATv0L8lfDRaA==
expires: -1

GET
H2 200 ClientCacheLocationByIP,ClientCacheLocationByCoordinates Show response
www.tlg-api.com/api/v1/configuration/services/TheLotter.Regulation.Location.Service/keys/ 234 B
584 B 2770ms
2434ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/configuration/services/TheLotter.Regulation.Location.Service/keys/ClientCacheLocationByIP,ClientCacheLocationByCoordinates

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

435136356993fdb41cb8558f216c42c43f1aecc3397a75b4f13f135dd5ac8628

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618171 2NYN RT(1716562665468 1057) q(0 11 11 0) r(14 14)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: 7AYAXlWHIVgws+a1BYvGAuuqUGYAAAAA+X/XCD5XMy+GEzQwBg3J3g==
server-name: NE-WEB2-B

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 7 KB
2 KB 2675ms
2339ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Location%20Notification

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

991ea60ce3e6785ed3cded23ca9a656a47eefe8c35f48dd388abd18fac68935d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618345 2NYN RT(1716562665468 1051) q(0 10 10 4) r(13 13)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: MoPKU1EkaGows+a1BYvGAuuqUGYAAAAAuU/lh4kniFBWsQpRdRn/pw==
server-name: NE-WEB2-B

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 692 B
718 B 1562ms
1227ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Subsite%20Leaving%20Acknowledgement%20Popup

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a6e03ec39911ba9815b1c39005b3c223357e12dd961fbde5c3456506d1d6f54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618171 2NYN RT(1716562665468 986) q(0 0 0 4) r(2 2)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: jD53IuGxY2Aws+a1BYvGAuqqUGYAAAAAoYRAYkdXCbyrUHGJzTGrXA==
server-name: NE-WEB2-B

GET
H2 200 ClientSiteNotificationsPopup Show response
www.tlg-api.com/api/v1/configuration/services/TheLotter.TheLotterSite.Service/keys/ 226 B
561 B 1801ms
1466ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/configuration/services/TheLotter.TheLotterSite.Service/keys/ClientSiteNotificationsPopup

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

9efdbd36b42fd145f905768a50be29b0ab10fbe1211c2dc5bc45e01330f00d73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618345 2NYN RT(1716562665468 1007) q(0 3 3 2) r(5 5)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: vWYyDCrXaUEws+a1BYvGAuqqUGYAAAAAPe0NhUwkbD19WfDRy7fuHQ==
server-name: NE-WEB2-B

POST
H2 200 search Show response
www.tlg-api.com/api/v1/marketing/site-notifications/ 93 B
497 B 992ms
992ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/marketing/site-notifications/search

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3bf3d0a6f8fa77ce795cb700ae3e65e0339e2c166b9fdb0eaa0719520077a28c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77619012 PNYN RT(1716562665468 2217) q(0 4 4 2) r(7 7) U6
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: qZ05W9qlelIws+a1BYvGAuyqUGYAAAAA4Dy7CJ4rrZWDu64uHQXuCQ==
expires: -1

POST
H2 200 header Show response
www.tlg-api.com/api/v2/content/ 2 KB
815 B 637ms
636ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/header

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

63e81c31d3654000c5f998e24d38f3181f17614b66dc94dde2b5206941ae07e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618977 PNYN RT(1716562665468 2740) q(0 0 0 -1) r(3 3) U6
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: Niw7ZpUbcWows+a1BYvGAuyqUGYAAAAAbMag9iuvsRtE5gdcYk8oTA==
expires: -1

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 6 KB
2 KB 1523ms
1189ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Home%20Page

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

fb3a9b03de7eda62ca76836c71154e514260b60e6a733cc5de16fe3e8276bb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77609430 2NYN RT(1716562665468 942) q(0 0 0 13) r(2 2)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: mkuFNsYfm1Qws+a1BYvGAuqqUGYAAAAA9f7K0FEG2H4XhZWf2ajv5w==
server-name: NE-WEB2-B

GET
H2 200 trust-element Show response
www.tlg-api.com/api/v1/marketing/conversion-retention/subsites/1/languages/1/isMobile/false/ 587 B
787 B 2703ms
2369ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/marketing/conversion-retention/subsites/1/languages/1/isMobile/false/trust-element

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

f5cfd2adff2d436a0b93544cb083791f526e1d0358ce9cfc66f1e70128bbab13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77619012 NNYN CT(233 473 0) RT(1716562665468 1018) q(0 4 12 2) r(14 14) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: PhAGShAYliYws+a1BYvGAuuqUGYAAAAAts/ASfq5sAk/ItbYC63/Mg==
expires: -1

GET
H2 200 1 Show response
www.tlg-api.com/api/v1/content/footer/subsite/1/language/ 1 KB
947 B 1318ms
984ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tlg-api.com/api/v1/content/footer/subsite/1/language/1?isMobile=false&url=https://www.thelotter.com/
Requested by: Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: fb34921eefdde2a74c9ee1c51a4d69a1775e2a013af1afb02708d6935c97c91b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
x-cdn: Imperva
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618171 2CNN RT(1716562665468 957) q(0 0 0 15) r(0 0)
cache-control: max-age=159, public
x-incap-sess-cookie-hdr: VV8WLQHNIVMws+a1BYvGAuqqUGYAAAAAPxktqcUZ5fixd7E84CpGAQ==
content-length: 435
expires: Fri, 24 May 2024 15:00:25 GMT

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 848 B
682 B 2426ms
2092ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Login%20Box

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7d8b11d4d4c2c3da173ce686a083dfd4a67aba53cb4e965cb22eca9a32c21da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77611916 2NYN RT(1716562665468 1026) q(0 9 9 3) r(11 11)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: vpf1A012m3kws+a1BYvGAuuqUGYAAAAAFaklEEmIk1S+pJ3ooOp3Jw==
server-name: NE-WEB2-B

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 3 KB
1 KB 1573ms
1240ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Header

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

179f7ed19b5922478fed8942f61f46a283833306e0735f2d8c6e8c7c18e9c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77600699 2NYN RT(1716562665468 994) q(0 0 0 5) r(3 3)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: RojQE/8l5wIws+a1BYvGAuqqUGYAAAAA9JO2k/zen+3vOixCF3kSiw==
server-name: NE-WEB1-A

POST
H2 200 multiple Show response
www.tlg-api.com/api/v1/content/string-sections/ 501 B
790 B 702ms
702ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-sections/multiple

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

c50d1cc01d44d4415686fc1c71ac41f44c9c9be694fe8694be92606afa1bceeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618843 PNYN RT(1716562665468 2522) q(0 2 2 0) r(4 4) U6
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: EtF9UxbTawows+a1BYvGAuyqUGYAAAAAsuI22VloEcblWW6O1BuMrg==
server-name: NE-WEB1-A

OPTIONS
H2 200 multiple
www.tlg-api.com/api/v2/content/dictionary-items/ Frame 0
0 2425ms
2099ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items/multiple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:47 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618843 PNNN RT(1716562665468 1030) q(0 9 9 4) r(11 11) U6
x-incap-sess-cookie-hdr: pFCMHbNz7nkws+a1BYvGAuuqUGYAAAAAEdmxj/pCUkkakF0sfNnu+g==
x-powered-by: ASP.NET

POST
H2 200 gethomepageelementsmodel Show response
www.thelotter.com/__ajax/__homepage.asmx/ 34 KB
5 KB 627ms
626ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/__ajax/__homepage.asmx/gethomepageelementsmodel

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

a13fe0dae4e6d7428d19e5f8f093b4cefd70ecd279b201658d6197195d84b7b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82062536 PNYy RT(1716562659268 6198) q(0 0 0 -1) r(3 3) U6
server-name: NE-WEB1-A
x-ua-compatible: IE=edge
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-incap-sess-cookie-hdr: iBsHMtQRaRgpq+a1BYvGAumqUGYAAAAA6Oyq9/MCWtf8kkWigypF0A==
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

POST
H2 200 getauthenticationmodelsignin Show response
www.thelotter.com/__ajax/__authentication.asmx/ 14 KB
4 KB 1065ms
1063ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/__ajax/__authentication.asmx/getauthenticationmodelsignin?siteref=1

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

/ ASP.NET

Resource Hash

6ee5495770a46b3d24581da55bbf076b24e43e24fef5b12d3c7b3e78ddb745cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/?tl_affid=8828
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-82060841-82060931 PNYN RT(1716562659268 6203) q(0 0 0 -1) r(8 8) U6
server-name: NE-WEB2-A
x-ua-compatible: IE=edge
server
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0
x-incap-sess-cookie-hdr: MIi0SUcWYD4pq+a1BYvGAuqqUGYAAAAAwJVm19th4paVmeWps/EgVA==
x-robots-tag: noindex, nofollow
access-control-allow-headers: *

GET
H2 200 1 Show response
www.tlg-api.com/api/v2/product-catalog/products/subsite/ 204 B
650 B 2695ms
2368ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/product-catalog/products/subsite/1?userRef=

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

af376c867225339f4c935dbd41f79d8378f8bc25cf75c29a658fc5b23f9a334f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618871 PNYN RT(1716562665468 1056) q(0 11 11 0) r(13 13) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: p/uJc2O97VEws+a1BYvGAuuqUGYAAAAA2inN5hFMTT1kfY/5WGlNKQ==
expires: -1

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 597 B
722 B 2654ms
2327ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Raffles%20Carousel

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a78c74e9483ac3cf7314bb056f662261ec076774f1503186b660506d5e4f1b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77609430 2NYN RT(1716562665468 1047) q(0 10 10 3) r(13 13)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: bETiHPR9RxMws+a1BYvGAuuqUGYAAAAAYw4Dm3YDI1XQmqGGYetHlA==
server-name: NE-WEB2-B

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 800 B
696 B 1750ms
1423ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Home%20Page%20-%20Discover%20theLotter

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

6870b235f4e5374945e0fc3775b4012408ccb07ea6e318902dfbb4802dfd4485

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77609430 2NYN RT(1716562665468 1001) q(0 2 2 2) r(4 4)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: 3Np8UDIZOXows+a1BYvGAuqqUGYAAAAAODDEQt4zphv+IyC6FY0HUQ==
server-name: NE-WEB2-B

GET
H2 200 discover-thelotter-element Show response
www.tlg-api.com/api/v1/marketing/conversion-retention/subsites/1/ 796 B
730 B 2187ms
1860ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/marketing/conversion-retention/subsites/1/discover-thelotter-element?baseUrl=https://www.thelotter.com/&languageRef=1&isMobile=false

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

2f227da87ffdcb94d4c9e70c98b8c185ce465a73fb60eb6bf06174dfa4009cb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618858 NNYN CT(229 467 0) RT(1716562665468 917) q(0 1 8 17) r(10 10) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: G54/fRQmSwYws+a1BYvGAuuqUGYAAAAASQ+RhD/B8aq5TBzuPKxaUg==
expires: -1

POST
H2 200 multiple Show response
www.tlg-api.com/api/v2/content/dictionary-items/ 1 KB
712 B 856ms
856ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items/multiple

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e44f391ebd681457bf31b9469d70fccab9919dbd01d206728d9f33d51216e47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77619021 PNYN RT(1716562665468 2415) q(0 3 3 0) r(6 6) U6
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: fsZMWtwoT1Mws+a1BYvGAuyqUGYAAAAArHGoD35E1ciaji0fPRENhA==
server-name: NE-WEB1-A

GET
H3 200 overlay.js Show response
lpcdn.lpsnmedia.net/le_re/3.60.0.0-release_5218/jsv2/ 10 KB
3 KB 8ms
8ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.60.0.0-release_5218/jsv2/overlay.js?_v=3.60.0.0-release_5218
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 027dbe31bc494e14acab76a221273e52d1d8273f29a5a46055b36d74d6eb369b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:34:26 GMT
content-encoding: br
age: 33799
x-guploader-uploadid: ABPtcPqkBJqxn221ha5JX95PdhqrMAGb1ll163JWh-e7wabFkHKf2UQekGKGqg23Y8CNhvnim8Y
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3151
last-modified: Fri, 03 May 2024 01:06:51 GMT
server: UploadServer
etag: W/"3de36f700a9fd7b27d7cf9968d108388"
vary: Accept-Encoding
x-goog-generation: 1714698411677687
x-goog-hash: crc32c=2/vLrg==, md5=PeNvcAqf17J9fPmWjRCDiA==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 9892
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H3 200 UISuite.js Show response
lpcdn.lpsnmedia.net/le_re/3.60.0.0-release_5218/jsv2/ 30 KB
10 KB 9ms
9ms Script
application/javascript 34.120.154.120
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_re/3.60.0.0-release_5218/jsv2/UISuite.js?_v=3.60.0.0-release_5218
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.120.154.120 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 120.154.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c525027b646bf78eba749696366d20e8aa5c3603043339eb5ad828175c7238e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 05:34:26 GMT
content-encoding: br
age: 33799
x-guploader-uploadid: ABPtcPpMgLb0n8o_RUO2z9_Sayf6Aa40WkW5vbdsngiYX3Do6sXHmO-0x8liSx_6_atdB0RUmcg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10020
last-modified: Fri, 03 May 2024 01:06:51 GMT
server: UploadServer
etag: W/"eee640d58b09a4461472719dc7eb973f"
vary: Accept-Encoding
x-goog-generation: 1714698411659591
x-goog-hash: crc32c=MW0L4w==, md5=7uZA1YsJpEYUcnGdx+uXPw==
access-control-allow-origin: *
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
cache-control: public,max-age=31536000
x-goog-stored-content-length: 30647
accept-ranges: none
timing-allow-origin: https://z1.le.liveperson.net, https://va.le.liveperson.net, https://z2.le.liveperson.net, https://lo.le.liveperson.net, https://am.le.liveperson.net, https://z3.le.liveperson.net, https://sy.le.liveperson.net, https://me.le.liveperson.net, https://vz-care-dev.liveengage.verizon.com, https://vz-care-qa.liveengage.verizon.com, https://vz-care.liveengage.verizon.com
content-type: application/javascript

GET
H2 200 1216 Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/campaigns/4023181938/engagements/4023207538/revision/ 3 KB
2 KB 45ms
44ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/campaigns/4023181938/engagements/4023207538/revision/1216?v=3.0&cb=lp4023207538&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

c80b783fe133d87a84663e123c74f508eb5957fa4604fb86c3b8ca9dea20a6b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:58:45 GMT

GET
H2 200 827 Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/campaigns/585154612/engagements/585155012/revision/ 2 KB
2 KB 25ms
24ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/le-campaigns/campaigns/585154612/engagements/585155012/revision/827?v=3.0&cb=lp585155012&flavor=dependency

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

67ff8ba85155705413e6011e6a8c5dce9d02e2d680591e47c1d2ba778b543d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:57:49 GMT

GET
H2 200 50625536 Show response
va.v.liveperson.net/api/js/ 111 B
901 B 95ms
95ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/50625536?sid=wwZHUEdFT9qD6czmxqKDTg&cb=lpCb35783x47802&t=pl&ts=1716562664789&pid=7551726814&tid=8347397823&vid=NmMzNjYjRlYmRiYThjZGY5

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

3941cd147110f28910ba21d962cd7700f7da7f2b76e4a6992f269db3ef173c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 16 KB
3 KB 2799ms
2570ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Footer%20License%20Description

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a545e1e9ca5349a0b4da14b108e83eaaf13effb5757757fce480339c176a47e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77611916 2NYN RT(1716562665468 1060) q(0 13 13 2) r(15 15)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: fMlICF2kOhEws+a1BYvGAuyqUGYAAAAA9v01mAornPlSQXBfmNJhAg==
server-name: NE-WEB1-A

GET
H2 200 573453912 Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/engagement-window/window-confs/ 3 KB
2 KB 39ms
39ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/engagement-window/window-confs/573453912?cb=lpCb36908x25388

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

1c9b766609d53165056de484fe90af6ad6a298f3a27c422a347e6529a8803748

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: HIT
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:57:49 GMT

GET
H2 200 4023207438 Show response
accdn.lpsnmedia.net/api/account/50625536/configuration/engagement-window/window-confs/ 5 KB
2 KB 85ms
84ms Script
application/javascript 178.249.97.99
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://accdn.lpsnmedia.net/api/account/50625536/configuration/engagement-window/window-confs/4023207438?cb=lpCb207x81528

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.249.97.99 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

lo-accdn.lpsnmedia.net

Software

ws /

Resource Hash

afa5278bb940a1ecbfd8dd26fc43bb6e134dcc52830081f36079b4375e24df28

Security Headers

Name	Value
Strict-Transport-Security	max-age=99999999999; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
strict-transport-security: max-age=99999999999; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
vary: Accept
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Fri, 24 May 2024 14:58:45 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1015524/log/3/ 0
249 B 41ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=1500&msa=1365&rv=1&tim=1716562665862&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1015524/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thelotter.com
pragma: no-cache
date: Fri, 24 May 2024 14:57:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1015524/log/3/ Frame 0
0 59ms
13ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=1500&msa=1365&rv=1&tim=1716562665862&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.thelotter.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Fri, 24 May 2024 14:57:45 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 reponline.png
www.tl-res.com/images/liveperson/stickyFR/en/ 635 B
839 B 173ms
55ms Image
image/png 52.178.209.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tl-res.com/images/liveperson/stickyFR/en/reponline.png

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.178.209.216 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

cb1eb9426b1a5c94713dfab7c8c03c9ed9970ad00accbfb1d665442e7e32548e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:45 GMT
last-modified: Tue, 21 May 2024 12:52:50 GMT
server: Microsoft-IIS/10.0
etag: "804fdbc97dabda1:0"
x-powered-by: ASP.NET
content-type: image/png
server-name: NE-WEB3-A
accept-ranges: bytes
content-length: 635

GET
H/1.1 200
OK live-person-chat-button-dots.20230201083939.svg
tle-dynamic-images.s3.eu-west-1.amazonaws.com/ 4 KB
5 KB 126ms
47ms Image
image/svg+xml 52.92.33.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tle-dynamic-images.s3.eu-west-1.amazonaws.com/live-person-chat-button-dots.20230201083939.svg
Requested by: Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.33.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10434e7c903529ea1d2cc904f6feca975db033ef0106628f14d94c7dc3acc1ca

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:47 GMT
Last-Modified: Wed, 01 Feb 2023 08:39:41 GMT
Server: AmazonS3
x-amz-request-id: GH3F0139RKT5PPCR
ETag: "019c8377538435c8172f9e5d870326af"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 4413
x-amz-id-2: stPE/C6tOR1sEt/Ur7iNDdqtRd8Zh+kL7Y1gnVPnhUqBDiNPW0bmNTgST9Jzn6FBb8Hk5GoIA8s=

GET
H2 200 50625536 Show response
va.v.liveperson.net/api/js/ 42 B
839 B 99ms
97ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/50625536?sid=wwZHUEdFT9qD6czmxqKDTg&cb=lpCb76298x40567&t=uc&ts=1716562666055&pid=7551726814&tid=8347397823&vid=NmMzNjYjRlYmRiYThjZGY5&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A585154612%2C%22engId%22%3A585155012%2C%22revision%22%3A827%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%222%22%7D%5D%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

b671320cc0176c7c01931bd7d560aa83e917390c52d2bc44c933888e75ac518c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 50625536 Show response
va.v.liveperson.net/api/js/ 41 B
838 B 95ms
94ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL

https://va.v.liveperson.net/api/js/50625536?sid=wwZHUEdFT9qD6czmxqKDTg&cb=lpCb40288x4554&t=uc&ts=1716562666071&pid=7551726814&tid=8347397823&vid=NmMzNjYjRlYmRiYThjZGY5&sdes=%5B%7B%22type%22%3A%22impDisplay%22%2C%22campaign%22%3A4023181938%2C%22engId%22%3A4023207538%2C%22revision%22%3A1216%2C%22eContext%22%3A%5B%7B%22type%22%3A%22engagementContext%22%2C%22id%22%3A%221%22%7D%5D%7D%5D

Requested by

Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/50625536/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=en-GB&b=undefined

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),

Reverse DNS

va.v.liveperson.net

Software

ws /

Resource Hash

0fccbead2dcb84240330c05989ba7fd3efb4f6ac293f6dc1cc0b58b6daece9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/?tl_affid=8828

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 May 2024 13:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 24 May 2024 15:41:03 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&RedC=c.clarity.ms&MXFR=1C1011D80975646E3CCE05510D756A7C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&MUID=103ED748637F62030B6CC3C1627F63C3

42 B
442 B

29ms
29ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&MUID=103ED748637F62030B6CC3C1627F63C3
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thelotter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:45 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 53D5E581B6744662B632ED454483AC06 Ref B: FRAEDGE1919 Ref C: 2024-05-24T14:57:46Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=86453418C47F46BC8EEF5E990A70F799&MUID=103ED748637F62030B6CC3C1627F63C3
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 1 Show response
www.tlg-api.com/api/v1/notification/push/setting/subsite/ 3 KB
2 KB 2333ms
2332ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/notification/push/setting/subsite/1

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

34802d602034c423ad56dad1ffdfd7459d8566d9ebd09d84ebf599b3246b6d54

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77619012 PNYN RT(1716562665468 1064) q(0 13 13 2) r(15 15) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: fy0gLmgskSkws+a1BYvGAuyqUGYAAAAAsTTH1nxsvsqZlQSHKOlEdQ==
expires: -1

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 2 KB
2 KB 329ms
329ms Other
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/objects/dm.tlo?id=30173&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

0b88073f5a0841d17a522e8117d32b03814bb4effecd476cd553fb5d2a31be64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:28 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6819) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 2050
expires: Sat, 24 May 2025 14:57:46 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
224 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=434437044&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&ul=de-de&de=UTF-8&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAACAAI~&jid=1046154163&gjid=1682503559&cid=2048390767.1716562664&tid=UA-6907977-2&_gid=2130332340.1716562666&_r=1&_slc=1&z=1845561320

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

69250d09ba313193fd273aa4ed83cc38d8a8d96e2f0692ac2b0736d2ec497d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelotter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
351 B 56ms
19ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-6907977-2&cid=2048390767.1716562664&jid=1046154163&gjid=1682503559&_gid=2130332340.1716562666&_u=IAhAAEAAAAAAACAAI~&z=839495120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelotter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 332 KB
98 KB 53ms
53ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LHBYGTQQ6Q&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5ed9ebd9f2a9f9ec2da696b307c30af8a260508d2490094b7aa535df499adc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100520
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 24 May 2024 14:57:46 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 48ms
31ms Image
image/gif 142.250.185.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6907977-2&cid=2048390767.1716562664&jid=1046154163&_u=IAhAAEAAAAAAACAAI~&z=417321629

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
30ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-6907977-2&cid=2048390767.1716562664&jid=1046154163&_u=IAhAAEAAAAAAACAAI~&z=417321629

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 77 KB
77 KB 317ms
315ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=33668&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

95babb69d984bc96181e364cdd611e2abf80aff49bb4c62f8c0c59a47ab55335

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7030) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 78453
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 11 KB
11 KB 311ms
308ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29435&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

bf0fbad2e9ecebe0a44847e8a30635960d6edbe2c4d79339df9fbe20173767a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7022) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 11445
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 58 KB
59 KB 326ms
324ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=34947&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

9d66c119cda90cce23b754952728cb3c4263c0d3b7a24634ac24a34f45873841

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7039) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 59827
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 9 KB
9 KB 318ms
316ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29437&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

9dbbaec1290e56ee5480ccd7070bae23babe1bdec02940df556fd52f37d46e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7032) q(1 -1 -1 -1) r(1 -1)
cache-control: max-age=31536000, public
content-length: 9368
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 73 KB
73 KB 332ms
330ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=33669&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a1c8a3459907567ef225853c6e832fb40d60e5a3132ea58d93ca6d2eb9b1f40e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7045) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 74285
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 62 KB
62 KB 339ms
338ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=34944&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a2d11df0ab57da6802e319d997bf4c353fcee97cfab585f1cc0b14937d3531f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7053) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 63292
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 11 KB
11 KB 351ms
350ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29436&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

b7cd70433d42a837054823a28f9a4953398609d30a246404a0be2c340bc96f92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:32 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7065) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 11674
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 / Show response
www.tlg-api.com/api/v1/feature-toggle/is-feature-enabled/featureName/LotteryProduct-Web-QuickdrawTimerDisplayHoursDesign/subfeature/ 96 B
510 B 2098ms
2098ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/feature-toggle/is-feature-enabled/featureName/LotteryProduct-Web-QuickdrawTimerDisplayHoursDesign/subfeature/

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

86406898c176e3d724d01e191e115ebc8279701cc31091d66eeb65d97a221648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:47 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618871 PNYN RT(1716562665468 1068) q(0 13 13 1) r(15 15) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: AM4eZTRqnVgws+a1BYvGAuyqUGYAAAAA/KXkNRP9HNHJH3mTtLgHIA==
expires: -1

POST
H2 204 collect
region1.google-analytics.com/g/ 0
46 B 15ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LHBYGTQQ6Q&gtm=45je45m0v9165092076za200&_p=1716562663892&gcs=G100&gcd=13p3pPp2p6&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&ul=de-de&sr=1600x1200&cid=2048390767.1716562664&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&sid=1716562666&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=7648
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LHBYGTQQ6Q&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thelotter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ourWinnersSpriteV2-uplifting.png
www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ 56 KB
57 KB 306ms
306ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ourWinnersSpriteV2-uplifting.png?v=20240521

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

6b565647c7fe32a0202e18d3a2ff0382abd50f3878c774b0fe1a14cff3434a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20 May 2024 10:16:17 GMT
x-cdn: Imperva
etag: "52f779c09eaada1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7119) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 57852
expires: Sat, 24 May 2025 14:57:46 GMT

GET
H2 200 tlfrm.tlp Show response
s11.thelotter.com/delivery/ Frame 3C47 4 KB
2 KB 1594ms
1578ms Document
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://s11.thelotter.com/delivery/tlfrm.tlp?zoneid=103&langref=1&usertype=-1&bestsaleid=6678&isplayedscratchcards=False&countryref=217&player=0&cb=wVWI6h3Y&subsiteid=1&domain=https://www.thelotter.com/
Requested by: Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?v=20240522103120&d=%24s%24jquery-1.7.1.min.js%2c%24s6%24namespace.js%2c%24s6%24class.js%2c%24s6%24core.js%2c%24s6%24core.math.js%2c%24s6%24core.validations.js%2c%24s6%24core.utils.url.js%2c%24s%24_app%2ftl.js%2c%24s4%24tlglobals.js%2c%24s%24_app%2fservices%2fbaseservice.js%2c%24s%24_app%2fservices%2ffontstylecalculatorservice.js%2c%24s%24_app%2fservices%2fuserloginstatusservice.js%2c%24s%24_app%2fservices%2ffeaturetoggleservice.js%2c%24s4%24siteelements.js%2c%24s%24jstorage%2fjstorage.js%2c%24s3%24formsnormalizer.js%2c%24s%24big.min.js%2c%24s%24mailcheck.min.js%2c%24s%24localforage.js%2c%24s3%24singleframeandpopupcontroller.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: Microsoft-IIS/8.5 / PHP/5.3.28 ASP.NET
Resource Hash: 2bfd7c6122b56ea49b26bb11689900dd5acd8235179205709d2494904b5a1a03

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thelotter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-length: 1871
content-type: text/html; charset=UTF-8
date: Fri, 24 May 2024 14:57:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: Microsoft-IIS/8.5
server-name: Shield2
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 14-82060841-82062902 NNNN CT(280 609 0) RT(1716562659268 7190) q(0 0 9 0) r(13 13) U12
x-incap-sess-cookie-hdr: aSrMTcuii09Ns+a1BYvGAuuqUGYAAAAAhO0U8hin7L3v9JQ69LXwlg==
x-powered-by: PHP/5.3.28 ASP.NET

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 14 KB
14 KB 300ms
296ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=5609&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

b0e12bbd8cee339deea78909d1b80e6c9e579785e6e13a561a1ee2e23983717b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 12:34:40 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7179) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 14003
expires: Sat, 24 May 2025 14:57:46 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 134ms
134ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.thelotter.com
Date: Fri, 24 May 2024 14:57:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H/1.1 200
OK core.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 283 KB
75 KB 7ms
7ms Script
application/javascript 43.152.26.235
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=560249340963860480&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=560249340963860480&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.235 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: c57f01a794386a09e7f1936877928197240f1c0b0dc372623f72b938eb325173

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 146.70.117.69
Date: Mon, 13 May 2024 04:46:01 GMT
Content-Encoding: gzip
x-oss-request-id: 66419B091E0D35333841C874
X-Cache-Lookup: Cache Hit
kwaisign: NULL
Connection: keep-alive
Content-Length: 76281
X-Ks-Request-ID: 12415860145200624239
X-Ks-Cache: Hit from 43.152.26.235
x-oss-object-type: Normal
Last-Modified: Thu, 09 May 2024 07:29:23 GMT
Server: Lego Server
Etag: "A1AF4189F5316D46C9C54AEFCCA71D0A"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 12415860145200624239
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14277915965750714475
x-oss-server-time: 20
Expires: Wed, 12 Jun 2024 04:46:01 GMT

GET
H2 200 / Show response
www.tlg-api.com/api/v1/feature-toggle/is-feature-enabled/featureName/GROWTH-LotterWeb-JS-XMasBackgroundImage/subfeature/ 96 B
484 B 1951ms
1951ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/feature-toggle/is-feature-enabled/featureName/GROWTH-LotterWeb-JS-XMasBackgroundImage/subfeature/

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

86406898c176e3d724d01e191e115ebc8279701cc31091d66eeb65d97a221648

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77619021 PNYN RT(1716562665468 1072) q(0 13 13 0) r(16 16) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: hAPgc0yqQ30ws+a1BYvGAuyqUGYAAAAAZ1Czg5wxM9ugbpIKMsBgaw==
expires: -1

POST
H2 200 dictionary-items Show response
www.tlg-api.com/api/v2/content/ 20 KB
4 KB 560ms
560ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d5cfb36e0d7533e7cac46070fa2374b92e903ac021261917d80b940e4c8bf759

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77619021 PNYN RT(1716562665468 2996) q(0 0 0 -1) r(3 3) U6
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: 9tR8WKM5W28ws+a1BYvGAuyqUGYAAAAAFxwvi35Zem8GihU4Ygp01Q==
server-name: NE-WEB1-A

POST
H2 200 dictionary-items Show response
www.tlg-api.com/api/v2/content/ 9 KB
2 KB 566ms
566ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

abe7e7bfcab184fad3a602942b65170daf1a3e077ae04da26100048947d9b468

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618977 PNYN RT(1716562665468 3131) q(0 1 1 -1) r(3 3) U6
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: ZHPgYb1GVQYws+a1BYvGAuyqUGYAAAAAgEe+POZ1EKyAZi8tAxsDVQ==
server-name: NE-WEB1-A

GET
H2 200 analytics Show response
consent.cookie-script.com/ 47 B
454 B 432ms
393ms XHR
application/json 65.108.188.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookie-script.com/analytics?action=firstshown&time=1716562666795&script=5b935606235026e0ce205f7a03ab6101&category=
Requested by: Host: cdn.cookie-script.com
URL: https://cdn.cookie-script.com/s/5b935606235026e0ce205f7a03ab6101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.188.108.65.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 31c5c166bf2ec35cb5a865dcdf3b74a133b46ef0fc3006017c4570c5b8593762

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:47 GMT
via: 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA60-P3
x-amzn-trace-id: Root=1-6650aaea-4137d9bd703fc1e149e75a9d;Parent=44970cc48795ca27;Sampled=0;lineage=a8669a4e:0
x-amzn-requestid: ae7fa7e9-c414-49b4-a1fb-8de4c78e8c8b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: YR-kwGq_DoEEd6w=
content-length: 47
x-amz-cf-id: BML_Jk31EyrKJjx7ATgQXT_EWZriRFV_nZ45CDT7mp5X3Ct3P9WIBQ==

GET
H2 200 OpenSans-Regular.woff
www.thelotter.com/Resources/Fonts/OpenSans/ 66 KB
66 KB 324ms
324ms Font
font/x-woff 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thelotter.com/Resources/Fonts/OpenSans/OpenSans-Regular.woff?v=20240521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

5ceb85f35c12351598fadc630bd1ace7386dcb0523e749e97350b1d9ed057bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116
Origin: https://www.thelotter.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:46 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20 May 2024 10:16:28 GMT
x-cdn: Imperva
etag: "1DAAA9EC6EFA600"
content-type: font/x-woff
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 7321) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: kTR0b0NWgAwpq+a1BYvGAuqqUGYAAAAAz8ytMWa1cYBfeZlmEPr+6g==
content-length: 67528
expires: Sat, 24 May 2025 14:57:46 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef922ec17299886d78d0e10aa9c1360519f5c2812b0a5202ea51a6a5c5e22a7f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 192fef0f1f45db7d0c7cb91298b7865444e93d787ab80f9e7d16f062ed72e0fd

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5464b6081d981aaf8905d8d449596aa2124761c70a8d5703caefe67634ae2de

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2f5a2a3bed5987eb99c61750acede4659c3eee76cce96f573dc540a5374e2c6

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 977f91d3efb4e82c77b661b6d30152a33a8072860deb83e06aaef4f356d5b59b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f9597d4ccf2494d2fc65b67107620311558c5458cf7c048ad2b222f1853ec02

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 dictionary-items
www.tlg-api.com/api/v2/content/ Frame 0
0 1919ms
1918ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:48 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618843 PNNN RT(1716562665468 1073) q(0 14 14 1) r(16 16) U6
x-incap-sess-cookie-hdr: SlF0dn4C2yUws+a1BYvGAuyqUGYAAAAA3Wo+vbaAd8IOeIYH0cCwFg==
x-powered-by: ASP.NET

OPTIONS
H2 200 dictionary-items
www.tlg-api.com/api/v2/content/ Frame 0
0 2045ms
2045ms Preflight 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v2/content/dictionary-items

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 24 May 2024 14:57:48 GMT
expires: -1
pragma: no-cache
server: Microsoft-IIS/10.0
server-name: NE-WEB1-A
strict-transport-security: max-age=15552001; includeSubDomains; preload
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 13-77618764-77618977 PNNN RT(1716562665468 1075) q(0 15 15 0) r(17 17) U6
x-incap-sess-cookie-hdr: xgGbJeM8LwIws+a1BYvGAuyqUGYAAAAAdSMjt8KGur2ozpOdXskttw==
x-powered-by: ASP.NET

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 70 B
193 B 1124ms
1035ms XHR
text/plain 104.77.118.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=560249340963860480&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.118.51 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-118-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 38521a5e877c1bc44e9cb4ba0f21fed9643554aef87cb75086adb0f414b97d79

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thelotter.com
date: Fri, 24 May 2024 14:57:47 GMT
access-control-allow-credentials: true
content-length: 70
content-type: text/plain;charset=UTF-8

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 72 B
284 B 342ms
255ms XHR
text/plain 104.77.118.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=560249340963860480&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.77.118.51 Slough, United Kingdom, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-77-118-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a39497ba8db2ba9f68c578856a241f68179646f482e495e9015d5025612494cf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thelotter.com
date: Fri, 24 May 2024 14:57:47 GMT
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 72
content-type: text/plain;charset=UTF-8

GET
H/1.1 200 getPixelConfig Show response
api.mythad.com/rest/n/adintl/ad/ 402 B
903 B 670ms
265ms XHR
application/json 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=560249340963860480&pageId=pageId-1716562666856-1168582534044
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=560249340963860480&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: 8bb3d97ff4780f380e27cd810e34997a277b49d2dda56c2043c9b37c950668f3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 24 May 2024 14:57:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.thelotter.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Alt-Svc: quic=":443";ma=2592000;v="43"

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 626 B
664 B 1799ms
1799ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=4&subSiteRef=1&languageRef=1&sectionName=Footer%20(Mobile)

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0129141f476e87d0197a1fa3d84d82ac78bc3fb7456821affcb34446eb5652e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77611916 2NYN RT(1716562665468 1321) q(0 13 13 165) r(15 15)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: RSwkdgB5pl8ws+a1BYvGAuyqUGYAAAAA671v/CL6UUau5PYqM6B2hA==
server-name: NE-WEB1-A

GET
H2 200 string-section Show response
www.tlg-api.com/api/v1/content/ 2 KB
869 B 1830ms
1830ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-section?applicationRef=1&subSiteRef=1&languageRef=1&sectionName=Footer

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

756599e55655b1bf6888ebeeab9b6818bf68427dfa56283a449bbf58f22337f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77618171 2NYN RT(1716562665468 1325) q(0 13 13 164) r(16 16)
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: f/nWdwHBAzsws+a1BYvGAuyqUGYAAAAAlth0yFUyJ3QGwz7a5bP7XQ==
server-name: NE-WEB2-B

GET
H2 200 loading-white.gif
www.thelotter.com/App_Themes/Default/images/General/ 14 KB
0 0ms
0ms Image
image/gif 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thelotter.com/App_Themes/Default/images/General/loading-white.gif?v=202405232
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: /
Resource Hash: a0b0cb9ced6df0bf47cc8718f9aa806c2876e1e55e549b269d118e5754dbb666

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:45 GMT
last-modified: Wed, 22 May 2024 09:53:05 GMT
x-cdn: Imperva
etag: "b584d82dacda1:0"
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 6147) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 14619
expires: Sat, 24 May 2025 14:57:45 GMT

POST
H/1.1 200 api Show response
api.mythad.com/log/common/co/ 2 KB
1 KB 255ms
254ms XHR
application/json 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=560249340963860480&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash: e7b94456b26df1e263f723e6caa702e1274ac9adcd9d406509e8f5bbec129ce5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

Date: Fri, 24 May 2024 14:57:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=utf-8
Access-Control-Allow-Origin: https://www.thelotter.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Alt-Svc: quic=":443";ma=2592000;v="43"

OPTIONS
H/1.1 200 api
api.mythad.com/log/common/co/ Frame 0
0 253ms
252ms Preflight 43.132.32.113
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.mythad.com/log/common/co/api
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://www.thelotter.com
Access-Control-Max-Age: 1800
Allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc: quic=":443";ma=2592000;v="43"
Connection: keep-alive
Content-Length: 0
Date: Fri, 24 May 2024 14:57:47 GMT
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 DiscoverTheLotter-uplifting-v2.png
www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ 192 KB
192 KB 317ms
316ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/DiscoverTheLotter-uplifting-v2.png?v=20240521

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

79d0efd84d3e2e32fe8767feae295b182e35e679f0246f49ac8d4935031058cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:47 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20 May 2024 10:16:17 GMT
x-cdn: Imperva
etag: "b3ff70c09eaada1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 8397) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 196356
expires: Sat, 24 May 2025 14:57:47 GMT

GET
H2 200 dm.tlo
www.thelotter.com//objects/ Frame 3C47 13 KB
13 KB 277ms
276ms Image
image/jpeg 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com//objects/dm.tlo?id=8907

Requested by

Host: s11.thelotter.com
URL: https://s11.thelotter.com/delivery/tlfrm.tlp?zoneid=103&langref=1&usertype=-1&bestsaleid=6678&isplayedscratchcards=False&countryref=217&player=0&cb=wVWI6h3Y&subsiteid=1&domain=https://www.thelotter.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

13c8b9f9c2ba8c2d73c00b8a993a4ee45a349a4bff949273d0bd35c2b7ca89f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 05 May 2024 17:26:20 GMT
x-cdn: Imperva
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 8757) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: udK+J1VB5yIpq+a1BYvGAuyqUGYAAAAA6xtao9ZtL2YFZYD8v9OVvg==
content-length: 12923
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com//objects/ Frame 3C47 15 KB
15 KB 281ms
281ms Image
image/jpeg 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com//objects/dm.tlo?id=8908

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

c5da116bd386cc1eb92564b13ef5c89984769604f5bf440561a8b814fe4d47b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 May 2024 20:14:57 GMT
x-cdn: Imperva
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 8764) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: lZeeM1wK5nEpq+a1BYvGAuyqUGYAAAAAQSLw9u5ISYp6dDx0Re30Tg==
content-length: 15706
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com//objects/ Frame 3C47 14 KB
14 KB 282ms
279ms Image
image/jpeg 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com//objects/dm.tlo?id=8909

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

d32680eaf39cb3d9d4de10185ff4181a301bbc4e6787fdd9a774931500d8231e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 May 2024 20:14:58 GMT
x-cdn: Imperva
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 8771) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: NDK4Oqqa41Apq+a1BYvGAuyqUGYAAAAAOriPFCi8xEMwzz1/Nd5vwg==
content-length: 14074
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com//objects/ Frame 3C47 16 KB
16 KB 288ms
285ms Image
image/jpeg 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com//objects/dm.tlo?id=8910

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

741a00274bac2b928ff392345a9dd75bbc59513dd4d8acd9169e642b524ae5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 01 May 2024 20:14:58 GMT
x-cdn: Imperva
content-type: image/jpeg
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 8777) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
x-incap-sess-cookie-hdr: jZw4aQxa4ywpq+a1BYvGAuyqUGYAAAAAyCqy+9UbXsDtwB4O+nhqoQ==
content-length: 16348
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 lg.php
s4.thelotter.com/delivery/ Frame 3C47 43 B
491 B 1432ms
1418ms Image
image/gif 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.thelotter.com/delivery/lg.php?bannerid=5611&campaignid=36&zoneid=103&loc=1&referer=https%3A%2F%2Fwww.thelotter.com%2F&cb=35f8e894db
Requested by: Host: s11.thelotter.com
URL: https://s11.thelotter.com/delivery/tlfrm.tlp?zoneid=103&langref=1&usertype=-1&bestsaleid=6678&isplayedscratchcards=False&countryref=217&player=0&cb=wVWI6h3Y&subsiteid=1&domain=https://www.thelotter.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.27 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.27.ip.incapdns.net
Software: Microsoft-IIS/8.5 / PHP/5.6.24, ASP.NET
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 24 May 2024 14:57:49 GMT
server: Microsoft-IIS/8.5
x-cdn: Imperva
x-powered-by: PHP/5.6.24, ASP.NET
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
x-iinfo: 14-82060841-82063330 NNNN CT(259 563 0) RT(1716562659268 8780) q(0 0 8 -1) r(11 11) U2
cache-control: private, max-age=0, no-cache
x-incap-sess-cookie-hdr: rYHLF9qHZWxNs+a1BYvGAu2qUGYAAAAA/b46WSTTJLq4Ic6C226I3w==
server-name: Shield2
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame 3C47 92 KB
33 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:54:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:54:04 GMT

GET
H2 200 angular.min.js Show response
ajax.googleapis.com/ajax/libs/angularjs/1.4.2/ Frame 3C47 142 KB
51 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/angularjs/1.4.2/angular.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c4d5e55d450caf12b7d712277f528f373cd4b63eb1020ab6cbf3805f159247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:52:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 129940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51994
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 May 2025 02:52:08 GMT

GET
H3 200 AppSiteV3.js Show response
www.lottery-win.org/Scripts/TheLotter/ Frame 3C47 8 KB
3 KB 48ms
20ms Script
application/javascript 104.21.69.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lottery-win.org/Scripts/TheLotter/AppSiteV3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

8e3042efd121a0b65f2e080adda73ee97d4e1959e1ff0bae058d173302a9a28d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4456
cf-polished: origSize=17801
x-powered-by: ASP.NET
server-name: NE-WEB3-A
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Sep 2021 15:20:47 GMT
server: cloudflare
etag: W/"80b1c71aea0d71:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpIKfihzxE37pMGdVjBeskKmb2KukHpXAXFH7gIdtWwfVdDYlkyGPAev4ieZZoXpqoPi8uLOD0w%2FbUlHCywPPpN0dlw75OOlBJ0hvAqfsct77OwT%2Bd177gCVlb7tpAjW8CjJkjES"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 888e23e518a418d2-FRA

GET
H3 200 Utils.js Show response
www.lottery-win.org/Scripts/TheLotter/ Frame 3C47 2 KB
1 KB 46ms
19ms Script
application/javascript 104.21.69.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lottery-win.org/Scripts/TheLotter/Utils.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

13ce7d8a337f83173a2ae44f30a70e5140b634746f3f10db2d352912d6784fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6270
cf-polished: origSize=5640
x-powered-by: ASP.NET
server-name: NE-WEB3-A
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Mar 2017 13:32:29 GMT
server: cloudflare
etag: W/"8014b042fe9bd21:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWAf03xB7HXGnHYH8XcQsrhWw6oLDtfGzj281Pm2TUS%2Br05q17tBr5fx%2Bk%2F4tVsUGFHTRoKGu9LsXRIyj1NLBjzYTU4bk6ZRrvi%2F0AP6iXaMcW6O%2BifHA4EerVvSh%2FhbRTtj4LMw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 888e23e518a818d2-FRA

GET
H3 200 DrawTimer.js Show response
www.lottery-win.org/Scripts/TheLotter/ Frame 3C47 2 KB
1 KB 49ms
22ms Script
application/javascript 104.21.69.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lottery-win.org/Scripts/TheLotter/DrawTimer.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

06bb0e095ea69c36d1de29ff26b3daf99afb94d3b704a30e7d7aa6636ee15b6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6037
cf-polished: origSize=3959
x-powered-by: ASP.NET
server-name: NE-WEB3-A
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Mar 2017 13:32:29 GMT
server: cloudflare
etag: W/"8014b042fe9bd21:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9aznfLyY05wYEgVfJsIGrwS%2BpuKTmBNdq%2B5B3kOUKBtWDWTqYuV58gTKFn3wN5nILjMYoaW2CSkh9ZubGuWlAKBQ30GpzOfoVxNeef2x%2BPdUNqmxJFLD4kpNqh%2FGNlDmKeanqit"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 888e23e518ac18d2-FRA

GET
H3 200 Translations.js Show response
www.lottery-win.org/Scripts/TheLotter/ Frame 3C47 4 KB
2 KB 50ms
23ms Script
application/javascript 104.21.69.127
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lottery-win.org/Scripts/TheLotter/Translations.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.69.127 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / ASP.NET

Resource Hash

7acffd286ccd8fa4c8b21d3d06974fff1429f87a49d90e48149c8a1152879607

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://s11.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=15552001; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5749
cf-polished: origSize=5773
x-powered-by: ASP.NET
server-name: NE-WEB3-A
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 17 May 2018 13:09:52 GMT
server: cloudflare
etag: W/"0d07a57e0edd31:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DU4UYS0Sgydq5TbGOzTqEDL5vOv9tlwLjryv7e8KvGlvDfLMaBgg2Ze%2BIeqEjlhSUDqr2idd0K%2FmyHqN9JINOYm5ASAS4nlIizd9YRecCNiLKChmuEYjmjpzBdKGDpF5pjEVawek"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 888e23e518ad18d2-FRA

GET
H2 200 tp.widget.bootstrap.min.js Show response
widget.trustpilot.com/bootstrap/v5/ 21 KB
7 KB 76ms
20ms Script
application/x-javascript 65.9.95.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?ngm=auth%2cformsshared%2cfullregistration%2cuserdetails%2cpaymentmethods%2cshared%2cxsscontent%2cliveperson%2cgamblingaml%2cgamblingdepositlimit%2cgamblinglicense%2cgamblingtimelimit%2cregulation%2cregulationlocation%2cregulationuser%2ctermsandconditions%2cfrozenuser%2csubsitepolicypermissions%2cconsent%2cuser%2clocationidentification%2cscratchcardshared%2cinstantgamesshared%2cfootercontent%2cheader%2cautologout%2cfinance%2csecurity%2cdesktopheader%2ccontentdirectives%2csitenotifications%2chomepage%2cnoplayablelottery%2cupsalecampaign%2cpushnotification%2capp.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-93.prg50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 01:37:57 GMT
content-encoding: gzip
via: 1.1 93fcd07b66eaf26b036f14e2ec9d73ea.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: PRG50-C1
age: 47992
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 6759
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Oct 2023 12:27:20 GMT
server: AmazonS3
etag: "15864ce88fa79a3e954417d0c3396798"
content-type: application/x-javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: ZxNAZ1O8gKiX_BbQ8HMiSJGr5SHhV-KtiMcXPm3SrMEDS3x3WQyu9Q==

GET
H2 200 index.html
widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/ Frame 81B7 0
0 62ms
22ms Document
text/html 65.9.95.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.trustpilot.com/trustboxes/53aa8912dec7e10d38f59f36/index.html?templateId=53aa8912dec7e10d38f59f36&businessunitId=4f7162ef000064000513f481

Requested by

Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-8.prg50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thelotter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 37585
cache-control: max-age=86400
content-encoding: gzip
content-length: 3267
content-type: text/html
date: Fri, 24 May 2024 04:31:24 GMT
etag: "2922a85ce6caf46f828c097bf7aa1036"
last-modified: Mon, 30 Oct 2023 13:11:24 GMT
server: AmazonS3
strict-transport-security: max-age=31536000
via: 1.1 ca6609f4a83e693c532f54c00146f5f8.cloudfront.net (CloudFront)
x-amz-cf-id: yB9MQLd-iyCd6WJZS2EWrG3g6vvPrWMdVEyXXiJk00eBAYCg3FKKlg==
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
www.tlg-api.com/api/v1/content/mobile-apps-links/subsite/1/language/ 347 B
622 B 556ms
556ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/mobile-apps-links/subsite/1/language/1

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a3ca2f71a07bba1fff35b371714b2eebc2ffa75c2e08f465b22f40bbb67c128a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618871 PNYN RT(1716562665468 2905) q(0 0 0 -1) r(3 3) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: V9FWVsVmx2kws+a1BYvGAuyqUGYAAAAAXH+CBKAsZK46fyHb5m8CWA==
expires: -1

GET
H2 200 1 Show response
www.tlg-api.com/api/v1/content/footer-social-links/subsite/ 341 B
604 B 570ms
570ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/footer-social-links/subsite/1

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

66bfa5474aed94c6eec15099ccc4d3958a20caff966650b346d375b3b0558609

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 13-77618764-77618858 PNYN RT(1716562665468 2907) q(0 0 0 -1) r(3 3) U2
server-name: NE-WEB1-A
pragma: no-cache
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: server-name
cache-control: no-cache
x-incap-sess-cookie-hdr: XJBFNej9xhgws+a1BYvGAuyqUGYAAAAAYOlqmCfu3dG4gqFL6onYjQ==
expires: -1

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 2 KB
2 KB 277ms
275ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28748&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

9bc720732b72dcb1be822625520bce1098da02f73dda636a84b79eae4ed90159

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9076) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 1764
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 468 B
552 B 278ms
276ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28754&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

5d4e8276152a471aab9dc3bd0d39b608df824ae776c4eea5abe5d5fad3dfe2f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9077) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 468
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 15 KB
15 KB 280ms
278ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29223&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

d89a065d345ce9b060d5ade36b1427d8566d7ecedf63a04c56354298fa46caf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:29 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9079) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 15176
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 18 KB
18 KB 287ms
285ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28746&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

9582f7115938446aedf653ad7d777742c6201ff347fe4a6e957048148c3c679e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9086) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 18294
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 5 KB
5 KB 289ms
287ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28745&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

975cf503967210bf2d9105aff103665f2d1c5cbeeeece799002e92f4049bd39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9089) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 5026
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 2 KB
2 KB 291ms
290ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28744&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

aff3a853ecbce57732d66018c852b5d251c718b09508bd28b88d3d372671be8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9091) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 2005
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 5 KB
5 KB 293ms
291ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28743&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

81e35cc46e9c8c8528589da0cae4fa85869bcd73feb31e89167aae8c437c3b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:46 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9093) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 5144
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.2.0/ 11 KB
4 KB 47ms
10ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.0/firebase-app.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0d1b83e432b094d8d49284da590a409ae97d8aebee66b5ae9135a57dcc06102

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:48:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3851
x-xss-protection: 0
last-modified: Thu, 13 Jun 2019 21:57:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 02:48:20 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.2.0/ 32 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.2.0/firebase-messaging.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 02:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8748
x-xss-protection: 0
last-modified: Thu, 13 Jun 2019 21:57:30 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 May 2025 02:48:29 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1015524/log/3/ 0
248 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=3000&msa=1365&rv=1&tim=1716562668877&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1015524/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thelotter.com
pragma: no-cache
date: Fri, 24 May 2024 14:57:48 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1015524/log/3/ Frame 0
0 14ms
14ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=4567&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=3000&msa=1365&rv=1&tim=1716562668877&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.thelotter.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Fri, 24 May 2024 14:57:48 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H2 200 multiple Show response
www.tlg-api.com/api/v1/content/string-sections/ 11 KB
2 KB 564ms
564ms XHR
application/json 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tlg-api.com/api/v1/content/string-sections/multiple

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/Scripts/jslib.axd?d=%24s%24angular.min.js%2c%24s%24angular-animate.min.js%2c%24s%24angular-chosen.min.js&v=20240522103120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e5efda163b772834433f7809f6b9b6cd5774d86481d8a044656116dd8ea96482

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552001; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thelotter.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552001; includeSubDomains; preload
date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-iinfo: 13-77618764-77619021 PNYN RT(1716562665468 3300) q(0 0 0 -1) r(3 3) U6
access-control-expose-headers: server-name
cache-control: public, max-age=60
x-incap-sess-cookie-hdr: L+lLPN5CqAows+a1BYvGAu2qUGYAAAAAkNN+fZoUEuFZzZX56DQf+Q==
server-name: NE-WEB1-A

GET
H2 200 arrow-down-icon-svg.svg
www.thelotter.com/Images/Header/ 2 KB
763 B 298ms
297ms Image
image/svg+xml 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/Images/Header/arrow-down-icon-svg.svg?v=20240521

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

aca3599e515b1a94020414a78f023ae294b5e32b26c4d6be38d0d4486dc777b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fgeneral.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fcontent.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2felements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fflags.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ffooter.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fframework.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fheader.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fhint.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2ficons.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmydetails.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fmyscreens.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fnotsupportedbrowser.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fplayoptions.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2frightbarelements.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fui.jqtheme.css%2c%7e%2fclientapps%2fcss%2fthemes%2fbluewithwhite%2fcommon%2fvalidation.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 22 May 2024 09:56:52 GMT
x-cdn: Imperva
etag: "5eedf55e2eacda1:0"
content-type: image/svg+xml
access-control-allow-origin: *
x-iinfo: 14-82060841-82062774 2CNN RT(1716562659268 9573) q(0 0 0 -1) r(0 0)
content-length: 619

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 4 KB
4 KB 292ms
291ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=30107&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

3394598c180ca90bdc1498ad5a35522ea0631700d8117419c03917227f1439a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9577) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 4461
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 8 KB
8 KB 300ms
299ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29242&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

1b918d3fd9de13b8d661f48902e45648d798ba03340a06161034eff86cb17fb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:30 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9663) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 7912
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 7 KB
7 KB 301ms
301ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29241&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

1008b7fbe2b7a3cfb4f1366ef343634842e67465fbfa400ebba3f04285cc72f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:20:31 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9666) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 7493
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 1 KB
1 KB 305ms
303ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28738&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f9d880cf48a415ca6fba775a5ce50fa84eb4527cc42af5be03ab055df5ac3326

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9680) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 1415
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 1 KB
1 KB 307ms
306ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28741&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a75b86d58eaa0ad91d9bf556a302c2f9f1c697245515c34b37df8b25cc7420ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9683) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 1302
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 988 B
1 KB 311ms
310ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28740&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

86532c79d0d45bc30b10a8f97c561e927c231c16b9f4d10f0380fa4e57dd4153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9686) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 988
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 6 KB
6 KB 312ms
311ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=28739&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f2ad596ccab0e198ab1b9c6d9a7ae9b5685cc44781cdbfc158004ee7777cb903

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:48 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 9689) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 6458
expires: Sat, 24 May 2025 14:57:48 GMT

GET
H2 200 fireworks-account-three-desktop.png
www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/ 3 KB
4 KB 317ms
316ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/ClientApps/css/themes/BlueWithWhite/Images/fireworks-account-three-desktop.png?v=20240521

Requested by

Host: www.thelotter.com
URL: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

cec112f2453d6de9a60c71ec9c977857d1bbf2733c11ed873c6fc4b1977d0ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/css.axd?d=clientapps%5ccss%5cthemes%5cbluewithwhite%5cdefault.css&v=20240522103116
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:49 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 20 May 2024 10:20:31 GMT
x-cdn: Imperva
etag: "9fa331589faada1:0"
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 10091) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 3468
expires: Sat, 24 May 2025 14:57:49 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 57 KB
57 KB 322ms
321ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=29432&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

b807b846e0b4e4c02b2dea8eedd32487d01f07d9bc7385537dc1fe619dd5892f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 10108) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 58272
expires: Sat, 24 May 2025 14:57:49 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 51 KB
51 KB 326ms
325ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=33032&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

a3c144568a80d6a06670d885da519d3b51f4cb106bd4c0510fb99771eb8386b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 10112) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 51799
expires: Sat, 24 May 2025 14:57:49 GMT

GET
H2 200 dm.tlo
www.thelotter.com/objects/ 12 KB
12 KB 332ms
332ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=30042&v=202405232

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

8e41b3980779099bf06c454668c448e47ed52de37172f1f12979b96468c2b852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/?tl_affid=8828
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 24 May 2024 14:57:49 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 23 May 2024 11:19:47 GMT
x-cdn: Imperva
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-82060841-0 0CNN RT(1716562659268 10119) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 12613
expires: Sat, 24 May 2025 14:57:49 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
297 B 173ms
172ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/x-clarity-gzip
Referer: https://www.thelotter.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://www.thelotter.com
Date: Fri, 24 May 2024 14:57:50 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 204 unip Show response
trc-events.taboola.com/1015524/log/3/ 0
248 B 13ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=10569&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=6000&msa=1365&rv=1&tim=1716562674879&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1015524/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thelotter.com/
Attribution-Reporting-Eligible: trigger
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://www.thelotter.com
pragma: no-cache
date: Fri, 24 May 2024 14:57:54 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

OPTIONS
H2 200 unip
trc-events.taboola.com/1015524/log/3/ Frame 0
0 14ms
13ms Preflight 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1015524/log/3/unip?en=pre_d_eng_tb&tos=10569&scd=0&ssd=1&est=1716562664310&ver=36&isls=true&src=i&invt=6000&msa=1365&rv=1&tim=1716562674879&vi=1716562664306&ri=be5f3027d244b8adbb0b5c744831d538&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://www.thelotter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://www.thelotter.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Fri, 24 May 2024 14:57:54 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: from.startfinishthis.com
URL: https://from.startfinishthis.com/firstway

Domain: from.startfinishthis.com
URL: https://from.startfinishthis.com/firstway

Domain: server-side-tagging-jay2rczlwq-uc.a.run.app
URL: https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981z8893815629za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAC&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.ude=0&_s=2&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=page_view&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&_et=2&tfd=5219&richsstsse

Domain: server-side-tagging-jay2rczlwq-uc.a.run.app
URL: https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.sp=1&sst.em_event=1&sst.ude=0&_s=3&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=scroll&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&epn.percent_scrolled=90&_et=5&tfd=5753&richsstsse

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
widgets.guidestar.org/	1970-01-20 20:59:27	Name: AWSALBCORS Value: c5RssGcfHMBX1jXhyCMM15jfawkX+w+kacOWm8m3cbg9UL2vzvP2V/mS7cxgVSRnDoSr3csDPe/YC4sswjTFi2o3woMTjmaadJeWj+Ny758JxxdVLZ2uP3XMYlmj
.savethewater.org/	1970-01-20 20:50:49	Name: _gid Value: GA1.2.1820921574.1716562657
.savethewater.org/	1970-01-20 20:49:22	Name: _gat_gtag_UA_163901325_1 Value: 1
.savethewater.org/	1970-01-21 06:25:22	Name: _ga_0NQPQQLQ6X Value: GS1.1.1716562657.1.0.1716562657.60.0.0
.savethewater.org/	1970-01-21 06:25:22	Name: _ga Value: GA1.1.911497419.1716562657
surprisedexpert.com/	1970-01-21 06:25:22	Name: uniqCookie Value: f3868dbbb5567f6750bf00eddec5a687
surprisedexpert.com/	1970-01-21 06:25:22	Name: kadCCap Value: 308028:1:1716562658
surprisedexpert.com/	1969-12-31 23:59:59	Name: kadCSCap Value: 308028:1:1716562658
surprisedexpert.com/	1970-01-21 06:25:22	Name: kadRPixJ Value: bnVsbA==
surprisedexpert.com/	1970-01-21 06:25:22	Name: kadUnP3 Value: CAEQ4tXCsgYaDQiO278CEAEY4tXCsgYiCggDEAEY4tXCsgYqDAjhrCwQARji1cKyBg==
videocampaign.co/	1969-12-31 23:59:59	Name: SessionToken Value: G_849bb9aa-23cd-423c-aed2-2fa7eb4d9503_1716562658
videocampaign.co/	1969-12-31 23:59:59	Name: HASRV Value: services4_LB
.videocampaign.co/	1969-12-31 23:59:59	Name: cid Value: HltpE2a9Nvx_373
.videocampaign.co/	1969-12-31 23:59:59	Name: pubfeed Value: 6DMFDGM9N8
.videocampaign.co/	1969-12-31 23:59:59	Name: SessionToken Value: G_849bb9aa-23cd-423c-aed2-2fa7eb4d9503_1716562658
cutt.ly/	1969-12-31 23:59:59	Name: PHPSESSID Value: okbq8k4l55dapj3m0crmokquv7
www.thelotter.com/	1969-12-31 23:59:59	Name: lng Value: 1
www.thelotter.com/	1969-12-31 23:59:59	Name: number_of_redirects Value: 0
www.thelotter.com/	1969-12-31 23:59:59	Name: urls_tracker Value: https://www.thelotter.com/default.aspx?itemid=1&tl_affid=8828
www.thelotter.com/	1969-12-31 23:59:59	Name: ViewMobileV2 Value: {"DeviceName":"Chrome - Windows","DeviceType":"Windows Desktop","IsDesktop":true,"IsMobile":false,"IsRobot":false,"IsSmartphone":false,"IsTablet":false}
www.thelotter.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: n5em0iw13s4vyicqpxgqyv1b
www.thelotter.com/	1970-01-20 21:32:34	Name: Referral-Cookie Value: %7b%22LandingUrl%22%3a%22https%3a%2f%2fwww.thelotter.com%3a443%2fdefault.aspx%3fitemid%3d1%26tl_affid%3d8828%22%2c%22ReferralUrl%22%3anull%7d
.thelotter.com/	1970-01-21 05:33:40	Name: visid_incap_1066313 Value: /ianzMAwR4OH6+Ux/pupgOOqUGYAAAAAQUIPAAAAAAB7De2kwUWTkGf2T0l3sxo6
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_200_1066313 Value: uorFMC3k3S8pq+a1BYvGAuSqUGYAAAAAhT9y1BC7sWixPSIRThDK7A==
.thelotter-affiliates.com/	1970-01-20 20:49:22	Name: PAPAffiliateId Value: 8828
.thelotter-affiliates.com/	1970-01-21 05:35:19	Name: PAPVisitorId Value: JgEauJA4RfzyjcnAXG8aKM5ztsEIKk1J
.thelotter.com/	1970-01-21 05:34:58	Name: PAPVisitorId Value: JgEauJA4RfzyjcnAXG8aKM5ztsEIKk1J
.www.thelotter.com/	1970-01-21 05:34:58	Name: PAPVisitorId Value: JgEauJA4RfzyjcnAXG8aKM5ztsEIKk1J
.bing.com/	1970-01-21 06:10:58	Name: MUID Value: 103ED748637F62030B6CC3C1627F63C3
www.clarity.ms/	1970-01-21 05:34:58	Name: CLID Value: f73ef3400db14bc996056ee7d6fe8a23.20240524.20250524
.thelotter.com/	1970-01-21 05:34:58	Name: LPVID Value: NmMzNjYjRlYmRiYThjZGY5
.thelotter.com/	1969-12-31 23:59:59	Name: LPSID-50625536 Value: wwZHUEdFT9qD6czmxqKDTg
.thelotter.com/	1970-01-21 06:25:22	Name: _ga Value: GA1.2.2048390767.1716562664
.thelotter.com/	1970-01-20 20:50:49	Name: _gid Value: GA1.2.2130332340.1716562666
.thelotter.com/	1970-01-20 20:49:22	Name: _gat Value: 1
.c.bing.com/	1970-01-20 20:59:27	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:10:58	Name: SRM_B Value: 103ED748637F62030B6CC3C1627F63C3
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:10:58	Name: MUID Value: 103ED748637F62030B6CC3C1627F63C3
.c.clarity.ms/	1970-01-20 20:59:27	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 20:49:23	Name: ANONCHK Value: 0
www.thelotter.com/	1970-01-20 21:32:34	Name: CookieScriptConsent Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","ad_personalization":"targeting","ad_user_data":"targeting","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"bannershown":1}
.thelotter.com/	1970-01-21 05:34:58	Name: _did Value: web_247415161AAEE83A
.mythad.com/	1970-01-21 06:25:22	Name: kwai_ckid Value: 1716562667441_4128250695517470
.thelotter.com/	1970-01-21 05:34:58	Name: kwai_uuid Value: 6e9c91ddec7952545e58a7135c654fe7
s11.thelotter.com/	1969-12-31 23:59:59	Name: OAGEO Value: GB%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
s11.thelotter.com/	1970-01-21 05:34:58	Name: OAID Value: dcd63068d1d6bbe7933ee7f21ca79a5a
.thelotter.com/	1970-01-21 05:33:40	Name: visid_incap_1066328 Value: ItNaXcXJTAqKITDsMGNnTuqqUGYAAAAAQUIPAAAAAAAf8ques0KVQTGshj1n/dsu
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_200_1066328 Value: +vQ+NL/jLyRNs+a1BYvGAuuqUGYAAAAAOaEhQw7DBN4qVLaUzLfS6Q==
s4.thelotter.com/	1969-12-31 23:59:59	Name: OAGEO Value: GB%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
s4.thelotter.com/	1970-01-21 05:34:58	Name: OAID Value: c0efbe48ba3608e0ca92579034826143

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://savethewater.org/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.thelotter.com/?tl_affid=8828 Message: Access to XMLHttpRequest at 'https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981z8893815629za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAC&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.ude=0&_s=2&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=page_view&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&_et=2&tfd=5219&richsstsse' from origin 'https://www.thelotter.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981z8893815629za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAC&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.ude=0&_s=2&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=page_view&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&_et=2&tfd=5219&richsstsse Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://www.thelotter.com/?tl_affid=8828 Message: Access to XMLHttpRequest at 'https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.sp=1&sst.em_event=1&sst.ude=0&_s=3&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=scroll&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&epn.percent_scrolled=90&_et=5&tfd=5753&richsstsse' from origin 'https://www.thelotter.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://server-side-tagging-jay2rczlwq-uc.a.run.app/g/collect?v=2&tid=G-PG6WJ6GTXC&gtm=45je45m0v874214981za200zb893815629&_p=1716562663892&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dMmY1Mm&cid=2048390767.1716562664&ecid=1669810041&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&sst.rnd=813165178.1716562664&sst.etld=google.de&sst.gcsub=region1&sst.gcd=13p3pPp2p5&sst.tft=1716562663892&sst.sp=1&sst.em_event=1&sst.ude=0&_s=3&sid=1716562664&sct=1&seg=1&dl=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&dt=Play%20the%20Lottery%20Online%20from%20Anywhere%2C%20Anytime%20%7C%20theLotter&en=scroll&ep.Page%20URL=https%3A%2F%2Fwww.thelotter.com%2F%3Ftl_affid%3D8828&epn.percent_scrolled=90&_et=5&tfd=5753&richsstsse Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thelotter.com/?tl_affid=8828 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accdn.lpsnmedia.net
ajax.googleapis.com
alb.reddit.com
amplify.outbrain.com
api.mythad.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.cookie-script.com
cdn.taboola.com
chest.cdntoswitchspirit.com
connect.facebook.net
consent.cookie-script.com
cutt.ly
done.restartyourchoices.com
fonts.googleapis.com
fonts.gstatic.com
from.startfinishthis.com
jquery.restartyourchoices.com
js.cdntoswitchspirit.com
logsdk.kwai-pro.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
pagead2.googlesyndication.com
pixel-config.reddit.com
region1.analytics.google.com
region1.google-analytics.com
s1.kwai.net
s11.thelotter.com
s4.thelotter.com
savethewater.org
server-side-tagging-jay2rczlwq-uc.a.run.app
stats.g.doubleclick.net
stg.savethewater.org
surprisedexpert.com
tl-log.com
tle-dynamic-images.s3.eu-west-1.amazonaws.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
va.v.liveperson.net
videocampaign.co
w.clarity.ms
wave.outbrain.com
widget.trustpilot.com
widgets.guidestar.org
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.lottery-win.org
www.redditstatic.com
www.thelotter-affiliates.com
www.thelotter.com
www.tl-res.com
www.tlg-api.com
from.startfinishthis.com
server-side-tagging-jay2rczlwq-uc.a.run.app
104.21.69.127
104.22.54.118
104.77.118.51
107.154.132.27
107.154.213.27
138.128.241.162
141.226.228.48
142.250.185.130
142.250.185.196
142.250.186.72
146.185.171.17
151.101.1.140
151.101.193.44
162.241.253.213
172.104.226.213
172.67.152.194
172.67.209.227
178.249.97.23
178.249.97.99
188.114.96.3
2001:4860:4802:34::36
208.89.12.87
216.58.206.35
23.38.201.81
23.96.124.156
2606:4700:10::6816:1e8
2620:1ec:29:1::43
2620:1ec:c11::237
2a00:1178:1:4b::e
2a00:1450:4001:808::2008
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9a
2a00:1450:400c:c0a::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:400::396
2a04:4e42::396
34.120.154.120
43.132.32.113
43.152.26.235
52.178.209.216
52.92.33.202
64.202.112.31
65.108.188.9
65.9.95.8
65.9.95.93
68.219.88.97
00c988d020f7232cf75d07fd2f246a4baf0cb13e0de3ac29dc4aeebc636afbf3
0129141f476e87d0197a1fa3d84d82ac78bc3fb7456821affcb34446eb5652e3
027dbe31bc494e14acab76a221273e52d1d8273f29a5a46055b36d74d6eb369b
02e5bf47b2473c1da7a39a25b14f0f5d9857142842d33def047e492f9f610cb9
03e9d480a33417d50f67058112e62d1e511540e01a65e94f14c601bb0a4603b1
0408811e6c72e1b97f08e558a58374f342542caf42a6a3cff9e36af2f9528945
06bb0e095ea69c36d1de29ff26b3daf99afb94d3b704a30e7d7aa6636ee15b6b
081bcc2d88c3606f5b69969219371e465baf5caa114837e300f4c8e88f8822db
0b1aa2410cc0bf1f6e5f514e61d1a6de0f03ef0900b1d4865f2a589d668d39bf
0b22c718aa3df8aaf8d98526ead4a61cf6179a64f962495734a4e208af52b902
0b88073f5a0841d17a522e8117d32b03814bb4effecd476cd553fb5d2a31be64
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0d10af3d92140eb6534a91c7c3129ec01afd917757065b020e20bd01cc422256
0d1c6b08da4a7a15f380b8a2e1052829cd2726fbcb4e09193966f1dfe7bed251
0f8bac2c05034c63e54f839f459f8c9e2febabd4cac2a009bd8eb7510a063a53
0fccbead2dcb84240330c05989ba7fd3efb4f6ac293f6dc1cc0b58b6daece9fd
1008b7fbe2b7a3cfb4f1366ef343634842e67465fbfa400ebba3f04285cc72f8
10434e7c903529ea1d2cc904f6feca975db033ef0106628f14d94c7dc3acc1ca
10a2cf3d16091fbc89cc987160b62093515cd31f0762a751775999311c7313f4
119893800351f3f116511c0728589b562512e0852a9ce98ff0203d61c76be8ea
12d9ba9507875ba27a37fd3025097d8dfb23d110c101d43a077b0625f0fdd2c4
13061618ed73d23464c13744439cbdaededb524a90074620b743cf3fecfbc9da
13897904cee0ce2e28f2ce202691979509a1b578caded224821b609503167dd7
13a1d596b799baed03c5ef5ed7950b8dbcf65112dbdec9769b385fd36fd390f6
13c8b9f9c2ba8c2d73c00b8a993a4ee45a349a4bff949273d0bd35c2b7ca89f3
13ce7d8a337f83173a2ae44f30a70e5140b634746f3f10db2d352912d6784fb5
16d68a31286796e9542e4416860961fdf70a0a2e5f9b01a7471834763b58e724
16d8661b827694c51ce51a112648ec02c99eb7d306b8469159002ded287ed74e
179f7ed19b5922478fed8942f61f46a283833306e0735f2d8c6e8c7c18e9c28b
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
192fef0f1f45db7d0c7cb91298b7865444e93d787ab80f9e7d16f062ed72e0fd
1b39e84de963a7d68eb99d54430476da91eb794c9b5efed83e6941c378c11ed4
1b918d3fd9de13b8d661f48902e45648d798ba03340a06161034eff86cb17fb5
1be78f1bafa3c460dfc7401006728a3333a4fd51e4093af01ae4b4045f596b77
1c9b766609d53165056de484fe90af6ad6a298f3a27c422a347e6529a8803748
1cb89d4ee55c268314417ea13f74502c406c671d05e4616840cf1ead1cd70c7a
1cd03e5224865b618d82386028b8e2434a318437af49ab0b29146e2b0005c0f2
1cd40dc0bd78ee7dfb22ce1c779ed0fa3b9420fe6769536366104b18d2b11714
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1d3cdd8faf514d1858be0948a54570adb46507153f5e827fbb1de36ba7c9f0a6
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
1d9fbed5c9f28a42d9756b672c970b5e971e46ddd2a6d59e015272c816cee19e
1e1a82b691788c7de3e93bd63d6ebef1963817641f5f843eb136f56231d774d1
1e976ce625ed3f3bda9494292f078e7f0c16f233da123fac2dba7be916b96db1
1eb1c959e78c9b5b0de324e520ac01627a182c515c1be26563aadef108b9e2e6
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22f977105367afc342362f5ba6d9361109629a73b66673b2b93c051a43aa7439
23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228
244172f71d8a28cb81e185702d24ba2bfe59534a3e36a850982c63a55f85d82f
2ab53f18026a4e31c29fb0032333a527efe013c1c40b2bd9650edc8372226402
2b47787588f14c87b58dda3c5ce7246ba909ca46fb3ddfb4d0b08b1b98a86835
2bfd7c6122b56ea49b26bb11689900dd5acd8235179205709d2494904b5a1a03
2c0c2372da39b58111d7196449c7847009dddc1ae9c175efa7bca09b243d842b
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2e20f52cdfdd8331a1d5cdc233bd840db9209cabbba8426e0be93a7733de4a06
2f227da87ffdcb94d4c9e70c98b8c185ce465a73fb60eb6bf06174dfa4009cb2
2f4bb35017bde1b97e36e319cc8f4643e6bb2e7d50e258762b7e215460133d52
30b8c08723b0af130800167aeee7da1d2c3419484e20b2c1d3db5833801bf294
30d34c3597752b022bc3f0892e237780583584fe197fc6bc9077ad448e8ee0ca
31535a91ce3f6b8ed3ddedadab1e49957e2220263a640df1a3f14f6fdfe15eb6
31c5c166bf2ec35cb5a865dcdf3b74a133b46ef0fc3006017c4570c5b8593762
3394598c180ca90bdc1498ad5a35522ea0631700d8117419c03917227f1439a8
33d0c4e7fc48bef2a780e4885afc007eb1c3c727624bd0ce03a4b3947616fc9b
343aa641462f4f56c38e20920d8aaf0569e0388ed010cac8a123a65d9711b2ae
34802d602034c423ad56dad1ffdfd7459d8566d9ebd09d84ebf599b3246b6d54
35353c001f65a2a15d3547825cc80bb1ba58e5f84a18e2aa2e21e597e4ae98d3
35c6bf0c080478e21db7cc5a5141d7d7078fd29afc0cb7054dde749803901d39
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
38521a5e877c1bc44e9cb4ba0f21fed9643554aef87cb75086adb0f414b97d79
3941cd147110f28910ba21d962cd7700f7da7f2b76e4a6992f269db3ef173c0c
3a2562af673ebe1d5f71f0bd163d9bff3d6bf2cf140fbc54a963537cc618c35b
3ac00ea3548a42b84e0db60f197c7a19827b2d072ac714837175170f02f80493
3b8136a4359c93f59bea2d6947e181702c4e90fb1ad40cef47a9cda03c44c429
3bf3d0a6f8fa77ce795cb700ae3e65e0339e2c166b9fdb0eaa0719520077a28c
3cca6649bb0d5da6fdc41c1ae4c75bd5cb9f5dba670f2c65e48e910db30fe163
3d8a48c4b9fbc84204bf0ea47818ab0fac740da888078225473d0748bcfe80f4
3e5da322ed022b5762d70293cd84e3e73009781267f36f48553ef8cd4bee4ef4
3f9597d4ccf2494d2fc65b67107620311558c5458cf7c048ad2b222f1853ec02
3fce4a2d785567f0a8dd59648036d665bb645e438ce6eb2adf164ecce19b3575
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
40686ecb48a011a85dfaeb9e37b7f7b5dc0a951ad6029f65ab3361d1cc3dd93a
40f7c18091c56f173b5aa277945fd87d5c4cb59edbc6e4296b19985778e62242
426db0f29c3e53d395d2557de6b01fbefe8b5011eaa7be61067fb7cf95b8457e
435136356993fdb41cb8558f216c42c43f1aecc3397a75b4f13f135dd5ac8628
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455230227a44af7768baec1680db2a6a5dcf2c903a8afeda639f8a14cd696f2d
4559bd877207bb15c5939a45a5e6c49abcfc42a058f8a09116c2d1b2a5af5f4c
4657ee6a026f68ba6fb72bb554c2a923bd8cc73fbf6e25f58b234f40ebc01481
488d762c7abb67afc90a78fa02d2f06c26e3fd78fb2ca7893e60818ba43bb8a9
48ffdd7d5e67efa1f1a6a55e882be1296c9a8ca372f3f3f0521591d154718bda
49a5e6846763d4d6076afa503b2f4061ad3952f74928b68139e91774c92a0f9b
4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
4b2ef7a267f6e6ec05e6c4cf9c71247271650a82716774767ce4285edb5c2ac1
4c3d2089bb29bb30f10c31c90452f63d5d571c7c404fd37ca7d919d5ba2b4eec
4c63b42179dcc4e6519c49acc18217fde662869d787c50167b93e267071773b4
4ce09345cdd5ea8177196ff261decad020b24c73b40c8ab1de2cd1a77e3de073
4dea7aa01fc2be1f1152d7b00d8700c6cd8f357a35954915cce3098d38770b5f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f8fa41992b10a3dac5eb3d98494c264015dde298b1d463a0eb3c7629819ebcd
50338bee5cd172d881b12eee82890858feaa42dec7a25654ca813be2691ad973
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52e47d3fdd4c0fd26eb733f0424b9c100dd184adb5a6afd680e49685c33d1eec
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
560a23e0f46fe8207aab8aaecb7054c1865eb42e0b07b05af9fb18bd0e2d52b4
56ce9a9f71a8465359a676d95189390683de779bdc085f4fa9d48ec0651d9a5f
57295edac7ff9c3de129a935ecd3d4cda2983e15f72a6473494f5233d64283ac
5782da243859ff823754e78456478ad732b8d874171fc9ec6099c87607e10b1b
579a8776521ade2d13f9f02f4f095c2b9eb857511fdae470c1176ecb9070f1bc
59f43e7d59359fc41b2e6db0990525a46b9d97bfa37b9dfa3f1e6948ac89c01f
5acfa3f00e87c2b46db32adec3e1ae142a806e28bbd77f863fef726bea829206
5ada93afce1fcb325e07004490bc33b3022113d644bbd542447a884796efde00
5b0dd0c78236661efd3cea34c18403126c36835eb5818903b94bc8d7eebecd7e
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5bf51d12e86de98c7f594516b6b5c9613da60f64c863a803c3e870fa871f3e7f
5c525027b646bf78eba749696366d20e8aa5c3603043339eb5ad828175c7238e
5c8dfa50b732efdc00f9ae057496c8956d407d95a7ae1307cda60d3e59034197
5ceb85f35c12351598fadc630bd1ace7386dcb0523e749e97350b1d9ed057bb5
5d4e8276152a471aab9dc3bd0d39b608df824ae776c4eea5abe5d5fad3dfe2f9
5d9e6d5f743a782f1e17e0acc78b9b420a2e6a27b7d6780eb80a928f25755fdc
5ed9ebd9f2a9f9ec2da696b307c30af8a260508d2490094b7aa535df499adc50
5ee4dbeb415263a1bd1ff3f3903cac7f086f10d596e250c6fb68194e284f11fb
5eee7eef8c43d97d6c92ce9000b3f2424647e58f985c2df5711690c8b95f1495
5ef914e59b0047a261844d96acabb60c34d3acab6b85ea24198726ce4781fd37
61080845c7a857823b6022315e93b159469a66073fdbfe760766ab326a9f0a17
61af68ed434cd718d4f331ea8d81164d211347b6961f40bfb426ceb6fab012e0
63e81c31d3654000c5f998e24d38f3181f17614b66dc94dde2b5206941ae07e0
63ed2becd96740dc7e70e12ba82da7f0052f953edfff37f217435efce91827d6
64cd4ef312af58d2951aab35c2544ed61708b7700c1f042f35cf543521ecab4f
66bfa5474aed94c6eec15099ccc4d3958a20caff966650b346d375b3b0558609
67ff8ba85155705413e6011e6a8c5dce9d02e2d680591e47c1d2ba778b543d02
6870b235f4e5374945e0fc3775b4012408ccb07ea6e318902dfbb4802dfd4485
68d8c72a1380ed65dfb8f9163cdd8b7db3de836c00611ab533535cd8a5df689e
68fdc6c0d9ce0fbf5aa2914d113592b26b8bf5010f2066cb7e08b5a2fccd10f0
69250d09ba313193fd273aa4ed83cc38d8a8d96e2f0692ac2b0736d2ec497d80
6a3b7ff6ba5eda92d115c778684ee63d074e78924151a8177c0e12a551d4d505
6b565647c7fe32a0202e18d3a2ff0382abd50f3878c774b0fe1a14cff3434a99
6c03692b1b8ad73400cbd323f01ec7f69bae42c6903629294d06c1bdc4a2d46d
6c26b4840d69dae288086ee17864ef10302ca80443eb09b441450baf18bd23ca
6c6af31f429c4ab83965684308585a95fdc505aa92afb4828546a405433fa673
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
6ed3f9bb49db64879aa23da8ad5e52a90c699dd4f9e0ca94c4542bb4153d5ed1
6ee5495770a46b3d24581da55bbf076b24e43e24fef5b12d3c7b3e78ddb745cf
712cba3fa8fa2aceeed253c363eb34d1c122a5159027d256815fc94b0941b3de
72a37e2dae4779c02dbcbb6b05ab73b2238eaf9a0d809df438d715e0f8d8cbe0
740bb313221bda5543b6fbe0bce3dd276cc70c4fd9aa0bae9d46b149406becf5
741a00274bac2b928ff392345a9dd75bbc59513dd4d8acd9169e642b524ae5df
74ae9e64bb94300ee40de3dd6671006e788735a32b974d29b752c4ea4c48f0a9
75479495809d50623a1761b699f6b83b18e42b656e7adc111b69fadfd893ea40
756599e55655b1bf6888ebeeab9b6818bf68427dfa56283a449bbf58f22337f7
779ece5a9eae5f019af36fb193f9159b4f64783795603e972669f9a10bc7e7f9
79cb399203843f65199bec32bc4abac5dfd20f141d3e4ec1424bf00c7108fa45
79d0efd84d3e2e32fe8767feae295b182e35e679f0246f49ac8d4935031058cd
7acffd286ccd8fa4c8b21d3d06974fff1429f87a49d90e48149c8a1152879607
7d1f9130ec5b75f9c9282cdacb5e8d27e1cc48be4466dfcab8a14909124b8e08
7d8b11d4d4c2c3da173ce686a083dfd4a67aba53cb4e965cb22eca9a32c21da1
7d9ca80e6e352bce8414a43379b23a0e0e112e9db525852faa67ff52c5f190b7
7f536fce1aaae1fb1642a19afca74b3c2bc6358760a34950560fba0b88747de5
81e35cc46e9c8c8528589da0cae4fa85869bcd73feb31e89167aae8c437c3b3b
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
839999408a482768bb43c799a9aaf75e845ae6e354fe37fd494f1bc82f3f7a2b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84eeff37ee9d0cca8e5a29d2c83b97f0abda50f09f1888d85d0297367f3eefe5
86406898c176e3d724d01e191e115ebc8279701cc31091d66eeb65d97a221648
86532c79d0d45bc30b10a8f97c561e927c231c16b9f4d10f0380fa4e57dd4153
8797bcd53c85f5f6ddc8342a6d1a68724b3f753e73bd9c4c31df62f6463a2c4c
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8927b5e3c614b5d0a4f32b781b7916c0a4335f304a2d9f7d1e210317ee034650
89e11befadb453147740e47b21db4b639b8dff43259487ccd25c7e61c39906c6
8a2ca5e67b01daaa183c8add2feceee9dbc541492c4b23d803ae40f2303ccf4c
8aa68371f310d31bd036986bb97b2ca278339eeb86972c0c191f36f434eafd99
8bac631dfefdb96cf5526520c21e9ef3f585bba973970a7e62b10c945741105c
8bb3d97ff4780f380e27cd810e34997a277b49d2dda56c2043c9b37c950668f3
8c34af133bbf58ded59be1142b7ca92810e72c6ca44c0e0be60214425e470e49
8d37415b2a64944acefa745613a6fb91b8248e552cf045fe8f081c737a689b4f
8e3042efd121a0b65f2e080adda73ee97d4e1959e1ff0bae058d173302a9a28d
8e41b3980779099bf06c454668c448e47ed52de37172f1f12979b96468c2b852
8f03c142868f0b1f0f2d4649672f4afbc33a51dab8d173858627cd1e82177764
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
94864f5e8a2513ac907962308c6ccea12e450fec27b12ce423f88346ef20070b
9582f7115938446aedf653ad7d777742c6201ff347fe4a6e957048148c3c679e
95babb69d984bc96181e364cdd611e2abf80aff49bb4c62f8c0c59a47ab55335
970e84fcd711c2947b53cd355112e0cd02e4d47c396805a710bb67c020eb6df1
975cf503967210bf2d9105aff103665f2d1c5cbeeeece799002e92f4049bd39a
977f91d3efb4e82c77b661b6d30152a33a8072860deb83e06aaef4f356d5b59b
9792e9543cc29f5d3e60fe258cd85b0dafda40e22518585d92a47060ca14b386
97cf1307c16a437b77b5f7f5c9bc0b985d0745a14be5a279019aca5a3432e264
991ea60ce3e6785ed3cded23ca9a656a47eefe8c35f48dd388abd18fac68935d
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9aa9bb8be2b834059533ce5de7eed3a662ad3d3e70643bbe5f75265075e9bd28
9add35c40eb26f723f1f4771b4378b0e24301bb2c60ce8a541b1b98d7c5f3d2c
9bc720732b72dcb1be822625520bce1098da02f73dda636a84b79eae4ed90159
9d66c119cda90cce23b754952728cb3c4263c0d3b7a24634ac24a34f45873841
9dbbaec1290e56ee5480ccd7070bae23babe1bdec02940df556fd52f37d46e50
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6
9e8a959349cf5dcdb4022588dcd90c13f771de2a1289edc0d7cd5b132bcd279a
9efdbd36b42fd145f905768a50be29b0ab10fbe1211c2dc5bc45e01330f00d73
a09f52ca257c838908f314f38e983ef3421cbcc7c35c4a3e36e358622d3bd759
a0a799fa96b605d3919d8a5c3571e2710eda8752fb42155f034a12ec137cf96b
a0b0cb9ced6df0bf47cc8718f9aa806c2876e1e55e549b269d118e5754dbb666
a0be1a00b7e9fd66c5dbbc02002df856a5954a3963e62c6099bcba76cace0af9
a12405f4c80947eac03f04af3f10415ddfd739123c1bbc11f220dbcd62f93b11
a13fe0dae4e6d7428d19e5f8f093b4cefd70ecd279b201658d6197195d84b7b2
a1c8a3459907567ef225853c6e832fb40d60e5a3132ea58d93ca6d2eb9b1f40e
a2d11df0ab57da6802e319d997bf4c353fcee97cfab585f1cc0b14937d3531f6
a39497ba8db2ba9f68c578856a241f68179646f482e495e9015d5025612494cf
a3c144568a80d6a06670d885da519d3b51f4cb106bd4c0510fb99771eb8386b8
a3ca2f71a07bba1fff35b371714b2eebc2ffa75c2e08f465b22f40bbb67c128a
a492b7f186449ac64a0d813cabb107778da70012272ac61661ea1fd69750a025
a545e1e9ca5349a0b4da14b108e83eaaf13effb5757757fce480339c176a47e5
a565f89f7cd22ff25e269b7fb9d20123ba937d18a384c8597659f87febee7279
a57447331b31ce5d9102ac9cd17ff92c2ee1c481d5fdb5c679d8d0ed0061288c
a6e03ec39911ba9815b1c39005b3c223357e12dd961fbde5c3456506d1d6f54a
a75b86d58eaa0ad91d9bf556a302c2f9f1c697245515c34b37df8b25cc7420ea
a78c74e9483ac3cf7314bb056f662261ec076774f1503186b660506d5e4f1b4c
a7f89d615833c22820d017934816dc4e6e37e4efd6529687bea0afdf6aa80dc9
a8334e63df6b06bc1605d8b4d333bba1ae7719a99f2490f7b85bbdb472d8b1a9
a962a6c4782543b33aa3ad3ed2cf0259015889ccf0e2e5355f7969923a1e5516
a9aa76d5655c965f1feceec22619fa26acb1c4832f76ea25a79201bbc2b2c2f0
a9ec091ad656eaa8a34cc21135b793c75d61a20e826fffed93935a43a6753908
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ab68ac9e5c513d8c8dac3d7e18d9e01f9fb029edf76da2d083152ab187b0122e
abe7e7bfcab184fad3a602942b65170daf1a3e077ae04da26100048947d9b468
ac7c7e32b44412b200232f0e4b909b3d63ab68d6c643cf0b45258c963b2c5365
aca3599e515b1a94020414a78f023ae294b5e32b26c4d6be38d0d4486dc777b9
af376c867225339f4c935dbd41f79d8378f8bc25cf75c29a658fc5b23f9a334f
afa5278bb940a1ecbfd8dd26fc43bb6e134dcc52830081f36079b4375e24df28
aff3a853ecbce57732d66018c852b5d251c718b09508bd28b88d3d372671be8a
b0916eb06dd74d66c60f853302d3c333e9d43095a799a0c98e62183be5327495
b0e12bbd8cee339deea78909d1b80e6c9e579785e6e13a561a1ee2e23983717b
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
b265c36d8af2d1df4f8dbe55c189599874edb65727a5690d9b5574e74ca82fe8
b3e2d4c6450428f8a8291cc52ddd60e13ac5609bbabe6a64663fd001edb5145a
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
b671320cc0176c7c01931bd7d560aa83e917390c52d2bc44c933888e75ac518c
b6bad3c451907e64d0955f41ba2847c8ddbf5d29bd8663adb41d7d3f1ebda380
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b7cd70433d42a837054823a28f9a4953398609d30a246404a0be2c340bc96f92
b807b846e0b4e4c02b2dea8eedd32487d01f07d9bc7385537dc1fe619dd5892f
b879922bc60882e4343f9a483e9e1330fba11bdeef5b40852e52c9621233ed16
b92d89ab36cbfa1faa23243c9a332cc7b9da866cc897383c1d3ee39110efb929
b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
bb110762908f29f21e4a57f9506f8068ed7099e4095ea13221c8e845860fb309
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb61199da85f518e0b1d41c2afddc583fa4cbff8ac48227e5bb15d945640dd28
be362373acdeffc5d8f1320d89b35ad1fcfb84ac7b928312a1bc2548cd416323
bf0fbad2e9ecebe0a44847e8a30635960d6edbe2c4d79339df9fbe20173767a8
c018d737e7c96dc0915e1fa8849dfc5ef748a70537a4bec905b449b86014e135
c021a94db9b98ef2269716a2e77aff78d691ef4d4d92911f566528fa2e3dd447
c0822229593d0a1c56a7e09906d1eefbeaa41c0f06885e991d58912d35a64c98
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c221f43fbe2cdc3ac399fc9cdc42a7da164b929559132091bdeb8b87a876f8bf
c2cc9b51d62e6c08aae4d92f1ab2094b7dc309dc7b8a8808376b38609eeeb472
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c50d1cc01d44d4415686fc1c71ac41f44c9c9be694fe8694be92606afa1bceeb
c55902832fb84522d02ea1a60a30747403a140d8651fa748f13ba398b0c0df3a
c57f01a794386a09e7f1936877928197240f1c0b0dc372623f72b938eb325173
c5da116bd386cc1eb92564b13ef5c89984769604f5bf440561a8b814fe4d47b9
c6cc8be2c9f9123a59ba8f9eada424980a32416f35922f9b1a0590e330025659
c75c4a32162403d84659545e57a44d13022dcacc4c9a5bc8594bb49a3ea2a944
c80b783fe133d87a84663e123c74f508eb5957fa4604fb86c3b8ca9dea20a6b6
c94e2c5ded5e37398ea9786300313dfaff640e9dc8be0eb264bfb280c684ab0c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca470e559ff97fd8fad0e4c5dbbe047dcf605c762902dfa0b8a540a20c808d55
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cb1eb9426b1a5c94713dfab7c8c03c9ed9970ad00accbfb1d665442e7e32548e
cb3245b20c27970e0651134a1410747369a6587cd74ac73bd851c20c29ebaccb
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cde46f6928a506296578df2b0775c21e2063c9712931d417be98a1006fb6d916
cec112f2453d6de9a60c71ec9c977857d1bbf2733c11ed873c6fc4b1977d0ad3
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d177c69a8dd4f9da92f37a00308f8d1f842cb33461b3437be5a9d224ecd9e2c9
d2db8e2f675af962e9393aaf0493f5034cc8c95d6eb63af734329568d1b9fc27
d32680eaf39cb3d9d4de10185ff4181a301bbc4e6787fdd9a774931500d8231e
d42387631e2304003f2a38ee1a9272b97fbf8a113847408049fa3d56fff6323c
d5687032d72a21388b0db59c3d913b6596871653d34c78b7fcbba16fba497ecd
d5cfb36e0d7533e7cac46070fa2374b92e903ac021261917d80b940e4c8bf759
d5d6151717d6e1632ccc51a9891a3bb71a7e816bb756840a0e8e844cbe11fba3
d5dafb48db5d99a30001a5a187063eff428ee5b40492401f2b02253bbc0a042c
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d89a065d345ce9b060d5ade36b1427d8566d7ecedf63a04c56354298fa46caf6
db4ff84a87323090f28887bd003613decc12e854ceae8948fef71d14bb9c55e7
db71f8a28ad8501544fb4e7668e3c6d0b731760b6f20de3525ebaeba597f1922
db78fe169706a9553790792cd6cf32dc41ca8bca111cb3eb812604229a32e3fe
dd90d9fea46bacff0af0aeee87db6a3add134bcc8e4fe2ccccf40d7c51411c13
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de66104ab7e62991a06d37d16a6a13afd89bcb38188aae10a5476956aab2a4d2
de93f7fe467137d34cdb1249aeb3fab0fbbc26f513a4add281f3427658c9ceda
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
df8b6d6dc690a9d92fae9404368e6a64c91fd2bccab76d07f582df9bb118a1b9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0d1b83e432b094d8d49284da590a409ae97d8aebee66b5ae9135a57dcc06102
e127c4ad9e36bc21a02bfbc40dfceff57239ba9f67516d98eaa4877f7db64197
e143ea82cbb391479838962ed3a39a9f2319679ddf33e689217d26b0e206d724
e1e78b01b533ecd1ddd46fad4d4c3a3c366c02e0367cd99ab56cb2a4341315bc
e2f5a2a3bed5987eb99c61750acede4659c3eee76cce96f573dc540a5374e2c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e401e14ff96d7556204d0609baa75897fa95a8352c29948b3e84dae76d3c0004
e41d9c1027cd836463bfaf6ffed057058dc8782f396819edc848a048edfa7b56
e44f391ebd681457bf31b9469d70fccab9919dbd01d206728d9f33d51216e47e
e5efda163b772834433f7809f6b9b6cd5774d86481d8a044656116dd8ea96482
e7ac6a47b4ee22740c7333cf658752428d7303298d31cc5e3d07fa10c638902a
e7b94456b26df1e263f723e6caa702e1274ac9adcd9d406509e8f5bbec129ce5
e84bd8e1b92366333f670c48334b059eb6d5c50fb10ef6a613b76ed4b180ddbb
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
e9f193b73201df7d8e803009dc9fa04bbb0dd079e1f5eea8efa07b9fc2cf4bc7
ea8148c79052a55ec1596b4598795a4fa3bc979b9ecab3b0f6beb130e9b1d9e5
eafa64d1a20be5ea4e9151cd4b519de1d8b433148a13eb1d7bacd17eb9663a91
ec7415839c9d895ce1c49a2754b1cb7f7601eaeccb8a1e5760cacf3a91693ac3
edf5b379fdacf6f9f80e701495a8b2a9596091b3c1163bac29f1f2ff4bcfd480
ee03ca80fc937d6ca1b81c8be5e977dc79607f89522363679028724f990b3991
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef922ec17299886d78d0e10aa9c1360519f5c2812b0a5202ea51a6a5c5e22a7f
f02ef2616c0d8103ca4eb35615ff6cf01b16f7611723f7a515401ab4c70bf31f
f0eaa8ccfb21ad2422fc05c90dda2c94d3bff7c20ad2d3937ca88224552093f0
f2989ed5987442927a50d88dbd36ed5ce14175f24a8dee38ea5cbbed4f3ce4cb
f2ad596ccab0e198ab1b9c6d9a7ae9b5685cc44781cdbfc158004ee7777cb903
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f31f14f173559d1bc035ffcec66bdcd19b6685f42a2853bf7eaabd1e4bd9aba0
f5464b6081d981aaf8905d8d449596aa2124761c70a8d5703caefe67634ae2de
f5cfd2adff2d436a0b93544cb083791f526e1d0358ce9cfc66f1e70128bbab13
f640a79e7eaf95c3eafb3cfdbfd18d88df5ad57d575a37e1d48770996ecacdad
f7164a75bc37b6acb894a0437a432c034f624516c83b77e19f444084a44efd31
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8c4d5e55d450caf12b7d712277f528f373cd4b63eb1020ab6cbf3805f159247
f9a5649d70f74cde04ab0c3f8a8f41810772e9970befa7fee8e339bcf4dd3b08
f9d880cf48a415ca6fba775a5ce50fa84eb4527cc42af5be03ab055df5ac3326
fa8059723d1708797fe88bfe704bffd6a14890255f6bb2d6c113631df655f1cf
fb34921eefdde2a74c9ee1c51a4d69a1775e2a013af1afb02708d6935c97c91b
fb3a9b03de7eda62ca76836c71154e514260b60e6a733cc5de16fe3e8276bb94
fbc4f46736a91048cd47d27769181edd1c27c046516bdea6e82bedf379591f97
fbfb058ef8c94003d93db5ee769f9484215bff1795aed2ac372a3863da4df6c3
fe35e0034201751fd70c5527199f30613771f329d9b14be7e9ec08f785c43374
fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
fff71a83690454ee6ea9014780a6797408918cb90cde1f0f3be65ea28a03c678
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

www.thelotter.com Open in urlscan Pro 107.154.132.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

373 Requests

98 %HTTPS

33 %IPv6

39 Domains

59 Subdomains

51 IPs

10 Countries

10881 kBTransfer

22417 kBSize

51 Cookies

9 Outgoing links

Page URL History

Redirected requests

373 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thelotter.com Open in urlscan Pro
107.154.132.27 Public Scan

Screenshot
Live screenshot

Full Image

373
Requests

98 %
HTTPS

33 %
IPv6

39
Domains

59
Subdomains

51
IPs

10
Countries

10881 kB
Transfer

22417 kB
Size

51
Cookies

373 HTTP transactions
15 data transactions