Submitted URL: https://www.lotterypost.biz/
Effective URL: https://www.lotterypost.com/
Submission: On October 02 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 30 IPs in 6 countries across 24 domains to perform 90 HTTP transactions. The main IP is 104.18.18.173, located in and belongs to CLOUDFLARENET, US. The main domain is www.lotterypost.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time www.lotterypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.185.243 15169 (GOOGLE)
2 104.18.18.173 13335 (CLOUDFLAR...)
1 142.250.185.74 15169 (GOOGLE)
30 104.21.12.90 13335 (CLOUDFLAR...)
1 142.250.184.202 15169 (GOOGLE)
1 142.250.186.98 15169 (GOOGLE)
4 13.224.186.4 16509 (AMAZON-02)
1 142.250.185.136 15169 (GOOGLE)
8 216.58.212.162 15169 (GOOGLE)
1 104.16.95.65 13335 (CLOUDFLAR...)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 34.107.148.139 15169 (GOOGLE)
1 185.33.220.244 29990 (ASN-APPNEX)
1 2.18.234.21 16625 (AKAMAI-AS)
1 34.246.212.58 16509 (AMAZON-02)
5 172.217.16.130 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
1 142.250.186.67 15169 (GOOGLE)
2 173.194.76.156 15169 (GOOGLE)
2 91.228.74.189 16509 (AMAZON-02)
1 13.224.193.44 16509 (AMAZON-02)
2 142.250.185.130 15169 (GOOGLE)
1 13.224.193.10 16509 (AMAZON-02)
1 3.130.37.248 16509 (AMAZON-02)
1 13.224.193.5 16509 (AMAZON-02)
2 104.16.94.65 13335 (CLOUDFLAR...)
5 142.250.184.225 15169 (GOOGLE)
1 3 142.250.186.68 15169 (GOOGLE)
1 142.250.185.193 15169 (GOOGLE)
5 142.250.186.65 15169 (GOOGLE)
90 30
Domain Requested by
30 lp.vg www.lotterypost.com
lp.vg
ajax.googleapis.com
8 pagead2.googlesyndication.com www.lotterypost.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
www.lotterypost.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.lotterypost.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.lotterypost.com
4 c.amazon-adsystem.com www.lotterypost.com
c.amazon-adsystem.com
3 www.google.com 1 redirects tpc.googlesyndication.com
www.lotterypost.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.lotterypost.com
2 www.lotterypost.com www.lotterypost.com
1 4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com www.lotterypost.com
1 rules.quantcount.com secure.quantserve.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.lotterypost.com
1 certify.alexametrics.com www.lotterypost.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 certify-js.alexametrics.com www.lotterypost.com
1 secure.quantserve.com www.lotterypost.com
1 fonts.gstatic.com fonts.googleapis.com
1 c.deployads.com lp.vg
1 as-sec.casalemedia.com lp.vg
1 ib.adnxs.com lp.vg
1 prebid.media.net lp.vg
1 ap.lijit.com lp.vg
1 static.cloudflareinsights.com www.lotterypost.com
1 www.googletagmanager.com www.lotterypost.com
1 www.googletagservices.com www.lotterypost.com
1 fonts.googleapis.com www.lotterypost.com
1 ajax.googleapis.com www.lotterypost.com
1 www.lotterypost.biz 1 redirects
0 hbopenbid.pubmatic.com Failed lp.vg
90 33

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
lotterypost.com
Cloudflare Inc ECC CA-3
2021-06-08 -
2022-06-07
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
lp.vg
Cloudflare Inc ECC CA-3
2021-06-10 -
2022-06-09
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
c.amazon-adsystem.com
Amazon
2021-07-06 -
2022-06-27
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2021-03-11 -
2022-04-12
a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2021-04-12 -
2022-05-05
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
*.deployads.com
Amazon
2021-06-04 -
2022-07-03
a year crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA
2020-10-02 -
2021-10-07
a year crt.sh
certify-js.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
certify.alexametrics.com
Amazon
2021-06-14 -
2022-07-13
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon
2020-09-10 -
2021-10-10
a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
misc-sni.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 7 frames:

Primary Page: https://www.lotterypost.com/
Frame ID: C514E79DCDC8BE62C9D6766F1D907DA4
Requests: 86 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 0B483DFC7239C0FD7F3D51AAEE748905
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633175544&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543953&bpp=4&bdt=250&idt=105&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2706010081587&frm=20&pv=2&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7K8V10toEZ&p=https%3A//www.lotterypost.com&dtd=117
Frame ID: 83A0CC28A960A3E49760BD2FE9E59291
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633175544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543966&bpp=1&bdt=263&idt=128&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2706010081587&frm=20&pv=1&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=133
Frame ID: CE7C3C6A8FCA905EC1CE7E8524374DE8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7BC6BFB3F24E1A5A0F79E6FD1F957D0B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 62EC04A73CD6C60E2EC14FB4F05FED54
Requests: 2 HTTP requests in this frame

Frame: https://4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A4E4F54C428BB9CA223B4EA4204C74E
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.lotterypost.biz/ HTTP 301
    https://www.lotterypost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

99 %
HTTPS

0 %
IPv6

24
Domains

33
Subdomains

30
IPs

6
Countries

1258 kB
Transfer

2760 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lotterypost.biz/ HTTP 301
    https://www.lotterypost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

90 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.lotterypost.com/
Redirect Chain
  • https://www.lotterypost.biz/
  • https://www.lotterypost.com/
77 KB
20 KB
Document
General
Full URL
https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28277cf7e2ef91f86017c93a91ead7dfc7c71b9032e7e4b52159fa272ab32b76
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.lotterypost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-type
text/html; Charset=utf-8
content-length
19651
cache-control
no-cache,no-transform
content-encoding
gzip
vary
Accept-Encoding
set-cookie
g=a=44471.3280512269&b=44471.3419401157&c=%2f&d=; expires=Sun, 02-Oct-2022 11:52:23 GMT; path=/; secure; HttpOnly f=a=44471.3280512269; domain=lotterypost.com; expires=Sun, 02-Oct-2022 11:52:23 GMT; path=/; secure; HttpOnly tz=1; expires=Sun, 02-Oct-2022 12:52:00 GMT; path=/; secure; HttpOnly ASP_Session=SURTQCQA/JIHDPHKDKMJAACHCOPMAJIDH; secure; path=/; HttpOnly g=a=44471.3280512269&b=44471.3419401157&c=%2f&d=; expires=Sun, 02-Oct-2022 11:52:23 GMT; path=/; secure; HttpOnly f=a=44471.3280512269; domain=lotterypost.com; expires=Sun, 02-Oct-2022 11:52:23 GMT; path=/; secure; HttpOnly __cf_bm=y3wOWWWXT8_8VuWxQC9w4E83XLZ_woGmk_D2LsbOdvk-1633175543-0-AeyU+RIlKtyaSRYD/w/owiFCYgBwaniXEI6ia+A5wDPWwha/CCvpfHIoZ2M+VEhi8R4SZfCyMfxn+67Ht18L6qc=; path=/; expires=Sat, 02-Oct-21 12:22:23 GMT; domain=.lotterypost.com; HttpOnly; Secure; SameSite=None
x-lp-member-status
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
697db9699bcc42e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://www.lotterypost.com/
date
Sat, 02 Oct 2021 11:52:23 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
225
x-xss-protection
0
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/
84 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f10.1e100.net
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 01 Oct 2022 09:52:43 GMT
asp
lp.vg/js/fs10828.0/
71 KB
25 KB
Script
General
Full URL
https://lp.vg/js/fs10828.0/asp
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24905
last-modified
Tue, 12 Jan 2021 20:27:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uOB2oxBYBfa7o829bpqa%2BkK42ePF2MoHVvWh8XpHlTMvg55YRyO%2BW6zxf2QlHEHmhKk%2BYVb%2FvCbPBtRrkXooJC6VDCriyqpI8vfZbQqJh4lDgNStxCOmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31534505,no-transform
accept-ranges
bytes
cf-ray
697db96c7b466901-FRA
expires
Sat, 24 Sep 2022 23:32:39 GMT
css
fonts.googleapis.com/
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 09:58:35 GMT
server
ESF
date
Sat, 02 Oct 2021 11:52:23 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 02 Oct 2021 11:52:23 GMT
asp,asp-main.css,news.css
lp.vg/css/fs10828.0/
63 KB
14 KB
Stylesheet
General
Full URL
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647690
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13978
last-modified
Fri, 30 Apr 2021 16:51:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37m7jjP3t9tUrhAC7MOkF6lRJxTwhJ1ItQMS%2FAwXsIlDvIblxfh3mWpA6ePVpIAjGqvhYSONDosdI6nTernIG%2F8IVng%2B0Yl1sBVM5x952HDInD5sOKuhWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31533977,no-transform
accept-ranges
bytes
cf-ray
697db96c7b456901-FRA
expires
Sat, 24 Sep 2022 23:23:50 GMT
gpt.js
www.googletagservices.com/tag/js/
73 KB
26 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
eb1e150667a1699d56e4993594a25afc18e44453d8a1db11e1204c25eec745c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1003 / 955 of 1000 / last-modified: 1633125993"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25717
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Oct 2021 11:52:23 GMT
apstag.js
c.amazon-adsystem.com/aax2/
133 KB
36 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
fa9a6b916dc80ef0454d830bf506550f11701f28b799a714db7866804bb000b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
0d0Z4dbcdSYGBiYuZLddBrbLxSByo3RY
content-encoding
gzip
etag
7b23ecae67f1ad61bd5c4d3f3b70e51e
age
715
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
server
Server
x-amz-rid
18RJS0E097ZQR3E76X7V
date
Sat, 02 Oct 2021 11:40:29 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
RySqjoTQ4pVDkjuBIaAlIU4KyxeyYhsvy8O6Y0vAbp9AT6IRy2MqZg==
pb3.21.0.js
lp.vg/js/f1/
196 KB
62 KB
Script
General
Full URL
https://lp.vg/js/f1/pb3.21.0.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62878
last-modified
Sat, 01 Jan 2000 05:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtY1hXQESZYO5cYROP0z%2FTGU5FHs5b%2FGlKlHYQmWkYV3CBcne79Y6U6F8RpaYPehQDWWacw%2FXKFmXpBwrzQmDZNbwVVuNdVh56viKl%2BmV%2BHsd7LZE1NP9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31535971,no-transform
accept-ranges
bytes
cf-ray
697db96c9b886901-FRA
expires
Sat, 24 Sep 2022 22:56:56 GMT
gtm.js
www.googletagmanager.com/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
bbc68fce12fc8dc9d2b04011a4d2291316a569f291c32b2b1b969d331416b280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33571
x-xss-protection
0
last-modified
Sat, 02 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Oct 2021 11:52:23 GMT
lp_logo.png
lp.vg/images/
20 KB
21 KB
Image
General
Full URL
https://lp.vg/images/lp_logo.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20811
last-modified
Tue, 21 Feb 2017 21:49:07 GMT
server
cloudflare
etag
"614390538c8cd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oM0BjHeWI2TcX54q5FEcIDslOglxzK2Fs9HBlzQYPiIBOKYwglv1myN%2BcBPhm73w4nUZZ8AFoI0e8PIWqd986AQyOesoNlsazQ7i8WiAkBjr85iZErKrFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b8e6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
b.gif
www.lotterypost.com/
43 B
141 B
Image
General
Full URL
https://www.lotterypost.com/b.gif
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:path
/b.gif
pragma
no-cache
cookie
g=a=44471.3280512269&b=44471.3419401157&c=%2f&d=; f=a=44471.3280512269; tz=1; ASP_Session=SURTQCQA/JIHDPHKDKMJAACHCOPMAJIDH; __cf_bm=y3wOWWWXT8_8VuWxQC9w4E83XLZ_woGmk_D2LsbOdvk-1633175543-0-AeyU+RIlKtyaSRYD/w/owiFCYgBwaniXEI6ia+A5wDPWwha/CCvpfHIoZ2M+VEhi8R4SZfCyMfxn+67Ht18L6qc=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.lotterypost.com
referer
https://www.lotterypost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
private,no-transform
strict-transport-security
max-age=15552000
accept-ranges
bytes
cf-ray
697db96c9a2442e1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
usa-mega-button-2.png
lp.vg/images/
18 KB
18 KB
Image
General
Full URL
https://lp.vg/images/usa-mega-button-2.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17960
last-modified
Fri, 18 Dec 2020 16:20:19 GMT
server
cloudflare
etag
"ecbb9ad59d5d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEjd%2B1pQbsikmuTY9%2F%2FeQWhLhJqoIlF5941tw%2B9UlxActXEoe4rUzsHGMlWaO6K1VAGVAupokeUcH9CgUySb8d73gcvvIs%2FxNQmB%2BMysPX%2FIMu1L6jZUPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b906901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
LotteryPlaces_140x375.jpg
lp.vg/images/
19 KB
19 KB
Image
General
Full URL
https://lp.vg/images/LotteryPlaces_140x375.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19025
last-modified
Tue, 21 Aug 2018 20:38:45 GMT
server
cloudflare
etag
"4f827df48e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcbO9K0lQLwZkZkBH2MS7%2FRA9SpqQnbjZB3BfwQD6srb5f5RMY98TauGZEsqP6WXnhl6xtPcCHYugNFTWYVwNVN9EOIvX1yhy2fm0xWrL157R27kqzkJAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b916901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
Results2012-US-FrontCover-57x72.jpg
lp.vg/images/amazon/
2 KB
2 KB
Image
General
Full URL
https://lp.vg/images/amazon/Results2012-US-FrontCover-57x72.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1818
last-modified
Tue, 21 Aug 2018 20:35:02 GMT
server
cloudflare
etag
"1f7ea56f8e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sovItjs826tR7fEauTIC5AsViH0MmDg65GDK73IxurcR9Fv%2FgBsFp9OCEY62f0o6cE3o6Mx5vjaIbIzWVtJ6GvU7ySBAc0zCHyLGWTSdShbpJdIyllGUFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b936901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook-share.png
lp.vg/images/
3 KB
4 KB
Image
General
Full URL
https://lp.vg/images/facebook-share.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3387
last-modified
Tue, 25 Sep 2018 17:12:37 GMT
server
cloudflare
etag
"fae128f5f254d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BMxX6dXxDW1%2F81Q1vJYiATn309AT855r4QrDe5H8Nx8sapazsnZ9Def4D5AntzMgXoOreW%2F8lANc5hO0sAWAvxl3v%2Bbg53NqTN7lShkVcqqwIRrTSvvSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b946901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_powerball.jpg
lp.vg/images/
13 KB
13 KB
Image
General
Full URL
https://lp.vg/images/newsicon_powerball.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88e4806e083246e88e8bcaaf24a32bb4a5d12825a45696537a64d8758880538

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
481214
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13153
last-modified
Tue, 21 Aug 2018 21:01:50 GMT
server
cloudflare
etag
"c6a64d2e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaZ3C9X0O%2FvuXIULQvoGNg94re2OSPhqHnO7kIynQMraF7T2FuHrr9DNq566z9Dl5sF7jenF2pGeYlrJCYQeNN9n1tD1b%2FGiWRnoZKDX%2FmveyP0QPsVcxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b956901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_milottery.jpg
lp.vg/images/
12 KB
13 KB
Image
General
Full URL
https://lp.vg/images/newsicon_milottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12678
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"89abd12d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyNcpHczI9%2BJ2kD0SmSrnWQxTjtybtv7rTBWwmBTZ5RuxDlVLWBzjJC2VAJTcmj9YvSY8UvZyr1VIvld706LpJSu91sUzurp5TtRr6iH0VK94h6LjEfdXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b976901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_txlottery.jpg
lp.vg/images/
13 KB
13 KB
Image
General
Full URL
https://lp.vg/images/newsicon_txlottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b813df1588f1943d275a86850087398f0278bcc4c068088ac77c6c8d312287db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
230157
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13110
last-modified
Tue, 21 Aug 2018 21:01:51 GMT
server
cloudflare
etag
"f8f2b82e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIdvCkdy6tfYDY%2F7apv7%2BZLMbxKSz4OfnmzhfybwoOxC35tuzF2D6HxrKURXx2JRfuKECboFaLpEUHcSEnYcHGrOvd14IedzYp%2FPSMRknm0RtG8Jumh01g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b996901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_valottery.jpg
lp.vg/images/
22 KB
22 KB
Image
General
Full URL
https://lp.vg/images/newsicon_valottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c30d255b6876569786f56c1e5a605ced32a91b468b25ceb07a9aef4366c4b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462101
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22410
last-modified
Fri, 24 Sep 2021 22:51:58 GMT
server
cloudflare
etag
"5d5d85c796b1d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaDwWrolvx7ieEyrpskqou7BlzWqutWkDI0gGj6SqY7F2FVF1ONa7saQ0QRxHXC8sM0RFbKDgkQc1ZP3ndFu9RrCEyTXVCQxNwPHKDO4C2IkrejHGDF%2B%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96c9b9a6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_video.jpg
lp.vg/images/
19 KB
19 KB
Image
General
Full URL
https://lp.vg/images/newsicon_video.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19468
last-modified
Tue, 22 Jun 2021 20:45:47 GMT
server
cloudflare
etag
"77f34294a767d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4Xqds8fRIkUPNFfDndclTqLfdD%2F60y3M3BboUIdeGw3%2BMTOjHDcDaczfGf%2BI4w12jU%2BAJu%2BJq17y46B13sgt0fOeB3vPRCS0766BfMIr%2Bz7%2F8VNP8ImhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabaa6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_megamillions.jpg
lp.vg/images/
18 KB
18 KB
Image
General
Full URL
https://lp.vg/images/newsicon_megamillions.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18243
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"d9d4d82d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMcULYieOrKRHUd1Ju4F2jsG0nffkgAxNlS94Hi7egS2l8Pv2opdLWQptqDYic2b0KckZ6N3QZcQbeCWQEQe6iofOzXkNP34WOw9H1O4noaUQ85prg6usQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabae6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_mmpb.jpg
lp.vg/images/
18 KB
18 KB
Image
General
Full URL
https://lp.vg/images/newsicon_mmpb.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c175640789b3979ee56202a19854920a2c017886276cab376f3d462169381cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18495
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"5b60e22d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLnWtP5i7259NwmEzOKPao%2FWAWyeXvN5sr2Xc4MOaj%2FX7j9phah1rlx%2F%2FnGvsiWOeXPeM%2FR1qXrjbtN41wnXaxLEd%2FErqW3J%2BXQ5LHgTkH%2F9dvbdph53Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabb06901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_mdlottery.jpg
lp.vg/images/
14 KB
14 KB
Image
General
Full URL
https://lp.vg/images/newsicon_mdlottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4db2874ff8d7c267f2eb7eedf3ff2eb4c790bc43b877351a571935c6b226fc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647689
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14385
last-modified
Fri, 19 Jun 2020 11:40:21 GMT
server
cloudflare
etag
"b8ef5692e46d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e493CHyOX08%2BwT1OcAJ%2BbLeXsJHGeTvqFgVCYG3yYWZw1A%2Fnhle8dI6zYKZYsX8Q4ou1DWgss0beSYGQuvPxWGX74VRmEuWGSXedXP68YItiVQJp2C81Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabb16901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
143 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
c27e95af5418359eded9cbed482ebf506a4f44d0de5c70cbe6335c82640fb4a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51130
x-xss-protection
0
server
cafe
etag
13872847043855845884
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 11:52:23 GMT
bgbody1.jpg
lp.vg/images/theme/
3 KB
3 KB
Image
General
Full URL
https://lp.vg/images/theme/bgbody1.jpg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
650911
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2922
last-modified
Thu, 11 Oct 2012 12:17:36 GMT
server
cloudflare
etag
"e828f165aaa7cd1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoeIobw99A5tg4WanHRKZGIrgEfKSR2jjKO1tyBxcWEde%2FGRcCli03B6zMDAZUYQpYLrlZk%2FT8UYdyHEl6e8z36msL9vCMr8aops6cxlozxA%2BW8P1MqLXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabb26901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/
51 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
gold-star.svg
lp.vg/images/svg/
1 KB
977 B
Image
General
Full URL
https://lp.vg/images/svg/gold-star.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"33c4be19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FH1kdfC9RGzCx9SF%2FUhdrlOs%2BmqmzhTAcaO8EsZpFNJj34LdBkA21J9%2BVz0W%2B6az1j94AvdZFnv5CmtqoUgzf057h5YTcUPdjqkv8Bk2DB%2FzcYcrmLFkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cabb36901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
books.svg
lp.vg/images/svg/
3 KB
2 KB
Image
General
Full URL
https://lp.vg/images/svg/books.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip,gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
974
last-modified
Tue, 24 Jul 2018 20:57:05 GMT
server
cloudflare
etag
"80268ae09023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxrxyLAEeBYasImcNZxdFMIMUBYb4ASgeta4HpHxgZjvjLJ9m0Ik5rS1JsmmfooxNJt8%2FzRSr9zQOfP0EokrYJcztd%2FIBP2NDa2vw8PD8JtgsHUE8NdaKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabb56901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
icon-gift-gold-64.png
lp.vg/images/theme/
6 KB
7 KB
Image
General
Full URL
https://lp.vg/images/theme/icon-gift-gold-64.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6609
last-modified
Mon, 23 Jul 2018 18:37:22 GMT
server
cloudflare
etag
"b5abe231b422d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50DOfa2WBid4GYEIqjuq94%2BacHMiX%2BD6c3%2Bd8Mw7E7FW57%2B6l3YpytnCMSQGfQS%2BmhSbNU0%2BHW2Lt1qMvdsjKrq%2B%2BqbiSVhIoukW3DqRFqnYjAOGZjMteg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cabb76901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook.svg
lp.vg/images/svg/
332 B
591 B
Image
General
Full URL
https://lp.vg/images/svg/facebook.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"d37a27e19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCqjCpiPHoj%2FMXOXIK%2BV3Tw5c8FG7WkVxHjLMnxtu7%2FXgKAtE3HnMH3BE995QtbnbBAJE9O%2FqByBaXya1zkNTNpfZoH6wufOmStrB38d8R%2F%2BMKuY5Sl58Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cabb86901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
twitter.svg
lp.vg/images/svg/
370 B
544 B
Image
General
Full URL
https://lp.vg/images/svg/twitter.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:07 GMT
server
cloudflare
etag
W/"eee315e29023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50i%2BO9YvDf57zV7C9DJx2dIjDAna3yIvgp5cetjI%2FnMj6JTNayua4cCXIlZLu8rSH90%2B%2BWu1AMDsHIlcxnzijJeQzSmVdGGWDYKLplf2X1ElFL5Nl6uFmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cabba6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
instagram.svg
lp.vg/images/svg/
3 KB
1 KB
Image
General
Full URL
https://lp.vg/images/svg/instagram.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Apr 2021 16:37:56 GMT
server
cloudflare
etag
W/"ceb4d42cdf3dd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kaZa0oGfYBtsQ9jo7ma758s6OngY9Lax6rBAuS2sPggE3iYQrJIu2%2FpPIYUD4Z0EwIYpWaC%2FNZ6EQM6eafw3%2F%2FDTLd6ONQ4M%2BF%2F8th9xlveivoVsMLcuyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cabbb6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
youtube.svg
lp.vg/images/svg/
358 B
573 B
Image
General
Full URL
https://lp.vg/images/svg/youtube.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 28 Jul 2019 22:19:01 GMT
server
cloudflare
etag
W/"174bb1759245d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xoN%2BRjQN5J05F2zqmSYNtVNZa79ja%2Fcq00ttFZo9Z36c2quh8WZenAF9u1YX5Qq7EMALq39TplR622hcR4SMB7DdySmYVK71R7MQCtwicPgMC%2BM3SBm6YA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cabbc6901-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
advert.js
lp.vg/script/
70 B
739 B
Script
General
Full URL
https://lp.vg/script/advert.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651108
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 11 Feb 2020 14:29:00 GMT
server
cloudflare
etag
W/"6714389ae7e0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPqRxTipwGmjK%2FkDAfyfsn5lsF%2B7uMUONK5xW%2BQZxqoSW36EP%2F5pbcL1s0fk%2BbPlOjjB4lipp7cFLEcUToIYmCGRStcEP0wzqQqmziN9bRS8gbV7BvIlAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
697db96cb8464ee6-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/
13 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
697db96cda826943-FRA
truncated
/
46 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
amazon-logo.svg
lp.vg/images/svg/
4 KB
2 KB
Image
General
Full URL
https://lp.vg/images/svg/amazon-logo.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip,gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1780
last-modified
Sun, 17 Nov 2019 17:10:11 GMT
server
cloudflare
etag
"805ba8de699dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1cYNBC1%2B7vMav658t6Ty0%2B2VpBzVO3Wh3IzeZ8eOm6MWcUibEG3nMd9kDl4yp9NhxOszOcN%2BxuD5GYx8ShCKJ7BrUciTp%2BBnThuk8zxnAW4fbA2k40N7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cc8554ee6-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
sprite-24-1.png
lp.vg/images/theme/
135 KB
136 KB
Image
General
Full URL
https://lp.vg/images/theme/sprite-24-1.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
648467
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
138480
last-modified
Sun, 06 Apr 2014 16:33:55 GMT
server
cloudflare
etag
"f04f9b0b651cf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmACstmoVBabxYjLQBJBCSlOsdNq4zadlT23TimtP9z3sL3s7o%2BMz6r6oMY4l3KxWIEp3z9EKpxHSk%2BOXxrk6Ly%2F1RSk80MJ4ljU%2FXwXyesXqB66D9FHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cc8564ee6-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/
140 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
235 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg-footerContent-2x.png
lp.vg/images/theme/
29 KB
30 KB
Image
General
Full URL
https://lp.vg/images/theme/bg-footerContent-2x.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30167
last-modified
Thu, 19 Jul 2018 18:33:19 GMT
server
cloudflare
etag
"7355ef78e1fd41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vfHwH9sYd6Lf7oqq5MXVBNJ%2BowjIExsFwCEqHdC2ZNFVOWQUE3dW%2FR8GMhDDtQJkKmc8aD5EF1bD8RDExSSTvRvAVCMzvXKrr7hyabYGre2CHZRhTfqB8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96cd8684ee6-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
SessionCount.aspx
lp.vg/services/
47 B
653 B
Script
General
Full URL
https://lp.vg/services/SessionCount.aspx?callback=jQuery224046737928267167317_1633175543866&_=1633175543867
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
342a586d7d945d8a90b2677ff40880e2719c8e9a59b5a770cb22dc73f086bff5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgly%2FLT5f3ipMSPfAYxHGCO4JseoGjiKDshv8zd5n4FqUy9RMjKwW8KC70%2FcJvq2k8K2KhEGofyz0Rz8ft6%2Bo6cm4xsIrVyxBl9YnXqVm013JnOQA2eZfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store,no-transform
cf-ray
697db96d39004ee6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70
expires
-1
bid
ap.lijit.com/rtb/
24 B
651 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.21.0
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
cd647485de5dab4b6efe78147197f483bd89f815da06d61654ce6a0e58cbcf61

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Oct 2021 11:52:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
sprite-16-2.png
lp.vg/images/theme/
74 KB
75 KB
Image
General
Full URL
https://lp.vg/images/theme/sprite-16-2.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.12.90 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
651107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
76265
last-modified
Tue, 13 May 2014 19:03:09 GMT
server
cloudflare
etag
"e0132fbdd6ecf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9pb6DmLbgWrjXziohEiqkMOTVPXJb6%2FZnaPvfmC4eiFDvnKcH6L%2FMlOV24SMltSn9PwNOu7BXmvGvAw609UEYt9LsAkzFlCbRILDI1de2Bq6voYg0adHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
697db96d593f4ee6-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
prebid
prebid.media.net/rtb/
330 B
456 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0975ce83fb78d6b4d0c233f91872a28aa03b4387a29eb439ac5979d5f9008fd7

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
ib.adnxs.com/ut/v3/
612 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
21a30b6b56ddcde1c5be0c2743621d1f7431ab716c76d7d1448afe8650fd9f53
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 02 Oct 2021 11:52:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.114.205; 216.131.114.205; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d6f9b863-2cbe-4883-b234-f035253ccab2
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/
0
0

cygnus
as-sec.casalemedia.com/
25 B
579 B
XHR
General
Full URL
https://as-sec.casalemedia.com/cygnus?s=341167&v=7.2&r=%7B%22id%22%3A%22255d8897aa13215%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22261aa48e210ac74%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341167%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2227591b9e3c6f484%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341166%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22281e1270bb5a82d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2229e07ce74eea549%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22303e31a180be92f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341162%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lotterypost.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d486a76cacc5714482d95b3792cd19b032625329fee7bb9ce415abaceb21bc05

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 02 Oct 2021 11:52:24 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.114.205], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
45
X-AK-CLIENT-GEO
12
Expires
Sat, 02 Oct 2021 11:52:24 GMT
auction
c.deployads.com/openrtb2/
61 B
254 B
XHR
General
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_3.21.0&host=www.lotterypost.com
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.212.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-212-58.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
12a62607a3627ccd8de9e549a2e70fa092e785cbe54a182bb78d761be670b083

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:24 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
61
config
c.amazon-adsystem.com/cdn/prod/
0
328 B
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.lotterypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
safuVepFe6l30EWdgFe45Y8_FhTypFhpQOjZdbn-mDGGX1ae6-tUqA==
bid
c.amazon-adsystem.com/e/dtb/
23 B
492 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pid=CoFTLbPFGLbcK&cb=0&ws=1600x1200&v=7.69.2&t=900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_728x90%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_468x60%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Primary%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Secondary%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_120x600%22%7D%5D&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
AMM07ND7ZQKC1P120S61
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
9vbfsX0V98zc124FafyV3bz-ILefB1oBewfOi6fShlSgHXavESOUPQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 14:56:32 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
75352
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-type
application/javascript
x-amz-cf-id
rAg3ehetaLNZFxORx69VLN4-wSMgXj0O08Yx0Yp7NNOCE14NMnULxQ==
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/
336 KB
118 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 02 Oct 2021 11:52:23 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
75 B
733 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lotterypost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
f716ad7f9c7d704196846ea6f7d24eb9a2214e2a5fe4f157291c715c246ef97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Sat, 02 Oct 2021 11:52:23 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/
257 KB
95 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
cc7b69dce7a199a83f41f4f0f14c3955c09788a452a9abc2aa5924ad984ee513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97174
x-xss-protection
0
server
cafe
etag
16831716765010033174
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Oct 2021 11:52:23 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 0B48
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 01 Oct 2021 23:27:01 GMT
expires
Fri, 15 Oct 2021 23:27:01 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
44723
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f3.1e100.net
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lotterypost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 14:28:38 GMT
x-content-type-options
nosniff
age
509026
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 14:28:38 GMT
dc.js
stats.g.doubleclick.net/
45 KB
17 KB
Script
General
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
162
date
Sat, 02 Oct 2021 11:49:42 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Sat, 02 Oct 2021 13:49:42 GMT
quant.js
secure.quantserve.com/
24 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 09 Oct 2021 11:52:24 GMT
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
13628698
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA2-C1
X-Amz-Cf-Id
9D78uY4a3-ugD-Te6xbPocPfR5TSCmOc1qR8o6fYUMgq3PmG923jCA==
cookie.js
partner.googleadservices.com/gampad/
205 B
410 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lotterypost.com&callback=_gfp_s_&client=ca-pub-3077964989149008
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0e4ab3a974c39eb4b2cd9ebbb3aa7c11d87c131b4751e617058bcd685779a96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
194
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 83A0
430 B
231 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633175544&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543953&bpp=4&bdt=250&idt=105&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2706010081587&frm=20&pv=2&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7K8V10toEZ&p=https%3A//www.lotterypost.com&dtd=117
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
802fede63afb63b1fb2be01b9538bcf345a95cede74e28fe9d3a67c95dea9ecb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633175544&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543953&bpp=4&bdt=250&idt=105&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2706010081587&frm=20&pv=2&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3027&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=7K8V10toEZ&p=https%3A//www.lotterypost.com&dtd=117
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 02 Oct 2021 11:52:24 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 12:07:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 11:52:24 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame CE7C
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633175544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543966&bpp=1&bdt=263&idt=128&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2706010081587&frm=20&pv=1&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=133
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633175544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633175543966&bpp=1&bdt=263&idt=128&shv=r20210928&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2706010081587&frm=20&pv=1&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062987&oid=2&pvsid=2102379149292209&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=133
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 02 Oct 2021 11:52:24 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 02-Oct-2021 12:07:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 02 Oct 2021 11:52:24 GMT
cache-control
private
atrk.gif
certify.alexametrics.com/
43 B
584 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lottery%20Post&time=1633175544104&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.lotterypost.com%2F&random_number=17138323806&sess_cookie=c186e6a317c40d9212762f409e9&sess_cookie_flag=1&user_cookie=c186e6a317c40d9212762f409e9&user_cookie_flag=1&dynamic=true&domain=lotterypost.com&account=6BUjg1asOv00UI&jsv=20130128&user_lang=en-US
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-10.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 02 Oct 2021 03:30:19 GMT
Via
1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
30125
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Edge-Origin-Shield-Skipped
0
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
X-Amz-Cf-Pop
FRA2-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
P61cVoQ3qkkWBt4hT7-kBUCwt3pM_0sWTN1Eq95EXLSgjOb-_2_iag==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.130.37.248 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-130-37-248.us-east-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
server
Server
rules-p-7alUP9zu-TfBA.js
rules.quantcount.com/
3 B
461 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-7alUP9zu-TfBA.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-5.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 06:37:09 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
age
18916
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
content-length
3
last-modified
Sat, 04 Mar 2017 20:09:04 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
rrfLIAABXF558ipAYK4sCtcjIszT_VFdoEOhsXIwkS2kCU-jU8ieqg==
__utm.gif
stats.g.doubleclick.net/r/
35 B
55 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=257584251&utmhn=www.lotterypost.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lottery%20Post&utmhid=81106026&utmr=-&utmp=%2F&utmht=1633175544119&utmac=UA-7096458-1&utmgtm=2wg9r0D86W&utmcc=__utma%3D130209170.510327382.1633175544.1633175544.1633175544.1%3B%2B__utmz%3D130209170.1633175544.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=637125063&utmredir=3&utmu=qAAgAAAAAAAAAAAAAgQAAAAE~
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.76.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ws-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 02 Oct 2021 11:52:24 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1694309532;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-418989543-1633175544142;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=lott...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1694309532;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-418989543-1633175544142;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=lotterypost.com;je=0;sr=1600x1200x24;dst=0;et=1633175544142;tzo=0;ogl=image.https%3A%2F%2Flp%252Evg%2Fimages%2Flp_icon_310%252Epng%2Cimage%3Awidth.310%2Cimage%3Aheight.310%2Cimage%3Aalt.Lottery%20Post
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.189 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=1114796121&adf=2104700100&fmt=804x482&str=true&ad_y=3027&vph=1200&r_nh=0&r_ifr=true&qid=COi8poHVq_MCFWtIFQgdz6oFDA&w=804&h=482&nh=0&rsz=%7C%7CeE%7C&abl=CS&frsz=false&err=0&url=https%3A%2F%2Fwww.lotterypost.com%2F
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210928&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
db6e799ab458b5b9b9dce98e6727df3dcb3f55188ecc1ffa240a53406df17917
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8541
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ Frame
0
0
Preflight
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.lotterypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
697db9710ae25c85-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/
0
77 B
XHR
General
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
697db9711b0a5c85-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_fy2019.js?bust=31062987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 02 Oct 2021 11:52:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7BC6
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sat, 02 Oct 2021 11:17:12 GMT
expires
Sun, 02 Oct 2022 11:17:12 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2112
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 62EC
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
GSE /
Resource Hash
5545b05786294e80122961b72dc798b4cc9be20adfbb10d5a6df6858e1341692
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FQRS26XdBb3ADfKu3ScXdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 02 Oct 2021 11:52:24 GMT
date
Sat, 02 Oct 2021 11:52:24 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FQRS26XdBb3ADfKu3ScXdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 62EC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210928&jk=2102379149292209&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 7BC6
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 17:43:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
65340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 17:43:24 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210928&jk=2102379149292209&bg=!4OOl46fNAAZE-GIIRPg7ACkAdvg8WlcfMLDl_bPya1eZyTOgEH1mKtVyL5jCYxfAllYXkeJeSJdMeQIAAABZUgAAAAtoAQeZAsq67rHUJQ2RZZh2wQlz3qqIdZVInTIIEQoi1GVLuOIw9wswJKn_8OG9HonJRyo4Z-WMvONUOFdnulB_jEqQVOsSao8Se9q3JRzY6LZFzyRjXrRHEA21RP2KhnBJtAUSBi3L6cviWfvrNfLCA0VAkwA8hpUeietlFSak5jNFbdUm8sESaGjQvILaiTZK6upWn7Ox18PCoCacMrQ-H7EX8wNZ_hALqdVXpbY5ev28fPoidKhZm5obbo_qtwGp50lfvqDcJeEBBGzCzW3FpEQ7RvTJBTtA0Z_svZCZTjzOVwGJviUwsXHolnWn2RBcm4BAPFh3Abp3hw3XwwvoAd1nQOkI5MK5c0W2iW3Bgne-YCgL1QVKZV1jgJ5SHa0U4jG_ks5aFOQ6QXOXdgdE6kxigpYXUM2iEfyWpxjBoF7pxLqx1ap6qN6AfKxSXQ3-K2qf2SPolgvICyGx72Mik50XaYp4gt_gcUi3ZgFUqj1WayoVPt9FST5NKT5IVpMlhLXg-IInoHYqp4po-1dD89AfFFU4R8sn6fPwYhKYn804GGpMXSMejsVG5s5NPo7V5yD2Z0vIA3XaUp_QXxGXiu7fMkAcouhpOvGWNNIMRxfDXOUnam522J9Vs_7g0MuN4aEyI44tM3Ocxn2vTyTEeLpbKvSE0oHJQXzGQblJruGE1DALcVT9QMK769BWF7KGCcZTU4TKVz6QnBuVUE4tbVoPf30gbQI8ggp9X1CW1obc_YPC0bgrMah7CLir8dHGHPqWS0SkC_ixKdYxa5OpAo7de-LLvhshUNmb0s56-hE5LKyjR2FdIBomW9_IdBnCEE5tpt6XxO5ps_2O02v6mGJAa_8mzMKjjhDExhMOk9s66HptSjHx4ql-ycvQXKpuNpxu_nCsvrrfxDhGCvYOqbIZDcccSnbJLOStC89gkdCm5X0_jrccrTJBqEKgOF8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 02 Oct 2021 11:52:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
189 KB
26 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2102379149292209&correlator=1949127223535199&output=ldjh&impl=fifs&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211002&iu_parts=13070090%2CLP_728x90%2CLP_468x60%2CLP_300x250_Primary%2CLP_300x250_Secondary%2CLP_120x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C120x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=5&cust_params=Device%3DComputer%26Content%3DAll%26Category%3DHome&cookie=ID%3D1a0ac6845ef671a6-2255050ae3ca0055%3AT%3D1633175544%3ART%3D1633175544%3AS%3DALNI_MYx-cv7RTppknVxFmijCnhDIFe2KQ&bc=31&abxe=1&dt=1633175544812&dlt=1633175543703&idt=373&frm=20&biw=1600&bih=1200&oid=2&adxs=712%2C496%2C1140%2C1140%2C178&adys=10%2C491%2C194%2C1211%2C1309&adks=167273885%2C4006668155%2C1304712773%2C2713855732%2C267450723&ucis=1%7C2%7C3%7C4%7C5&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lotterypost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1300x0%7C804x2833%7C300x3273%7C300x3273%7C157x1991&msz=728x-1%7C468x-1%7C300x-1%7C300x-1%7C120x-1&ga_vid=510327382.1633175544&ga_sid=1633175544&ga_hid=81106026&ga_fc=true&fws=4%2C0%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
f1c9ffd77a2ee6f089e9ff20652e4a3a5e7bfce1c95a673fe1014e6ae67f9fc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 11:52:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26214
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,53163250
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,40851056890
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A4E
6 KB
4 KB
Document
General
Full URL
https://4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 02 Oct 2021 11:52:24 GMT
expires
Sun, 02 Oct 2022 11:52:24 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012109102127000/
189 KB
55 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012109102127000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55506
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c42e3b94efe0099e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 10:03:42 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/
13 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4995
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"bc03df60ee69192f"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 10:03:42 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/
89 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28507
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"283b6526337df106"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 10:03:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/
4 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
179323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1638
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 10:03:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b3f838efba7b15f2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 10:03:42 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012109102127000/v0/
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012109102127000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.65 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f1.1e100.net
Software
sffe /
Resource Hash
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
153526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12820
x-xss-protection
0
server
sffe
date
Thu, 30 Sep 2021 17:13:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2e8049efde94274d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 30 Sep 2022 17:13:39 GMT
truncated
/
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab50fd5dc471be2d5a5f9c57961b124c025482930e5a1ca98e271c2f6d3f1910

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
84652357824452205
tpc.googlesyndication.com/simgad/
50 KB
50 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/84652357824452205?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk64WaZvsdmulf0fEuSXUScUm1U4A
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
91153a4b2b329f816b27ebba3af3e8093573ff358bc33e509792c6739c496fea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 00:00:38 GMT
x-content-type-options
nosniff
age
388307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51078
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 16:07:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 28 Sep 2022 00:00:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 14:19:22 GMT
x-content-type-options
nosniff
server
cafe
age
77583
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 02 Oct 2021 14:19:22 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 14:31:09 GMT
x-content-type-options
nosniff
server
cafe
age
76876
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 02 Oct 2021 14:31:09 GMT
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS13lUdtOibOzi-pUK6U7hpQYoN_pZFVN5VhJV_pOPC42qYIKgGcKsB3NNEKuJRDQV_dWD7_e6yzCildYNqH9vckk1VAg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

adview
securepubads.g.doubleclick.net/pagead/
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cl8X3-EdYYY7rNqShrASGhpGICNLg4qhl_5_Bv9YOm-_dlqwJEAEg8q2FHGDJBqABnK_7qALIAQLgAgCoAwHIAwiqBOIBT9CMlJL9WZK29R1GFGvE2f_oGatSyoYnxyWjYh0nOJBJpSIZ--VJTuCh6Z0YO4bcW8yyYecPCibaHvWN4HdReIFPJElXKFWn0Ds5ZOKIUQZig38nGkF4d2c9p9QImNm9LP9YbP5kvPKtnsvTX9tVBqUxpgefUKW3dlnYQTWqloKfvzODH0kWuXDo7uaK45fCNsnDN2L1_mF_CPFhIeEmNTsVpYiVBJmwkGcdbaeHzyx_cm0WUrRvOsTcD20vNa1CgenqQB0idBPgSV7pWB844xRXVVydIzWPBJHcRNNUJapTLsAE8rbog-YD4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHBBDWrA3SCAcIgGEQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTExMjEyMjgzNzk4MzcyODkY2rER&sigh=T3o8sxdQCak
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date
Sat, 02 Oct 2021 11:52:25 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxE8ZBhu0FF7p5yMT62LktvkEdx979sunxdt2qqgsjt-jwtAqSFqCTziEyh5OK1g4iDX-CBDiLG8U0fblRtVTBFzgYRY6-XBvHvaVI5HQ88w_bmuc&sai=AMfl-YR7jVUA8FtPYBXkqq30wvuE6L9I-w2IWx9lHzVWoDH5O7d4Xy0PMXT50n_byytjTa_yusJKq50atWO2kx0qsSIsUkaRx5xKnJ1Pa4G0tedVgOmMCjO1r5RyhlE&sig=Cg0ArKJSzHZ_HmDMcbWUEAE&cid=CAASFeRoKgYPHXEg696q8ITxIoIds6sDDQ&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=41&tls=1041&g=100&h=100&tt=1041&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=167273885
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Oct 2021 11:52:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster object| LPPreInit object| googletag function| pbBds object| pbjs object| apstag object| dataLayer object| adsbygoogle function| $ function| jQuery string| dataSpace string| dataSpaceStyle string| dataSpaceAnimated object| effect function| effectsEffectSlide object| LP object| LPCookie object| LPErrorType object| LPError object| SW object| gL object| mL function| pbjsChunk object| _pbjsGlobals boolean| apstagLOADED object| __cfBeacon object| ggeac object| google_js_reporting_queue object| google_tag_manager number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map number| curtop string| google_user_agent_client_hint object| _gaq object| _qevents object| _atrk_opts function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages function| atrk boolean| _atrk_fired function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _gat object| google_image_requests object| GoogleGcLKhOms object| AMP object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG function| FormProxy number| panelWidth object| $cols

19 Cookies

Domain/Path Name / Value
www.lotterypost.com/ Name: g
Value: a=44471.3280512269&b=44471.3419401157&c=%2f&d=
.lotterypost.com/ Name: f
Value: a=44471.3280512269
www.lotterypost.com/ Name: tz
Value: 1
www.lotterypost.com/ Name: ASP_Session
Value: SURTQCQA/JIHDPHKDKMJAACHCOPMAJIDH
.lotterypost.com/ Name: __cf_bm
Value: qi8jbCofjSeo.HeS3jE0MM.CwfXGfGiz2iceNP82Cds-1633175543-0-AWm26qk+RQulK+5wZPX9gTJWS5y8g49G7E58NZ7noEHeBPx7GFn2Sx/225vUoZpPZYoGMXtuGMJgzb/neB/wtSU=
.adnxs.com/ Name: icu
Value: ChgIvtpWEAoYASABKAEw-I_higY4AUABSAEQ-I_higYYAA..
.adnxs.com/ Name: uuid2
Value: 3280542540208657683
.lotterypost.com/ Name: __asc
Value: c186e6a317c40d9212762f409e9
.lotterypost.com/ Name: __auc
Value: c186e6a317c40d9212762f409e9
.lotterypost.com/ Name: __utmc
Value: 130209170
.lotterypost.com/ Name: __utmz
Value: 130209170.1633175544.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.lotterypost.com/ Name: __utmt_UA-7096458-1
Value: 1
.lotterypost.com/ Name: __utma
Value: 130209170.510327382.1633175544.1633175544.1633175544.1
.lotterypost.com/ Name: __utmb
Value: 130209170.1.10.1633175544
.quantserve.com/ Name: mc
Value: 615847f8-25178-a118c-acd18
.lotterypost.com/ Name: __qca
Value: P0-418989543-1633175544142
.doubleclick.net/ Name: IDE
Value: AHWqTUleA6dZTweboewA9V-npYhSWHQ_cztZfHxIb0E4o2oIznUzqUAHPs3njJfclNA
.lotterypost.com/ Name: __gads
Value: ID=1a0ac6845ef671a6:T=1633175544:S=ALNI_MY7iC235K_LIqFUYNiQVHdAiKNtPQ
.doubleclick.net/ Name: DSID
Value: NO_DATA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4284d61e7592349f4e0e1e8370542238.safeframe.googlesyndication.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.deployads.com
cdn.ampproject.org
certify-js.alexametrics.com
certify.alexametrics.com
cloudflareinsights.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
lp.vg
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid.media.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lotterypost.biz
www.lotterypost.com
hbopenbid.pubmatic.com
104.16.94.65
104.16.95.65
104.18.18.173
104.21.12.90
13.224.186.4
13.224.193.10
13.224.193.44
13.224.193.5
142.250.184.202
142.250.184.225
142.250.185.130
142.250.185.136
142.250.185.193
142.250.185.243
142.250.185.74
142.250.186.130
142.250.186.65
142.250.186.67
142.250.186.68
142.250.186.98
172.217.16.130
173.194.76.156
185.33.220.244
2.18.234.21
216.58.212.162
3.130.37.248
34.107.148.139
34.246.212.58
72.251.249.9
91.228.74.189
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c30d255b6876569786f56c1e5a605ced32a91b468b25ceb07a9aef4366c4b8
0975ce83fb78d6b4d0c233f91872a28aa03b4387a29eb439ac5979d5f9008fd7
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74
0e4ab3a974c39eb4b2cd9ebbb3aa7c11d87c131b4751e617058bcd685779a96e
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
12a62607a3627ccd8de9e549a2e70fa092e785cbe54a182bb78d761be670b083
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
19ad029fe2230dc2b7eda8d3c2b8d872aae2e718c0209bcaec04cd51a04d9165
21a30b6b56ddcde1c5be0c2743621d1f7431ab716c76d7d1448afe8650fd9f53
235dd149eac993d9f773d67eb3432fda6c4d81c98d29c4fb150707fae2b59908
28277cf7e2ef91f86017c93a91ead7dfc7c71b9032e7e4b52159fa272ab32b76
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
342a586d7d945d8a90b2677ff40880e2719c8e9a59b5a770cb22dc73f086bff5
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320
5545b05786294e80122961b72dc798b4cc9be20adfbb10d5a6df6858e1341692
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
802fede63afb63b1fb2be01b9538bcf345a95cede74e28fe9d3a67c95dea9ecb
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
91153a4b2b329f816b27ebba3af3e8093573ff358bc33e509792c6739c496fea
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab50fd5dc471be2d5a5f9c57961b124c025482930e5a1ca98e271c2f6d3f1910
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c
b4db2874ff8d7c267f2eb7eedf3ff2eb4c790bc43b877351a571935c6b226fc5
b813df1588f1943d275a86850087398f0278bcc4c068088ac77c6c8d312287db
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50
ba870dd4f1f375d33aa3770685227bd38160d194969b3840232fad67c1989bb8
bbc68fce12fc8dc9d2b04011a4d2291316a569f291c32b2b1b969d331416b280
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5
c175640789b3979ee56202a19854920a2c017886276cab376f3d462169381cdd
c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98
c27e95af5418359eded9cbed482ebf506a4f44d0de5c70cbe6335c82640fb4a9
c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7b69dce7a199a83f41f4f0f14c3955c09788a452a9abc2aa5924ad984ee513
cd647485de5dab4b6efe78147197f483bd89f815da06d61654ce6a0e58cbcf61
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1
ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d
d486a76cacc5714482d95b3792cd19b032625329fee7bb9ce415abaceb21bc05
d4cb8e3d3f1d9da69c5096249099aaa6ec5942dc20f922cc6c99f7b7b4557584
d50905d9c0e2c1f4a30e217e1eade952d04600860ccf4aec5240e6fd31eb9b29
db6e799ab458b5b9b9dce98e6727df3dcb3f55188ecc1ffa240a53406df17917
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88e4806e083246e88e8bcaaf24a32bb4a5d12825a45696537a64d8758880538
eb1e150667a1699d56e4993594a25afc18e44453d8a1db11e1204c25eec745c0
edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c9ffd77a2ee6f089e9ff20652e4a3a5e7bfce1c95a673fe1014e6ae67f9fc9
f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80
f716ad7f9c7d704196846ea6f7d24eb9a2214e2a5fe4f157291c715c246ef97c
fa9a6b916dc80ef0454d830bf506550f11701f28b799a714db7866804bb000b3