loto.hijera.com Open in urlscan Pro
2606:4700:3035::6815:2b79 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://loto.hijera.com/
Effective URL:
https://loto.hijera.com/
Submission: On February 11 via manual (February 11th 2023, 11:44:48 pm UTC) from MA — Scanned from DE

Summary HTTP 166 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 13 domains to perform 166 HTTP transactions. The main IP is 2606:4700:3035::6815:2b79, located in United States and belongs to CLOUDFLARENET, US. The main domain is loto.hijera.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 19th 2022. Valid for: a year.

This is the only time loto.hijera.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:b310	13335 (CLOUDFLAR...) (CLOUDFLARENET)
49	2606:4700:303... 2606:4700:3035::6815:2b79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	45.56.91.11 45.56.91.11	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:808::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:807::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
166	21

1 2606:4700:3035::ac43:b310 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

loto.hijera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 2606:4700:3035::6815:2b79 (United States)

ASN13335 (CLOUDFLARENET, US)

loto.hijera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.56.91.11 (Fremont, United States)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li893-11.members.linode.com

fontlibrary.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	hijera.com 1 redirects loto.hijera.com	2 MB
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	500 KB
25	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com	611 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	157 KB
8	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	240 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8804	818 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24 region1.google-analytics.com — Cisco Umbrella Rank: 2460	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	121 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3434	71 KB
2	fontlibrary.org fontlibrary.org — Cisco Umbrella Rank: 113643	80 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 842	601 B
166	13

	Domain	Requested by
50	loto.hijera.com	1 redirects loto.hijera.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net loto.hijera.com tpc.googlesyndication.com pagead2.googlesyndication.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com loto.hijera.com googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	loto.hijera.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	www.gstatic.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	encrypted-tbn2.gstatic.com	loto.hijera.com
4	encrypted-tbn3.gstatic.com	loto.hijera.com
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	encrypted-tbn1.gstatic.com	loto.hijera.com
2	encrypted-tbn0.gstatic.com	loto.hijera.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	loto.hijera.com www.googletagmanager.com
2	cdn.onesignal.com	loto.hijera.com cdn.onesignal.com
2	fontlibrary.org	loto.hijera.com fontlibrary.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
166	21

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-19` - `2023-09-18`	a year	crt.sh
fontlibrary.org R3	`2022-12-17` - `2023-03-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-31` - `2023-04-25`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://loto.hijera.com/
Frame ID: F9C1D6A5ADCF5144B9B6AB460BF2FB8A
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html
Frame ID: 1E78FBCAE92E16BE96DAF5A3DB3CEDC5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&adk=1812271804&adf=3025194257&lmt=1664012409&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Floto.hijera.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082111&bpp=3&bdt=1046&idt=107&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6723948186165&frm=20&pv=2&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128
Frame ID: 3AC328E79B8FC2D04EC812C24C7291A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082630&bpp=2&bdt=1566&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad9c00c122de89a-2282a68e7ddc0072%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MbOBB6JGQTl5fU9GB7k1E1PDhcP0Q&gpic=UID%3D00000bb3d9f5d51d%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MZV8FuL_kK8N6kx3Dm-V16xwp6QTg&prev_fmts=0x0&nras=1&correlator=6723948186165&frm=20&pv=1&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jMpV5Umvs6&p=https%3A//loto.hijera.com&dtd=7
Frame ID: FABC74011810BF0E4C0A89D204417247
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 979F39DB0F38258A714853FFB70686BF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8FDB068640412697B7BC27297D0B3C5B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6BCC5CC6B8E8CDFFEF0592ACD4E22B7D
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Frame ID: EEF1358E0EB44BBBC941098C57EE1098
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html
Frame ID: 7053F69E67640804275F921970BDD0C5
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AA76E2E493BB1A9D5F514F66462AFEFE
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: D5258ACA06C51996FB53A785700BBE02
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 86E01BE1D876B9E4C45C3DD9857A8150
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 77456B713654313DE11B068C4B60F80B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 83CBEAAF2EB8E43C6F3B0DB161F097C9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: FA147C9E88318FE80F58B61B82CEBEDF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: F44207B59504B0F8C93CC923044AFF33
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 3012ACE33244210789786914C3CFF54C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js
Frame ID: 5C7E9F55F8DE4FBF43A1503F08B7224C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DBBBA6B5267C0DA5CA0B565A27597486
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32A11F123481BCCDB1436C2BFE4F955A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

أكبر مسابقة في تاريخ الوطو 5 مليون الى جا فيك رقم 7

Page URL History Show full URLs

http://loto.hijera.com/ HTTP 301
https://loto.hijera.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

166
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

3923 kB
Transfer

6961 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://loto.hijera.com/ HTTP 301
https://loto.hijera.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

166 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
loto.hijera.com/
Redirect Chain

http://loto.hijera.com/
https://loto.hijera.com/

17 KB
4 KB

336ms
320ms

Document
text/html

2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fbef4411227fbb182f0dc62de61bc03585b17e5bd1e10ddf2670ffb60e24cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7980f42eaac539ce-FRA
content-encoding: br
content-type: text/html
date: Sat, 11 Feb 2023 23:44:41 GMT
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTeXIF7I%2FAQBPeSYNIxW5F5EVd88xBSain%2F9tK4%2Bb74iXs6IshWCuYIB1nQo9LXBw9HjleITGRc0Q0Ojf06Kv4840RMBQZltkC%2BShtcmqAup74tnDilg0mQ7khSiDyufU6IwXYBfI%2B6bOwA3YW8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-RAY: 7980f42e7f3e68ef-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 11 Feb 2023 23:44:40 GMT
Expires: Sun, 12 Feb 2023 00:44:40 GMT
Location: https://loto.hijera.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbrGm3Lz6D2GQq4Nie7oleXROJFH4mq7VOhrnr2VfKOVCOPpn7jMn%2BFL5bu9haWInIMLm7xvv6DRnFd9AFOU4CLCSQRf%2BTgvUkha%2F3pN39DmbOV8Su96eWHPqaQ%2FhqraeNRZqfEGouyj3UmMiSw%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
loto.hijera.com/css/ 713 B
589 B 331ms
329ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/font-awesome.min.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c0dc944edac0beac1a2e3ee52021882a0e03c90a4acd81aaf1f1766603c1d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7h1QCI7ATWe%2FqsCPwBleckWcMQ8pl2dokLOtkh8R%2FbDnmIVDdfCPjzQJQVve8DCBuUAfdj0uk8Oi%2BgtgPoR8cjn4q5pVOYdcfLTe6dGm3mqAUlMF1jo%2Bk%2B4B%2Bo2QPmPyVea1fnSKjLEg00PPyw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5039ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 bootstrap.min.css
loto.hijera.com/css/ 10 KB
3 KB 330ms
328ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/bootstrap.min.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c82a3f1273463923e568949e251ce25d179de92b5506ccea347dd89a4a018e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp8ydh1pGgOYQPEWwFqwCkREoFp1mqNWB1jQUPQkyfGt5N21JlUdNGVd1Tgh3YD9HrWx8dvNxDhubydKIgTWfTfanONyzFr8R8oBJWPyPOp1oCA2Swr8mYeRGRfPYuf%2BkOCL7nAcE25tuMKXRoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5139ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 style.css
loto.hijera.com/css/ 6 KB
2 KB 333ms
331ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/style.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee4be88c74b613a534da75a7ab36b894f95dcf4a12d420bca52899a06c458e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3t98S%2Fk8GlU7JnILl0sq0O%2BeOIM4KT0kvWoelxDXaETNWTFwv0wGP%2FUqWWVWknlKUGftCAHkSWq4BEbh8qR4X8H7AnQFPLKzqqG%2BjPk1YtvBUSyaTZRxDccklOJTFzPYiz0N7SQfUfBnn0A5ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5339ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 sweetalert.css
loto.hijera.com/css/ 18 KB
3 KB 331ms
330ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/sweetalert.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f77ad1eab39bd1af3241d5c60009ced8cf09f9a02e7495db9825d5cc91424b5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFAuFxdx6f9AVPwHKqrFpH8hwTtZDePBjjlPXr%2B2TutZAo3FCtb8LxCv2v6zmdBTjo8zwyfwCvuOnbq6lQv1TDR%2FFFgVXgJEoDdVh2UgcrxWfbxH8SwRkT0n2g0jh1TEZA%2BGWYbN4fHNRr4O69U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5439ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 spin.css
loto.hijera.com/css/ 7 KB
2 KB 316ms
315ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/spin.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 764138211823225cdf47afe43b7db68ae158893ad12595be2765008cf14539a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FgbpBf2WP1RThv6z7UZHBcGM%2FfKUaXeNvf6%2Fb3pmBTgkft88gbw6IOaQxSbiswINFyMp38XWDUR8Ur0J0tylG%2BVPI2zpCqfOjIIMw03ujYtSsWb4CQCyn4cF4Dv2qzFn12fxBQgkZFXj474euQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5539ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 animate.css
loto.hijera.com/css/ 69 KB
5 KB 332ms
331ms Stylesheet
text/css 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/css/animate.css
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f43aedbc350e90a0daf474f41eec2b0b8cb1728ef1019ac3c9df35aafabc9ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cm9FkdhH9ajKWTqSAXE2AlzVWd0FA4Yt%2FOMM0K8OofAct5QfxoBN0mmBZtTk3l8G1qZOry5MbyTN8Rk32w10LhyOClP%2BhqPi8u%2FDFhyAsXEjTUGj6pV0QgPx1BC%2Fx5VlRVo34eEVQw3snFzmZI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5639ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 jqueryspin.js Show response
loto.hijera.com/js/ 260 KB
80 KB 919ms
919ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/jqueryspin.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SBBRHDkTvo2Y04tVOY02hW4L9fcWuOMa6XelcSmQjt4XZCIglhvQR9biAw85qNyB3qownufzuiAexA341Vrj5c3OzlTD%2FIRi8Jv07atOUb60jTp5IlOikqrw096Jb1Pzv5XMugMb8r2OY61AnMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f430ac5839ce-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H2 200 droid-arabic-kufi
fontlibrary.org/face/ 1 KB
403 B 493ms
158ms Stylesheet
text/css 45.56.91.11
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/face/droid-arabic-kufi
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: 3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:41 GMT
content-encoding: gzip
server: nginx
content-type: text/css;charset=UTF-8

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 53ms
15ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1127
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7980f436d9c09c07-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Feb 2023 23:44:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 50ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ca044c1c8009249627c65250ee6577607a6bd4877439b2663c2d5c376951e8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45132
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Feb 2023 23:44:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 75ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08f278236629a605ffadf58a32ec287ab8d4cb6fe2666ea29efe2f7a12ed8ff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49585
x-xss-protection: 0
server: cafe
etag: 17914902034102922648
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 23:44:42 GMT

GET
H3 200 gUQ5616.png
loto.hijera.com/images/ 36 KB
37 KB 628ms
620ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/gUQ5616.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa3e3c3bb7a10991288a87eae27221917d43a3c5f5f854b3d1b9c5deec899dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ns8BwsDSNO89mk8d5DBjvnBpA8D7uNtNlSou%2BfWRFcMcb9cU5ywDwwzy90p4ykwRhFUH3gAbNEwvPAX9qur57%2ByaviJJMbjlx24xDbBY4jmLpoF8MersaNadhIYXel7YdNt31pOw1prTErtIvoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0868ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37090
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 1TkMpmE.png
loto.hijera.com/images/ 1 MB
1 MB 29ms
21ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/1TkMpmE.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1270009c93f733a7e957a7ad3f9814e505304bf1852db3d434b14b2c73ec159c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1488742
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h73Wj%2B9v04dIxQhjzRgUcnWSMXYpI4J%2F8SFCwRhlWETOF0kAhZr%2BPiBzUV%2FyiG11PBrNIViuo2qClbcr2lo6TKflaSYx0fxlwHRYo6oFffi8V7RWNH%2FWYaYcR0RCdLoczBWyDlfxcBNjb0qURjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0968ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 11.png
loto.hijera.com/images/ 2 KB
2 KB 318ms
310ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/11.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c38d77b0c72edbb224caa228a92958cd58656b51e45e0be1b899901e3af58f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkpEpqLI6S0sCLo%2FmISXpUlz3eQswov8EgFw5c3XLG4me%2BKNJKSxntbGdQtmPerJaKGeaSZX7Q8fnd5vGaLSFta%2Fj37WwK3KwFT5ZqKRTFWtvS7mVqhAfmWWAVu8Cxj4L%2ByGkZaPCabuTw9Uosg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0a68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1738
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 Z8r3aKG.png
loto.hijera.com/images/ 85 KB
85 KB 932ms
924ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/Z8r3aKG.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adfc4e127ee0b08c659ac8b67b8487535bb2962f46e79a1cbf7822248e2b2c8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVkHldnthYPTw8det9AqB%2FgT3lDGzVwYsNXfuxJUJWtSqcQOyV%2BfZ0mJ51dUfRYZ%2FoySj%2B%2BNQF7QHX1T3q2gQA%2FggO0pZPXu1ideddBn4rYv2vAIx7%2BFnGYyL8xmweePgtzul6kXg%2F8o6zmi6ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0b68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 86763
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 1gXBtm4.png
loto.hijera.com/images/ 28 KB
29 KB 469ms
461ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/1gXBtm4.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 040392dfdfdb57cfca61af538baf6767db388f6c6ba611ab68435ad701c83253

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaIcL7UImeU2Gg44fcvQ%2FLp%2B7mp9miro65reNgeddL%2FKkxhgyUqWMkK1i%2FujOWxVc3XqNvJJcu%2BXYQ9%2FLmlhY6L%2F2z6MnMM1AxO6seYhfhDMoSehmdFgmcUGVs4NGv19egVySfyVvTZry6zVqdo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0d68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29139
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 EMfL2QO.png
loto.hijera.com/images/ 76 KB
76 KB 777ms
769ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/EMfL2QO.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngxZfyOGzaPn%2BIabn9eO1hzFskNPMWLApm2JJ3b8IiCS0k1yXV4JAQO%2FrTNxy0Dl5F3LyJnH6iUkgOM1XTOFOA0VN71NBpfRXHVW0aG0P37lhx8s9YNrBI3QDDCE%2BxSOfACcrlJhb6l%2BRvDq0UA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0e68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 aRFsXEt.png
loto.hijera.com/images/ 76 KB
76 KB 791ms
784ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/aRFsXEt.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dNuWAX5vN3XkgDXkiPBeXeN%2Fa7nM7FhRydvJQRYGCDAXV6uolx8jnfpCRZfVaDMPEDRD7Hko%2Bk4le5LTZ4lGyVcs858IvjiIONxCWyykbcX6qDoUtgu%2Bkv6FuW%2Bhg7y6Pyy2w1%2Fd1dhS%2BrOrp2A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad0f68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 8PLTqJk.png
loto.hijera.com/images/ 76 KB
76 KB 87ms
79ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/8PLTqJk.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77763
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SudCyWSq5JmaFewucQ1nzH%2FcqaiJ2pTuuz1HJ13%2FxX9F%2BboHetfSvRxAQBEYjm1BSTy2y7lhJ9NC2tvyJmGMEfybezszCIUZFv8bdHyhYDWnP%2FL3Da8bl%2F9xq9mq9S0EBWkCD5XQo%2BYrZuOR874%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1068ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 img2.jpg
loto.hijera.com/images/ 1 KB
2 KB 336ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img2.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a37e132ade040f91f52464b40f747fea63bae0dd61a0286b7d850078075733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYRDrX0%2F01fn8%2FMl4zVjFH0RHj6%2F0xJKmucfLmXiXlx4MojMsTdHiV8N3gw908KtUbE%2FCWEQMi%2F%2B3UM7HNpXo0bL2QOozBt3M%2B8vnNQzYr62I%2BAISTf57wjkvKuYqBLK4Pu%2B%2BgU%2FX68774tocBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1268ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1144
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 btn.png
loto.hijera.com/images/ 258 B
788 B 318ms
311ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/btn.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06035e1ce818608c1b28618e4236796d6a7eee24ab8c3fee372126bee1596bb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2B9rmKGk%2FwLWw%2FK%2B9KFC4aTV0veDhrPT2AJXyioSU4oLZE8J1zz2hr04zCclgpBEL7rJkCiEo2qDKUFJ3%2BFMJ10gnGi0fY%2B3rS%2FyOCqVCyFy69SfR21WdetTiYcbfbLtb6MvoXjYeW9mkV9vMCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1568ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 258
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img1.jpg
loto.hijera.com/images/ 2 KB
2 KB 322ms
314ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img1.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27abebdc7c5eb879a3100c3cc3695632438b229be6c7156220b3d900bdd64c71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FcstSrF8QDOGKESTfqJglwg0%2F%2F3tGDiOYemY%2BTgFGvmLT7s3%2FLa%2FATFZzqRPUPWjHy2xq9FLDVAiH7VlfW%2FpDtSCa7neBp4r9I5HrEUe0LksgpyMh3KNZpOZ9bfZtFVm7RQ4fLe20NTRUJyITQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1768ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1708
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 love.png
loto.hijera.com/images/ 266 B
799 B 89ms
81ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/love.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4e12eb9ba3e585951accc67459078f16eef9213ec6a983710247c8c7924fb9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 266
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xpiJPS9EIRu2h0tTeCGh2ZP%2BAA31QU2pzty5wLqnF%2Bu2qBVtIkt9o5QOtfh0KnM%2Fv%2F7WG0wvZDyPaYlM2fLpBhF%2BIMjoGIp6AGAEKyfYGW6YtDilBNTIJrOjX05uES%2BFpS0qgtwoxDwsueveVQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1868ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 img3.jpg
loto.hijera.com/images/ 1 KB
2 KB 332ms
325ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img3.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94d2fb1737b84ba35ebf0d4f7deb5af5d4de7763d1c6a515ffd9b27876a4099

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf74fZAOuNhvCjwVgHrbg7ZqZSJmuMwGONcIvNu0kOKP9oUTA%2FPeRNUIVcRgg%2FaMoQ3BpgjZgOnH676zzePmahhokwC3WWWOJadVbb9Niaa1kxfuConSeRhv3dCBL%2BxqTnruM%2Bl23y7EFR3hOac%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1968ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1025
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img4.jpg
loto.hijera.com/images/ 2 KB
2 KB 322ms
315ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img4.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e3bf8af0efd6f432a7e869844f0e0c77aa44c00b06069fb46c2be1313ddeafa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irRbnHJB0CKg10JYNdDzOoxq0m9l6YLfeepeMV89%2BaAj3XNnI1e77U7PC8D628U6Ygfv1aTmwHZf6%2BhdedGzoNWyI6Ai6gKspTvr9Co%2BTDm8qXFaeleqBKctBtEtaGZMgCBvrGxE%2BvvCho7LVno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1a68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img8.jpg
loto.hijera.com/images/ 2 KB
2 KB 335ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img8.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 595017561ccb711f784b01ec7c62e1b9f12d7fb6e625f8b695f5d75add4da80c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eq1DLnV36NTSoAHOBkV9TOWjznm1%2FRMkFNMmpQXs4CdCm98ZmDesHJQ1%2B3zZj2i4sR93ydoCNEPQmGi1ujhgXbiEbqMNOPVqAjvp12xJF5Aq2%2FESjwJv7E2Pq2J7VJ1OLSun04cuDqLr5LNi9oM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1b68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1923
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img9.jpg
loto.hijera.com/images/ 2 KB
2 KB 336ms
329ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img9.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3654254eb29dacff7b77fc66b44ee0e7429cb96c3bd5a483859d13fccef5c809

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFHbz1Kh86%2FD9vPCX8yv1xFFvfBwf5IQvVvOn9otnklWruepXtLzfUQ4GA4vJ2lMstxaDGu2wH9P2Sa6ts6MfYlhMROJ%2FbLEZqbO143AxGdtBtFQwPS0UrWq%2FZOEPbNuUc116TrU29SpzvZUOus%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1c68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1574
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img5.jpg
loto.hijera.com/images/ 1 KB
2 KB 88ms
81ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img5.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 477c7afb0e442b9ba4844ba9a3cec3840f479eb2805bfb3f7de1e6813c623ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1214
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWTKugQX4Ng4NIbQio1JtaGdFnxQR%2FEmr3JLD7%2FF61OKCNLtd3bIy531cGW%2FwNhQPPV7hMvrQDoeYjmKi7tulqS9drKrpwPRg%2Bl2qfL69DsIS3jhpaDvm4pmnVWSKejdYsD0TjPNpKMmtf6ESRY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1d68ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 img7.jpg
loto.hijera.com/images/ 2 KB
2 KB 335ms
328ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img7.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc777c7112d34e1a46accc1ae0164635adc2e0ff2ea0e227d73ff1439d0b9e9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4QHRHwe2Z5TZYsKW1yU5utYsdiwxlB4hb7KEBeLrNaoxxqOchBYDbE6B08k1ozro09qKcncdqiWFwHKjOgW3FvU8KG4QkU1LKZMN87p316EyKVWXwLoZ5yltc%2BxShidAAB6Pq9W2tmffq2ia7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1e68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1879
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 img6.jpg
loto.hijera.com/images/ 2 KB
2 KB 323ms
316ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/img6.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02e9c70274eef18d6e3b438c593762a08f6eed46bae848789b6a8285a39d5a5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyYhawfEUum3gKSL3%2BiZJAOkSRUm25uYE0XsjJIA14hFvHMgQZsOL9k%2F4RmsUAJWcSC9koMhyGJWp8qhQl2kMxIraqZcxys4Ien9HzvYjE5DztIrJ%2B1iIQGJsdYehiO8ppJYXdDZ1xxMDnWLK7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad1f68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1864
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 dri11.jpg
loto.hijera.com/images/ 11 KB
11 KB 329ms
322ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri11.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 013a35c8ccd65a201eee6860d6020d5aa9718485a40b3969ade69564ce3de724

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq3XYABQdplSBdNSLUnN0ew%2BAqMOhTX5e90kwPfWZX7PAdpnOCNbtLmPbX%2FQmuCDN3WHLJ2ZdSDyh4LOgj0hX1BGvY9TrFa04NMuLnxdzkgVNs5cwLwQ%2BmdlSG1XhCOSkq%2BjLuid%2Br8yv5fcyT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2068ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11145
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 2.png
loto.hijera.com/images/ 2 KB
3 KB 336ms
330ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/2.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2663561f9bd4141ad340c6e344edaa435525a64cf59f4350ddd4a716be1a890

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A62kgxo1R3VJu1yt2ebMowO9SX6eSPxiCTTpDAG%2FD8IDJ%2FQW%2FjdghFXeSURzh8kl6j49Uxe0gjLJeGwi%2Fai%2BoSBYycn8698Dfoovx4BjHPGGyLI0w6X6RSrk%2FlYuHiWaijIUnnSuo6pc5ZUY6Pc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2168ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2409
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 3.png
loto.hijera.com/images/ 5 KB
5 KB 329ms
323ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/3.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae95052784ccea40a6138037a0d99cf0cab0541ab4e94574398c99fc9fdb3487

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BOKOfznX8yqCWOL%2B98H%2BjlaCqjuGSaoUz%2Bq04x4%2BPUMQwogRRP0wzESTKzjU6agtqBLyqN9eyWOb1ZjlzyieeT%2Bx7NkDN9rvTG3yhd%2F0Xgn%2FmvuZdGeSbTiimz5%2FypDcC%2BW9IhHcriWDChHpfXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2268ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4656
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 4.png
loto.hijera.com/images/ 6 KB
6 KB 87ms
81ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/4.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f684fc01dedcba31762a7a8f36ecc14e77a5af002b02750afdf83863d078b075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6041
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGIdQj59ij1N9JuoUoJ4j7KTGNZ%2BzRG6DZcPObmhi0dyk36sa3aEbmNepZaTEkej%2BxW%2BOD3EYkgLPZYYww7yE6OcQsCsDxX0JjB42YkXab3utMdtEyBOic5e4GmdjUF9KmN3MZWzlZI%2BbmRnR7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2368ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 dri3.jpg
loto.hijera.com/images/ 14 KB
15 KB 88ms
82ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri3.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6791953d4848f7ffacdf4c7c43bb7c436c8cb96d37dfbe0ec6214bea3ea0e7f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14832
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ2tV5zp2mo5y6KVSIIprZACZYeR8%2FNEFDHmu6BcBg7H3naBIX27IDGKEimx1hrBNy%2FZ5hJdSslwNdbcFCAZGwdbCPcCn8QwejwKDaG%2FhCgRcVbtJZVvoziwlJpDqvRijZwpgmTihW%2FewVy2OuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2468ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 dri14.jpg
loto.hijera.com/images/ 9 KB
9 KB 88ms
82ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri14.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7040f10ea2784dac767bff8c3bf6518984befc5faaff696c060c50240a4daea0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9096
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSs8JEf559LJaEjNebfST%2BrAPpPzEFO25fKbh%2Fja8LU%2FlgfZVCLCoa6mLqQoWADUDpgGVFH7W72a3AhNTH3AoZ6d3%2BOGUXI5e61lzTrZ2wE7tvZdOs3IaFljS9yg0ABoum%2BVZ6sM795sF7SNtMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2568ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 dri19.jpg
loto.hijera.com/images/ 12 KB
12 KB 89ms
82ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri19.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36f536382323af52185970048e4dc397a0371f50e8dead0ae3839993e0d97ff2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12014
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfWZI3QW55i8tmg4OvUHNuu7G%2B1jDU7APrBUD%2BdZ8JFIYnRgKibXfHqPPYOS4omoFheKdapqlyLzVyupuTY%2FDhlVwrDepHa4eKtA6jwqPSP2X%2FwWLMhbUYhz179XBcZCFutAYHyOQcisi9UrqAs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2668ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 dri2.jpg
loto.hijera.com/images/ 9 KB
10 KB 335ms
329ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/dri2.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33baa62490122e3d60498420f5c46e3deabdbc1c31c5b011156194af8555d27b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwyB3pKjMRgTGZFZy0TcOUvo4sitrMnNmRPh3Cq81KN9zBDXKVG%2Fuq9ixDp8PhYt9P8E7tcPqIXxgqEkFNF0DZAkjJRCIOGgH%2FUjLmXeG%2BqZ%2FZGpfVsqZUpJr4tc6Or0tgnPvwXh%2BDDOoc2xqGo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2768ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9559
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 6.png
loto.hijera.com/images/ 3 KB
4 KB 334ms
328ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/6.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 571bccfea3505f4e4ebd31ae7af5e67dd7e98ecda2accfe6b80d956cd53f5bc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7ZHJmXaiEm0w37VFINLr3rMfdzxckwfFYHprLP1ExNJ4ZxVTm3DdiYHl8ziV1zzIV4tGU4HNF3I1ofXD7kMebiWbLz3uW3S9St7QQbqMPZS448j1W77LqjTIehRYBEBdtvQ%2B1StpMhn4478icU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2968ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3159
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 7.png
loto.hijera.com/images/ 3 KB
4 KB 331ms
326ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/7.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6857fab2c1d1e89c6d993692dd1bf6abfaf1f663526010b9ea0fcea0fba3a1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2F9G5j2vkNwB%2BSwjvLco2dYHjC0H2946rKhhL7YStdqnDFxlLBMrGrDwfiK5c86993G%2BT1jr%2BDTj0uEvzpMefvfCHoPzLry96iJU3KfUE62FrxC53rivDOrvniCBtZRbvSwBOX9jy7skeKJDK3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2b68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3071
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 8.png
loto.hijera.com/images/ 2 KB
3 KB 337ms
331ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/8.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa12be838e4198d935848abb0af4f2f7c8d997f61999a00e440c6caa6a4e2191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMaBIGsLhRfsg1j3INFqnUEItyqr553A%2F%2BOAlzUlogniUjBQ%2FcgvU8dJ0IRXWh1FcOpIa%2Frhb4yKJnlXkvikwINUiwZR85kLjKtpHmdFnrRzSV0ks4JhE4cpWJP2ah108gdhhdLcluQLJTk3hZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2c68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2287
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 9.png
loto.hijera.com/images/ 3 KB
4 KB 89ms
83ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/9.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0631422a87c9c9801680d15c611b37f2e32086d18db1d6c67a1913c5957904b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 33454
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3244
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUSt%2FonVjLCIxiSf2JdIlT3YrdEw3CCL5U7ZBDfX7Lzuh1cMtYcGUZw%2FKbwXSzqbpIMJ9na0PmdI0ti11AomeRSxdGr3rO4zAV7PfaF1wM7Op99jnFr379AGxk%2BKCCSvS1ayyuXnmkPg6fKsIbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2d68ef-FRA
expires: Sat, 18 Feb 2023 14:27:08 GMT

GET
H3 200 generic.jpg
loto.hijera.com/images/ 1 KB
2 KB 336ms
330ms Image
image/jpeg 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/generic.jpg
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yeZ0aCPLofHer7UKbjsuDF037kUHO7jJr%2FIrSUc9KGk9VCw7lq1iAY0y6j1ARdn6bZ1RX54UHLaP0QF5Dpojq%2BRS9GAVqwxnw01iiD2NDv8Krw7qx4%2FfC7b9tPOM0HGV4XWlNNPkrHKLkV4lhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad2e68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1131
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 popper.js Show response
loto.hijera.com/js/ 80 KB
22 KB 474ms
474ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/popper.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41cb21545b545e1acd2b4886c5556b321b0a087c8e381e560136b2c9057932e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKjQfKktHYxIn2CO6yV3aifsewkO71EGxH4LZVfPEQCogzOnrU8frRvPSMXaScqxYGp8cgDv0962%2FWStQG67hv9AHGVT61EtHxM9wJp6W0VH9Sm8RarJ221wJPe7Pte6wQyC7aVFK6GQU4P0Bi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f433cad268ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:41 GMT

GET
H3 200 jquery.js Show response
loto.hijera.com/js/ 85 KB
31 KB 608ms
608ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/jquery.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HBTo6qhcMvoj01ISirkI7s%2BButUjSLesxSfYqecy7TPjtMswFLEBXGhyGThy%2FIV466soW70fMV6vx37deqZreJH4rsjvBigtW549SYYDrdaGlRj5F1HFqcBOQCM20yLQc5oTqpdhasilYTwdIgg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f4368cef68ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 s4.min.js Show response
loto.hijera.com/js/ 451 B
716 B 321ms
320ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/s4.min.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf618eacf329229fdc32975bbd3cf03e2627a180d69b6a4806c49badc1608d9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FSBj9NZLfNvpqjIlOagE0wRVjOEPdE09HtyH9JO0qqPbsIms7zJIv0f8hjnNYyOXJBv1fjxSoPobV0cA1OgPN4j72%2B88b%2BVTAdvLitqK2UWsWtgzNadBPFO1Pu2dXPzwdx%2FgmE82BEwL08EpVEI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f4369cf968ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 bootstrap.min.js Show response
loto.hijera.com/js/ 50 KB
14 KB 488ms
478ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/bootstrap.min.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfObgDG%2F3kipePKRV%2FE9OWZqF7%2BRv5O71IWw5Rd0Hvtx%2FDZrrzMjpslo63Wrz0SZ6CXRgeJnf7Emy%2Fx3ZKl%2FhR%2BlPHob8P6D91jddv5rf%2FKxQjGtfVyC3UlbrTThGfeiI6Oipu3Td%2Ffa2PFbK7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f436ad0568ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 script.js Show response
loto.hijera.com/js/ 5 KB
2 KB 328ms
319ms Script
application/javascript 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/script.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fc5b0b3a8fbf5ef69b2dac141a864474a6e3dbf55380170299e71814a0346ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLRyewGKUBsdxuREKgXr%2FLBk3loy6e8heARGrSslwM0qGqZXVIoCcLCTEQAGIPGwd1HFec6%2FC0kG%2F382wbEaem2Ae9QV0tHYHmnionQXjrMhdZfKGEVe2%2Fp9iEmWzXe1YOHVqns3iQxVUm%2B5WA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f436ad0668ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 404 cfms.js
loto.hijera.com/js/ 0
0 318ms
309ms Script
text/html 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loto.hijera.com/js/cfms.js
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWUADbnrAztdfe3HDpehjTx01kDq%2BDVqrHv3IgRcbAUCAyq7eISs6vpUO7OEdKLn7pmUnwv6Qpan2UV7%2BmzngyQ5JgfN4JX47uXkvW2pwftirsJ3FmP%2BTO7aLa5%2Fm7EY0hd2ilOoM3E5mS0wvPg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 7980f436ad0768ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 like.png
loto.hijera.com/images/ 270 B
796 B 335ms
330ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/like.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9343a766e28b630e376b44070c88aacfbdda839602f87b8a56ec9a53b214b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCb2126N8vFTQgV5swQ7G6B%2FKNe0j2fCrzE%2FsGzqqd08q9Hd4ETbfCxQguhFW9iOb6LDT%2FeFSrNGq3VDw%2Bc6AZ7bWWj0Tv1GDwoGXrmqtjZr9OFt%2FizOpqA6b73Ntqz28geYDLvQnyPeIC1YiLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad3068ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 270
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H3 200 bubble.png
loto.hijera.com/images/ 162 B
690 B 88ms
83ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/bubble.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 97773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 162
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUerUNc4zGKL0Kbgb0jxyexYTLfVep7xLMqaXLPFLbwh0vTEoRzvSLXUDP%2FTiJb5DvUHwg2YajVMXUOOBdWdshAvmk9emZDnbkp006l41R981oEiGGsOjM6XpK3zk09DJowFbTXNCCIxw7TM%2Bkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad3168ef-FRA
expires: Fri, 17 Feb 2023 20:35:09 GMT

GET
H3 200 share.png
loto.hijera.com/images/ 279 B
806 B 333ms
328ms Image
image/png 2606:4700:3035::6815:2b79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loto.hijera.com/images/share.png
Requested by: Host: loto.hijera.com
URL: https://loto.hijera.com/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2b79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b66526de2d4a7165d7a43534675d222b348e5a7de88253b7c5af8d2435fcbd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
cf-cache-status: MISS
last-modified: Sat, 24 Sep 2022 09:40:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dj1u%2FA6t5IVYdv56LF397bq%2F3gXXXZR6euXljOVA3%2FY6bvLZX6qgCMhgCSUwVfmoJs9VEUEHt57V7f2b7HHy87Yug559%2B6xO4IiODGj1cZ0R%2BjbAHoF6EdotNc7whNZacwW9YQdOK9AEc1umPUQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 7980f436ad3268ef-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 279
expires: Sat, 18 Feb 2023 23:44:42 GMT

GET
H2 200 DroidArabicKufiRegular.ttf
fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/ 79 KB
80 KB 472ms
156ms Font
application/font-sfnt 45.56.91.11
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL: https://fontlibrary.org/assets/fonts/droid-arabic-kufi/6afbe2c8257159c2fefd1b43cd951ba3/a9b030e29a35f523a137ee0175be419f/DroidArabicKufiRegular.ttf
Requested by: Host: fontlibrary.org
URL: https://fontlibrary.org/face/droid-arabic-kufi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 45.56.91.11 Fremont, United States, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: li893-11.members.linode.com
Software: nginx /
Resource Hash: ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0

Request headers

Referer: https://fontlibrary.org/face/droid-arabic-kufi
Origin: https://loto.hijera.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
last-modified: Tue, 04 Dec 2012 09:42:08 GMT
server: nginx
etag: "13d48-4d003ade83c00-gzip"
content-type: application/font-sfnt
access-control-allow-origin: *
cache-control: max-age=290304000, public
accept-ranges: bytes
content-length: 81224

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 22ms
19ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 1128
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7980f436f9d59c07-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Feb 2023 23:44:42 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7ME373V6KJ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8aac7e573372bf76585d5285f0baeaa1e4b0e4bf6d68400bc6365c83a5926e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77876
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 11 Feb 2023 23:44:42 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149995183-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 11 Feb 2023 22:54:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2992
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Feb 2023 00:54:50 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 362 KB
119 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2942421038636354&plah=loto.hijera.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

736cf120a119b3e8a496e6419ecfb3ff83094c632a5c59ff1bd1b2b1e7e5662f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121760
x-xss-protection: 0
server: cafe
etag: 2706954613109621157
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 23:44:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/ Frame 1E78 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 21:33:11 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 21:33:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1186837622&t=pageview&_s=1&dl=https%3A%2F%2Floto.hijera.com%2F&ul=en-us&de=UTF-8&dt=%D8%A3%D9%83%D8%A8%D8%B1%20%D9%85%D8%B3%D8%A7%D8%A8%D9%82%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D9%88%D8%B7%D9%88%205%20%D9%85%D9%84%D9%8A%D9%88%D9%86%20%D8%A7%D9%84%D9%89%20%D8%AC%D8%A7%20%D9%81%D9%8A%D9%83%20%D8%B1%D9%82%D9%85%207&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1548910975&gjid=473807117&cid=724570967.1676159082&tid=UA-149995183-3&_gid=1453300939.1676159082&_r=1&gtm=457e3280&z=1474767854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://loto.hijera.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loto.hijera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 35ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7ME373V6KJ&gtm=45je3280&_p=1186837622&cid=724570967.1676159082&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676159082&sct=1&seg=0&dl=https%3A%2F%2Floto.hijera.com%2F&dt=%D8%A3%D9%83%D8%A8%D8%B1%20%D9%85%D8%B3%D8%A7%D8%A8%D9%82%D8%A9%20%D9%81%D9%8A%20%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%20%D8%A7%D9%84%D9%88%D8%B7%D9%88%205%20%D9%85%D9%84%D9%8A%D9%88%D9%86%20%D8%A7%D9%84%D9%89%20%D8%AC%D8%A7%20%D9%81%D9%8A%D9%83%20%D8%B1%D9%82%D9%85%207&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7ME373V6KJ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://loto.hijera.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
601 B 35ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=loto.hijera.com&callback=_gfp_s_&client=ca-pub-2942421038636354

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2942421038636354&plah=loto.hijera.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b53b7d81499d436c2cf50b24e39487e89986dda20a141a42f2d1ecd3dd3396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 115ms
42ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 36ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AC3 520 KB
105 KB 853ms
852ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&adk=1812271804&adf=3025194257&lmt=1664012409&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Floto.hijera.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082111&bpp=3&bdt=1046&idt=107&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6723948186165&frm=20&pv=2&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=128

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39b5006aa2ce3a458e4125ca1d53ef28559fbdcb00ff894c99513fad2d6daf87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 106766
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 43ms
41ms Script
application/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FABC 84 KB
31 KB 1102ms
1101ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082630&bpp=2&bdt=1566&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad9c00c122de89a-2282a68e7ddc0072%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MbOBB6JGQTl5fU9GB7k1E1PDhcP0Q&gpic=UID%3D00000bb3d9f5d51d%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MZV8FuL_kK8N6kx3Dm-V16xwp6QTg&prev_fmts=0x0&nras=1&correlator=6723948186165&frm=20&pv=1&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jMpV5Umvs6&p=https%3A//loto.hijera.com&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

525e2d4c6e4842459aee28dd39872d2881d2c3dc56d3fde43967e758f5dbf350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 31544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/ 150 KB
51 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302060101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

392aa2cfa6a7f9a698a949adc1c44bd27869d1dbe59ba1d44d34e3a284292682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52318
x-xss-protection: 0
server: cafe
etag: 3062201997582700006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 23ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=loto.hijera.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 979F 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 01:50:41 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 01:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 8FDB 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 01:50:41 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 01:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame 6BCC 10 KB
4 KB 8ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 01:50:41 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 01:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/ Frame EEF1 10 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 01:50:41 GMT
etag: 10353107486223812946
expires: Sat, 25 Feb 2023 01:50:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 979F 4 KB
709 B 40ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 23:09:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 979F 205 B
294 B 41ms
18ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:59:03 GMT
x-content-type-options: nosniff
age: 6340
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Feb 2024 21:59:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 979F 604 B
918 B 41ms
18ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 21:58:50 GMT
x-content-type-options: nosniff
age: 6353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 11 Feb 2024 21:58:50 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/ Frame 979F 20 KB
8 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:23:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8363
x-xss-protection: 0
server: cafe
etag: 13687106600067785872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:23:27 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 8FDB 9 KB
5 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 May 2023 14:05:37 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 8FDB 10 KB
4 KB 28ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 May 2023 15:21:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8FDB 8 KB
1 KB 33ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 21:54:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 8FDB 2 KB
846 B 30ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:28:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 8FDB 22 KB
9 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 09:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 09:28:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 8FDB 3 KB
1 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:11:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 8FDB 18 KB
8 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:26:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FDB 156 KB
48 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 8FDB 33 KB
14 KB 27ms
11ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 6BCC 9 KB
4 KB 21ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 14:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 May 2023 14:05:37 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 6BCC 10 KB
4 KB 20ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 15:21:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 10 May 2023 15:21:55 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6BCC 8 KB
968 B 25ms
19ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 21:52:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6BCC 2 KB
799 B 24ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:28:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame 6BCC 22 KB
9 KB 17ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 09:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 09:28:37 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6BCC 3 KB
1 KB 22ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:11:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame 6BCC 18 KB
8 KB 20ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:26:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BCC 156 KB
48 KB 47ms
36ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 6BCC 33 KB
14 KB 25ms
17ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/ Frame 7053 156 KB
42 KB 11ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9af42fb111e0ce6bbe2aa0e60f184e2a82d49dcf06a6c0d640c4ce233d64b493

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 101473
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 41037
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Feb 2023 19:33:30 GMT
expires: Sat, 10 Feb 2024 19:33:30 GMT
last-modified: Tue, 31 May 2022 16:02:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EEF1 0
0 60ms
54ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2tu-aijoY43xD_i99u8PkaezqAT8o-3wbp2B2LP8EL-C67vQOBABIKu4mWpgleKQgqAHoAHH_uHaA8gBCakCn_vxDvLpsT6oAwGqBNIBT9AyHtdbyJ7prybI6WhuqlxyybhpP09CDKLk7dMdyToRWKKNxYp_xFkQzwxo_hRgulI8QHghQ8UNBwMGV09jlX_z-GNGWwcC85fQ-0e89XorIAgkkp8IzgTxzuR09MiR_O5ApVly_WDLQZlp4WWD9CvudT3yz6KuusiV0SfN76EPIN3TvHVOpop2gptjCcduKFIN5NzHD9Ktn6F7sQ5_4y_ORpJXsFVzJou6mLoKNBJIDxCP3MKbY0VgnalxtxI09DwnPi-lmjsqeKsMdtth5dikwASZiLvJqwSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AHnKWGNqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBD40ArSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi0yOTQyNDIxMDM4NjM2MzU0GAA&sigh=-mAuEbo-Ym0&uach_m=[UACH]&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&template_id=531

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Feb 2023 23:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA76 143 B
166 B 8ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame EEF1 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:11:29 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame EEF1 18 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:26:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7053 3 KB
703 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 22:18:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7053 16 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 16:41:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 12 Feb 2023 16:41:56 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 7053 34 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 04:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68555
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 12 Feb 2023 04:42:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D525 8 KB
968 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 23:41:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D525 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:28:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame D525 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 09:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 09:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D525 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:11:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame D525 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:26:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D525 156 KB
48 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D525 33 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 15:32:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 547947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Wed, 01 Feb 2023 06:12:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 06 May 2023 15:32:16 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86E0 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7745 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEF1 156 KB
48 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AA76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
19ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EEF1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6551af92a582e848f0926855236e8c7d2370d2d01760f33ca108a5b904fd0de2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8FDB 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e102c8b39959f93b1169824d6eb1a35f4f8838d5774ef125a7eea4a54f84cc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6BCC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 777eb13ea582ec40e7b3624ba3c6a868049ab6656a3aa4b84a8a2666751ac55d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 83CB 143 B
166 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 904
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:29:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 7053 16 KB
17 KB 80ms
20ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 11:09:36 GMT
x-content-type-options: nosniff
age: 563707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Feb 2024 11:09:36 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 86E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

26ms
25ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame FA14 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7745
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

37ms
37ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame F442 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8FDB 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=62&version=r20230207&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FDB 0
18 B 52ms
52ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIgZjaijoY4vxD_i99u8PkaezqATf1-OEbbf928CaEI24lLSxHRABIKu4mWpgleKQgqAHoAGhw4_yA8gBAakC15uTqyaygz6oAwHIA8sEqgTOAU_Q3n93jb8h9IidFKusGGTY5Jnw3S-KJiEDqnP_DroNiwYBd90oA7l2qFbaA94bWyAalW5Dq-8fjnmWtaO-Lyq2DEVKL-B3bADuG_LYj4b1FDh8UvnbiUMqCoh6rb4HczAtqk3MfQX7XpPBJVMKKqWxDfzdiN02h2ug2abarYrVMJ4E5em6DQkPCcWJ0iKVKw5RQXWwUs8Kp0C6l3BfP88yCeoiWit4VSVUbnYa3a85vCzn8nxZfaSXw1J7T4iaYqOiqNLQhp4PUaJLA-KUwAT3i_7PhASSBQQIBBgBkgUECAUYBIAHx7zwDagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDELZZ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMjk0MjQyMTAzODYzNjM1NBgA&sigh=nE3y87fpggI&uach_m=[UACH]&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&vis=1

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Feb 2023 23:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6BCC 0
18 B 51ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNZ9_aijoY4zxD_i99u8PkaezqATj1KnxbvL44dCOD5KEh_mZKxABIKu4mWpgleKQgqAHoAGunIbtAsgBAakCZ618tXqneT6oAwHIA8sEqgTQAU_QoBYV0Cb20ojrTj3iE5nHD_QnUcTaBRe7XKOEYo5NKBpiKdbo1Q0qgYId7ykNDa02z0oA5c8Jl2qbld_Bqo7gysTAvKjOZNKRx4K6VdHAd9JrLLvWNWLgJozfnTtFpkKumF0bpB-En25t82aW4agAJM9qJz9GQjB2e-x9jUihFuodqXP3rr4XUsxMzDyrjAhllPJY0osz6ApTYxkp_Cug5r5wJNXfrNeFonxeY36kfxAEK8zIhbkqxGJj6TSjU56N74arZlDNsc6B9ZM7iH_ABJKVkoXjA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAe64_mSAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK3IAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQD0BUBgBcBshccChoIABIUcHViLTI5NDI0MjEwMzg2MzYzNTQYAA&sigh=SQDj4H9PvDM&uach_m=[UACH]&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&vis=1

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Feb 2023 23:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 83CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

19ms
18ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3012 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3 200 Logo_Bulgari.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/ Frame 7053 80 KB
4 KB 9ms
7ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/Logo_Bulgari.svg

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca422e10818ab417ed9cb003e72f205d0b8a8656db3b6e9cdce365ae7ffc8a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 06:33:34 GMT
age: 407469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3772
x-xss-protection: 0
last-modified: Tue, 31 May 2022 16:02:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Feb 2024 06:33:34 GMT

GET
H3 200 arrow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/ Frame 7053 1 KB
1 KB 10ms
8ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/arrow.png

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9846242f137b5ce6fbe2f4b95103c6aaa08584d5bf6541cd0484534640ef8c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 07 Feb 2023 02:03:10 GMT
x-content-type-options: nosniff
age: 423693
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1266
x-xss-protection: 0
last-modified: Tue, 31 May 2022 16:02:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Feb 2024 02:03:10 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7053 42 KB
42 KB 55ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVhbuMEt0LWZiPPSSMqD5SVibxsbwLV2fw6tmXqK5DlBhr8OJsB0ZVSXRsa3Y&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb329a7522fbff372d467d29bc0fec4c0c005848d078899e9de7e71f92908d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:05:11 GMT
x-content-type-options: nosniff
age: 571172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42640
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:36:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 05 Feb 2024 09:05:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7053 33 KB
33 KB 120ms
44ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTRO88s47UeNYA_DmnFET1b6XOsWiA1qstj5RHyBlp13uM7H-atzkfnojOPDtM&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6df866dca9f86e2b242dd1fdfb6e3cc55a67ba0cbc5a7214964e161f8191dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:49:27 GMT
x-content-type-options: nosniff
age: 143716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33554
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:59:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 07:49:27 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7053 48 KB
48 KB 44ms
6ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTeZ8usDxP1ee961dFEw4URzDpI8HFRgKe_pKsCyTt_8vXq9VkK907P19LxqLI&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5777edbbf8f58611b35a5d87269098e8dc30f01e667c2bcb42fdb9a28172d152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:49:56 GMT
x-content-type-options: nosniff
age: 114887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48654
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:30:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 15:49:56 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7053 52 KB
53 KB 97ms
21ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR-DZDVDRUDmzIN_l755_2ULxK_hmbrKaCc-dP01SGA7B2zdMNuWNm3g1bjiDc&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf4f30b03edfe8c18a01937139d7d47b95f5134dcf3cf75de88c31e0f0176d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 13:49:23 GMT
x-content-type-options: nosniff
age: 122120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53358
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:33:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 13:49:23 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7053 34 KB
35 KB 97ms
21ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR7juDco0Qvxi56OCRAXcPUTKW2byX-LoiT-_D132vn-K7WThi4_yb1WjqqQA&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647d65c0c6142f04b717396d1006156b9219439b1394ae977fe7161097303e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:21:33 GMT
x-content-type-options: nosniff
age: 285790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35207
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:36:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 16:21:33 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7053 35 KB
35 KB 60ms
12ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRF_DZAAoJxMmXif6qi4k0kXcLPDBFTxYSV27vpU2rPRaqeJSDpGCVgpV85XVE&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78f17f25775c1d0a16168d83411f8af2afd12f23e9c069de273ae5846fd9874a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:47:45 GMT
x-content-type-options: nosniff
age: 118618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35602
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 22:22:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 14:47:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FABC 4 KB
621 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082630&bpp=2&bdt=1566&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad9c00c122de89a-2282a68e7ddc0072%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MbOBB6JGQTl5fU9GB7k1E1PDhcP0Q&gpic=UID%3D00000bb3d9f5d51d%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MZV8FuL_kK8N6kx3Dm-V16xwp6QTg&prev_fmts=0x0&nras=1&correlator=6723948186165&frm=20&pv=1&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jMpV5Umvs6&p=https%3A//loto.hijera.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 11 Feb 2023 22:22:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FABC 2 KB
765 B 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:28:49 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/ Frame FABC 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 09:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9030
x-xss-protection: 0
server: cafe
etag: 14849286796705262889
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 09:28:37 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FABC 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 19:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:11:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/ Frame FABC 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 18:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19105
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7626
x-xss-protection: 0
server: cafe
etag: 5262822293969176042
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 18:26:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FABC 156 KB
48 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48910
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675860536307976"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 3fa5291869997d20adf47a02a7a75d04.js Show response
www.gstatic.com/mysidia/ Frame FABC 34 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3fa5291869997d20adf47a02a7a75d04.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 16:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 111288
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14191
x-xss-protection: 0
last-modified: Fri, 10 Feb 2023 00:05:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 11 May 2023 16:49:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FABC 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvG1FaijoY_eJKKPA9u8PoKKDiArdzuTvbrSNqdj-EJaCzYWIFhABIKu4mWpgleKQgqAHoAHu7YyNKcgBCagDAcgDywSqBMoBT9BkCTyzsoXYwcDt8Ru-Jtv5dkSs-ybhYIB6PRe1Y89lbOo9Poloh4Bh4p_y99VPTylObPCO40lhG8lv9Oi5T0c36CteWHhv_H4s6XVHpJxLTbGIkdMh4BFrq2ByPdtPGIKTOwobqH5p2ajBmxWN0pXaftVZgil2lUY9rxK9ZRJeVMKuvUJMstDsq2dKapD79-AqqESfwaCqiBhq22gORsQ92fRyY2h94Fn4skLRvwEGFyddw35hhMWuk87Q01940harZIo7fjKalsAEkvzox6EEkgUECAQYAZIFBAgFGASgBi6AB-6l3ewDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0eQG0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMM0BUBgBcBshccChoIABIUcHViLTI5NDI0MjEwMzg2MzYzNTQYAA&sigh=0I0Og9My78U&uach_m=[UACH]&cid=CAQSSwDUE5ym8-h1Or0VlOLJy3Id6rCU9OOFDUB0BjZYfgGLjrRUwG4mIB4F2tezdPbiKfFOmQ1IuEOziVtPvLEx7NjWcwk5zuGg1X7MAxgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2942421038636354&output=html&h=200&slotname=8564525461&adk=1362157561&adf=2653041513&pi=t.ma~as.8564525461&w=1200&fwrn=4&lmt=1664012409&rafmt=11&format=1200x200&url=https%3A%2F%2Floto.hijera.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1676159082630&bpp=2&bdt=1566&idt=2&shv=r20230207&mjsv=m202302060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6ad9c00c122de89a-2282a68e7ddc0072%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MbOBB6JGQTl5fU9GB7k1E1PDhcP0Q&gpic=UID%3D00000bb3d9f5d51d%3AT%3D1676159082%3ART%3D1676159082%3AS%3DALNI_MZV8FuL_kK8N6kx3Dm-V16xwp6QTg&prev_fmts=0x0&nras=1&correlator=6723948186165&frm=20&pv=1&ga_vid=724570967.1676159082&ga_sid=1676159082&ga_hid=1186837622&ga_fc=1&rplot=4&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2773&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759926%2C44759875%2C42531706%2C31072259%2C31072288%2C44779793%2C31071268&oid=2&pvsid=904433421108168&tmod=1243691009&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=jMpV5Umvs6&p=https%3A//loto.hijera.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 11 Feb 2023 23:44:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/4063219480242609307/ Frame FABC 21 KB
21 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4063219480242609307/6592766407814317453

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1adbabb5788d3c08bb6467ed531609241b79173084f43565b124ca68f5b343e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 16:24:01 GMT
x-content-type-options: nosniff
age: 112842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21607
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 17:23:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 16:24:01 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11862428245358564176/ Frame FABC 8 KB
8 KB 10ms
9ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11862428245358564176/14763004658117789537?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07ff10437c163669099937d25624e5d324cbb0e57e86a824de9207aa2f0cd0ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 18:57:46 GMT
x-content-type-options: nosniff
age: 103617
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8402
x-xss-protection: 0
last-modified: Sun, 15 Jan 2023 17:24:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 10 Feb 2024 18:57:46 GMT

GET
DATA 200
OK truncated
/ Frame 7053 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Logo_Bulgari.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/ Frame 7053 80 KB
4 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/Logo_Bulgari.svg

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ca422e10818ab417ed9cb003e72f205d0b8a8656db3b6e9cdce365ae7ffc8a1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Feb 2023 06:33:34 GMT
age: 407469
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3772
x-xss-protection: 0
last-modified: Tue, 31 May 2022 16:02:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 07 Feb 2024 06:33:34 GMT

GET
DATA 200
OK truncated
/ Frame FABC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f322beeb0cd1c77fda56c5c4b648f98c77e1ef78643524b0ca550cbe8f20ffa9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FABC 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:49:45 GMT
x-content-type-options: nosniff
age: 348898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Feb 2024 22:49:45 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FABC 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:400d:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 11:48:56 GMT
x-content-type-options: nosniff
age: 474947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:48:56 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 7053 48 KB
48 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTeZ8usDxP1ee961dFEw4URzDpI8HFRgKe_pKsCyTt_8vXq9VkK907P19LxqLI&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5777edbbf8f58611b35a5d87269098e8dc30f01e667c2bcb42fdb9a28172d152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 15:49:56 GMT
x-content-type-options: nosniff
age: 114887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48654
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:30:58 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 15:49:56 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7053 42 KB
42 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVhbuMEt0LWZiPPSSMqD5SVibxsbwLV2fw6tmXqK5DlBhr8OJsB0ZVSXRsa3Y&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bb329a7522fbff372d467d29bc0fec4c0c005848d078899e9de7e71f92908d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sun, 05 Feb 2023 09:05:11 GMT
x-content-type-options: nosniff
age: 571172
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42640
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:36:41 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 05 Feb 2024 09:05:11 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 7053 35 KB
35 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRF_DZAAoJxMmXif6qi4k0kXcLPDBFTxYSV27vpU2rPRaqeJSDpGCVgpV85XVE&usqp=CAI

Requested by

Host: loto.hijera.com
URL: https://loto.hijera.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78f17f25775c1d0a16168d83411f8af2afd12f23e9c069de273ae5846fd9874a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 14:47:45 GMT
x-content-type-options: nosniff
age: 118618
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35602
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 22:22:54 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 14:47:45 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 35ms
21ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67c117a90863d21d04269aca1e0af356f68797954f1230a3bd22ee0f811a7917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11321
x-xss-protection: 0

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C7E 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7053 34 KB
34 KB 21ms
20ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR7juDco0Qvxi56OCRAXcPUTKW2byX-LoiT-_D132vn-K7WThi4_yb1WjqqQA&usqp=CAI

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

647d65c0c6142f04b717396d1006156b9219439b1394ae977fe7161097303e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 16:21:33 GMT
x-content-type-options: nosniff
age: 285790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35207
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:36:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 08 Feb 2024 16:21:33 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 7053 52 KB
52 KB 20ms
20ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR-DZDVDRUDmzIN_l755_2ULxK_hmbrKaCc-dP01SGA7B2zdMNuWNm3g1bjiDc&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf4f30b03edfe8c18a01937139d7d47b95f5134dcf3cf75de88c31e0f0176d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 13:49:23 GMT
x-content-type-options: nosniff
age: 122120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53358
x-xss-protection: 0
last-modified: Thu, 20 Jan 2022 15:33:12 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 13:49:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 23:44:43 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 7053 33 KB
33 KB 23ms
22ms Image
image/jpeg 2a00:1450:400d:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTRO88s47UeNYA_DmnFET1b6XOsWiA1qstj5RHyBlp13uM7H-atzkfnojOPDtM&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6df866dca9f86e2b242dd1fdfb6e3cc55a67ba0cbc5a7214964e161f8191dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Fri, 10 Feb 2023 07:49:27 GMT
x-content-type-options: nosniff
age: 143716
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33554
x-xss-protection: 0
last-modified: Thu, 31 Mar 2022 10:59:01 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 10 Feb 2024 07:49:27 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DBBB 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10927
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 20:42:36 GMT
expires: Sun, 11 Feb 2024 20:42:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 32A1 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4ef3a01002ce9391f6134f70767a571992ec0ab7c2ce5090d925792ae58c1f28

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JtwKgotZn10OsHqjf3ILfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://loto.hijera.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-JtwKgotZn10OsHqjf3ILfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 11 Feb 2023 23:44:43 GMT
expires: Sat, 11 Feb 2023 23:44:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js Show response
pagead2.googlesyndication.com/bg/ Frame DBBB 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4bT6diwPPsQGeut8gwoHo0InSaE1h0LXepToI3_IbtM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 11:17:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14278
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 11:17:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 32A1 0
0 43ms
43ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230207&jk=904433421108168&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DBBB 0
12 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?543ijA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:44:44 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BCC 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuU45VcarFt10BRKL1vguYL6dmtMTa3D0_eV_y4Fgdih9pDMmmRkNTa_QyCFlL71pETDJoxZT5wN3svMFyxxXWNoWGXT7fjpUYvD9L8BC-t6hYl5C5TTtxe-OfeTMcR_sPzUvwsmA&sai=AMfl-YS0wUJ87LIKKlTTbM5F3aem7koK4gk9WJAQK8QR9tA77LqTRZKF4WvnjR9LO6JGAk55fTkUKiiEDGah&sig=Cg0ArKJSzJ8kyZGtGKbFEAE&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&id=lidar2&mcvt=1000&p=0,0,500,180&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676159083177&rpt=292&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EEF1 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGedrdxOwClZu179DiXE2VQpr_7th3E42e8GAGov1Q87kKTWNuof27KW8CdfmiPS2WZDu0IR7vGBp39B1SGcDHUVXXE3pL8GHbt7roW3ENlUr5re_pK0MdWYKsZ0pIWaqxss3nGQ&sai=AMfl-YQ93mweLugUIURSJ3xIm81KrEEwRWUyBdJzO7h9SGcZMW2CKcFFYaqxu-cP6-uXyIGAzlh9ZF1aDF8N&sig=Cg0ArKJSzDE63Gq9G9sYEAE&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&id=lidar2&mcvt=1002&p=12,1,77.21875,729&mtos=0,881,1002,1002,1002&tos=0,881,121,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=0.85&if=1&vu=1&app=0&itpl=2&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676159083179&rpt=378&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FDB 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssn0LBHRiCNnk3OdLSvzbn_t1dmy8mrsmkxtvZ7PPWWp27sIY-q5kllOakR07O3roIhgqOeYpM26yu-ERzqxOCzUV4KYr9dqkb48ErNgwt6mKRCysF79KmhdArgFDAQ-_4GTl86hg&sai=AMfl-YTfTgdNreFi8BtpC8VozTVVUfJj2x7ZObbO_EWscrEy-a11KrDF1mZ8Y2YUUzhSMnbrlb1HC61cG0xu&sig=Cg0ArKJSzLO6kClecdDsEAE&cid=CAQSGwDUE5ymaXKVRTQminAWAKxc6JvfltEY4zCbCRgB&id=lidar2&mcvt=1004&p=0,0,500,180&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676159083175&rpt=279&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Feb 2023 23:44:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230207&jk=904433421108168&bg=!f3ylfCjNAAaq5O5FiuQ7ADkAdvg8Wt2dhulsh2vwdLvRhC1YqqFM_YSJQtv8BoAiwHFVt7RVw_ouFqLUxmdqi3kT2qoJ2cFcXEYCAAAAQ1IAAAACaAEHCgBSKjWdR8yiy7yrn019pQVLBSg1EnXsrTQdJUbu2eFhdTEJ-6FQFet-4G70fvFzjVKJAX_1-b4jx7EN5KxF9nnVEscwvWtJaJ-g70sW58BRvb5jVZkCoe9fK47-KVjVhgIoR7oJHjeYZ-fJWWqq2hsLTm1wCQ-v6ejTDnr-ZPNfUo6cMhmDFjxvX7_cXmRqaIWKByaIQ4rEqGiHPnYn1cs0Myjf1kjgF23a5WIzt_s8G92K1ifvDgg8Iy4Dun8uNBF60TX8ybA515kXoJFkyzgAf1QMTU1Vf9ge9HY2EMMbYdMKjt_ZI0e43oLRxgu_6ChMMyCYzDNjww5s02JXFr5Cr_AtR25QE6IktsQPSXXyGCM8KAtzKI7WmQLLJGP3sZ1omWWhcyp0IPJFGkDr8Csl-V1P-tXVFytkWUPydDOV_rXKPQn8Ga2qVn78HdXav5ZifyGO9g5ueT2QP3Xof9ebsIcjznpGjVfoAMtF4woteKbo1vQIeNzk2qxTr2vqhl17NHLvfLoQkuMDAgmLuGtHD2Lbo2q78UnylfV8OuMDO9ncP0Ilr-iVVBOc5CvcFWt2wPVgRMlg94yeDBYgjEneZKQJkR02T8Y0bp9HTp8l6-StyGh6Fk4X5HIYmAZCOfYobcNHIhTkmPxQo4lkmzIoLPImIJtFweyV9M_IxfYXfvKeJBVkpbyUhSVssGwIEHvaJuadHvNXAl-8GFqn5L8UrVnPEQhEagSsJSFw6zscZytLR7FdKTsc4KFUA-pJj-9MnBsP2Sg4gc1bBEMasmHzAxn0yjKlu7N9aX97w1zsENdjY-JdwLd71yhjQoP4CzkZB3UGccrsAJKMDbEoWXuLymtURF-QZEg_jxPnz9MOpcW8-66L6sMnmy4GPIv5rL4fuakxER-_cWHwzgnHULGkRmBZkAwLKNkwucAVgM2oKb7XfUrYBQ5osrxjuQl6U7in-vs1BWunYNqPSshM7EFDHByfFDNMIzLC4a8W3-6evqRNTmjCVfo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://loto.hijera.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hijera.com/	1970-01-20 09:37:25	Name: _gid Value: GA1.2.1453300939.1676159082
.hijera.com/	1970-01-20 09:35:59	Name: _gat_gtag_UA_149995183_3 Value: 1
.hijera.com/	1970-01-20 19:11:59	Name: _ga_7ME373V6KJ Value: GS1.1.1676159082.1.0.1676159082.0.0.0
.hijera.com/	1970-01-20 19:11:59	Name: _ga Value: GA1.1.724570967.1676159082
.hijera.com/	1970-01-20 18:57:35	Name: __gads Value: ID=6ad9c00c122de89a-2282a68e7ddc0072:T=1676159082:RT=1676159082:S=ALNI_MbOBB6JGQTl5fU9GB7k1E1PDhcP0Q
.hijera.com/	1970-01-20 18:57:35	Name: __gpi Value: UID=00000bb3d9f5d51d:T=1676159082:RT=1676159082:S=ALNI_MZV8FuL_kK8N6kx3Dm-V16xwp6QTg
.doubleclick.net/	1970-01-20 18:57:35	Name: IDE Value: AHWqTUkPb6s9SqCfDoC5SolKux9JRowG8cQWS84OeTcKaCumT7xLpyjbBW7EMI-93tY
.doubleclick.net/	1970-01-20 09:36:02	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 09:35:59	Name: test_cookie Value: CheckForPermission

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://loto.hijera.com/js/cfms.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14024559698426986496/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-2942421038636354&fa=4&ifi=5&uci=a!5&btvi=3&xpc=TaEoeZe3rh&p=https%3A//loto.hijera.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230207/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-2942421038636354&fa=3&ifi=4&uci=a!4&btvi=2&xpc=zriXTQlttM&p=https%3A//loto.hijera.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fontlibrary.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
loto.hijera.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
2001:4860:4802:34::36
2606:4700:3035::6815:2b79
2606:4700:3035::ac43:b310
2606:4700::6812:e234
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:400d:802::2002
2a00:1450:400d:807::200e
2a00:1450:400d:808::2003
45.56.91.11
013a35c8ccd65a201eee6860d6020d5aa9718485a40b3969ade69564ce3de724
02a37e132ade040f91f52464b40f747fea63bae0dd61a0286b7d850078075733
02e9c70274eef18d6e3b438c593762a08f6eed46bae848789b6a8285a39d5a5a
040392dfdfdb57cfca61af538baf6767db388f6c6ba611ab68435ad701c83253
06035e1ce818608c1b28618e4236796d6a7eee24ab8c3fee372126bee1596bb5
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
07ff10437c163669099937d25624e5d324cbb0e57e86a824de9207aa2f0cd0ad
08f278236629a605ffadf58a32ec287ab8d4cb6fe2666ea29efe2f7a12ed8ff5
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0bb329a7522fbff372d467d29bc0fec4c0c005848d078899e9de7e71f92908d0
0d0e2a4591bd097795566e5cb9caa6b293e0a4f8e675f28a0e320dc8f1690770
0e25895d7caaf355a53d19c37c69a06198f668e5422b211d27597ed93983b80b
0f43aedbc350e90a0daf474f41eec2b0b8cb1728ef1019ac3c9df35aafabc9ab
1270009c93f733a7e957a7ad3f9814e505304bf1852db3d434b14b2c73ec159c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc5b0b3a8fbf5ef69b2dac141a864474a6e3dbf55380170299e71814a0346ac
23c82a3f1273463923e568949e251ce25d179de92b5506ccea347dd89a4a018e
26fbef4411227fbb182f0dc62de61bc03585b17e5bd1e10ddf2670ffb60e24cd
27abebdc7c5eb879a3100c3cc3695632438b229be6c7156220b3d900bdd64c71
2e102c8b39959f93b1169824d6eb1a35f4f8838d5774ef125a7eea4a54f84cc0
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33baa62490122e3d60498420f5c46e3deabdbc1c31c5b011156194af8555d27b
3654254eb29dacff7b77fc66b44ee0e7429cb96c3bd5a483859d13fccef5c809
3694ec04d92e37cfacf4b749bc79c5c009c879c7548ecc91aff4f9ae1ef2d0cc
36f536382323af52185970048e4dc397a0371f50e8dead0ae3839993e0d97ff2
392aa2cfa6a7f9a698a949adc1c44bd27869d1dbe59ba1d44d34e3a284292682
39b5006aa2ce3a458e4125ca1d53ef28559fbdcb00ff894c99513fad2d6daf87
3c9343a766e28b630e376b44070c88aacfbdda839602f87b8a56ec9a53b214b9
3e3bf8af0efd6f432a7e869844f0e0c77aa44c00b06069fb46c2be1313ddeafa
41cb21545b545e1acd2b4886c5556b321b0a087c8e381e560136b2c9057932e9
46b53b7d81499d436c2cf50b24e39487e89986dda20a141a42f2d1ecd3dd3396
477c7afb0e442b9ba4844ba9a3cec3840f479eb2805bfb3f7de1e6813c623ce1
4c0dc944edac0beac1a2e3ee52021882a0e03c90a4acd81aaf1f1766603c1d65
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ef3a01002ce9391f6134f70767a571992ec0ab7c2ce5090d925792ae58c1f28
525e2d4c6e4842459aee28dd39872d2881d2c3dc56d3fde43967e758f5dbf350
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
571bccfea3505f4e4ebd31ae7af5e67dd7e98ecda2accfe6b80d956cd53f5bc3
5777edbbf8f58611b35a5d87269098e8dc30f01e667c2bcb42fdb9a28172d152
595017561ccb711f784b01ec7c62e1b9f12d7fb6e625f8b695f5d75add4da80c
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
647d65c0c6142f04b717396d1006156b9219439b1394ae977fe7161097303e9c
6551af92a582e848f0926855236e8c7d2370d2d01760f33ca108a5b904fd0de2
6791953d4848f7ffacdf4c7c43bb7c436c8cb96d37dfbe0ec6214bea3ea0e7f2
67c117a90863d21d04269aca1e0af356f68797954f1230a3bd22ee0f811a7917
6857fab2c1d1e89c6d993692dd1bf6abfaf1f663526010b9ea0fcea0fba3a1fd
68e1fe5f35b4b0131be24086e7de0e04291d335c32ac4868bf0803abe50a862e
699a88d4fcc3b968d8b3e5538262517a75dfec1edbfbe6e346c9d6667f079df7
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7040f10ea2784dac767bff8c3bf6518984befc5faaff696c060c50240a4daea0
736cf120a119b3e8a496e6419ecfb3ff83094c632a5c59ff1bd1b2b1e7e5662f
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61
764138211823225cdf47afe43b7db68ae158893ad12595be2765008cf14539a0
777eb13ea582ec40e7b3624ba3c6a868049ab6656a3aa4b84a8a2666751ac55d
78f17f25775c1d0a16168d83411f8af2afd12f23e9c069de273ae5846fd9874a
7ca044c1c8009249627c65250ee6577607a6bd4877439b2663c2d5c376951e8f
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8825fb2a03439772129529a38dcb7627e31c50fef7e9858b641afab742d060a6
8b66526de2d4a7165d7a43534675d222b348e5a7de88253b7c5af8d2435fcbd2
8d683e97a1f23650a3e38cf3621b924ccf692f2a4204d193335ceddeb9b65353
95400c0abce893a943ceb22f1029b92506b3beda9415c0650bcfc3cb4e401868
98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687
9af42fb111e0ce6bbe2aa0e60f184e2a82d49dcf06a6c0d640c4ce233d64b493
9ca422e10818ab417ed9cb003e72f205d0b8a8656db3b6e9cdce365ae7ffc8a1
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aa12be838e4198d935848abb0af4f2f7c8d997f61999a00e440c6caa6a4e2191
aa3e3c3bb7a10991288a87eae27221917d43a3c5f5f854b3d1b9c5deec899dbd
adfc4e127ee0b08c659ac8b67b8487535bb2962f46e79a1cbf7822248e2b2c8a
ae57aea1cb701121475bcd38a9264115c401927701f4b04a54f9166143c52fe0
ae95052784ccea40a6138037a0d99cf0cab0541ab4e94574398c99fc9fdb3487
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b6df866dca9f86e2b242dd1fdfb6e3cc55a67ba0cbc5a7214964e161f8191dec
b820dc122a80f08db00e452d97da2973b7e45407e11f2e97b043f97aa9a6bd3c
baf4f30b03edfe8c18a01937139d7d47b95f5134dcf3cf75de88c31e0f0176d3
bf618eacf329229fdc32975bbd3cf03e2627a180d69b6a4806c49badc1608d9f
c1adbabb5788d3c08bb6467ed531609241b79173084f43565b124ca68f5b343e
c2663561f9bd4141ad340c6e344edaa435525a64cf59f4350ddd4a716be1a890
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
cc777c7112d34e1a46accc1ae0164635adc2e0ff2ea0e227d73ff1439d0b9e9f
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d4e12eb9ba3e585951accc67459078f16eef9213ec6a983710247c8c7924fb9c
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
dbd53eee86558dd33aa4c2f6e99348743c28667b7f21b0166c488d1c81b59829
dee4be88c74b613a534da75a7ab36b894f95dcf4a12d420bca52899a06c458e1
e1b4fa762c0f3ec4067aeb7c830a07a3422749a1358742d77a94e8237fc86ed3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9846242f137b5ce6fbe2f4b95103c6aaa08584d5bf6541cd0484534640ef8c6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0631422a87c9c9801680d15c611b37f2e32086d18db1d6c67a1913c5957904b
f322beeb0cd1c77fda56c5c4b648f98c77e1ef78643524b0ca550cbe8f20ffa9
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f684fc01dedcba31762a7a8f36ecc14e77a5af002b02750afdf83863d078b075
f77ad1eab39bd1af3241d5c60009ced8cf09f9a02e7495db9825d5cc91424b5f
f8aac7e573372bf76585d5285f0baeaa1e4b0e4bf6d68400bc6365c83a5926e0
f94d2fb1737b84ba35ebf0d4f7deb5af5d4de7763d1c6a515ffd9b27876a4099
f9c38d77b0c72edbb224caa228a92958cd58656b51e45e0be1b899901e3af58f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

loto.hijera.com Open in urlscan Pro 2606:4700:3035::6815:2b79 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

100 %HTTPS

95 %IPv6

13 Domains

21 Subdomains

21 IPs

3 Countries

3923 kBTransfer

6961 kBSize

9 Cookies

0 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

loto.hijera.com Open in urlscan Pro
2606:4700:3035::6815:2b79 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

100 %
HTTPS

95 %
IPv6

13
Domains

21
Subdomains

21
IPs

3
Countries

3923 kB
Transfer

6961 kB
Size

9
Cookies

166 HTTP transactions
5 data transactions