www.lotterypost.com Open in urlscan Pro
2606:4700::6812:13ad Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lp.vg/
Effective URL:
https://www.lotterypost.com/
Submission: On August 03 via manual (August 3rd 2022, 9:55:28 am UTC) from US — Scanned from NL

Summary HTTP 84 Redirects Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 22 domains to perform 84 HTTP transactions. The main IP is 2606:4700::6812:13ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lotterypost.com. The Cisco Umbrella rank of the primary domain is 183447.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time www.lotterypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 28	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:13ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	65.9.71.118 65.9.71.118	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.200.56.14 18.200.56.14	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
6	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:440e::6812:2fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	107.154.132.27 107.154.132.27	19551 (INCAPSULA) (INCAPSULA)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
84	29

28 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lp.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:13ad (United States)

ASN13335 (CLOUDFLARENET, US)

www.lotterypost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.71.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-118.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.200.56.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-56-14.eu-west-1.compute.amazonaws.com

c.deployads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 107.154.132.27 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.27.ip.incapdns.net

wm.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s10.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thelotter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	lp.vg 1 redirects lp.vg — Cisco Umbrella Rank: 377906	526 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	215 KB
10	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118	170 KB
7	thelotter.com wm.thelotter.com — Cisco Umbrella Rank: 787827 s10.thelotter.com www.thelotter.com — Cisco Umbrella Rank: 208722	51 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323	42 KB
3	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1249 cloudflareinsights.com — Cisco Umbrella Rank: 1244	5 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 267 fonts.googleapis.com — Cisco Umbrella Rank: 67	64 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 983 pixel.quantserve.com — Cisco Umbrella Rank: 465	30 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	71 KB
2	lotterypost.com www.lotterypost.com — Cisco Umbrella Rank: 183447	20 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 953	455 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	418 B
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 13999	792 B
1	gstatic.com fonts.gstatic.com	18 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1356	459 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 679	750 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 238	1 KB
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1330	647 B
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 518	119 B
1	deployads.com c.deployads.com — Cisco Umbrella Rank: 4137	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	38 KB
84	22

	Domain	Requested by
28	lp.vg	1 redirects www.lotterypost.com lp.vg ajax.googleapis.com
7	pagead2.googlesyndication.com	www.lotterypost.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.lotterypost.com
4	c.amazon-adsystem.com	www.lotterypost.com c.amazon-adsystem.com
3	s10.thelotter.com	ajax.googleapis.com
3	wm.thelotter.com	securepubads.g.doubleclick.net wm.thelotter.com ajax.googleapis.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	cloudflareinsights.com	static.cloudflareinsights.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.lotterypost.com
2	www.googletagservices.com	www.lotterypost.com securepubads.g.doubleclick.net
2	ajax.googleapis.com	www.lotterypost.com wm.thelotter.com
2	www.lotterypost.com	www.lotterypost.com
1	www.thelotter.com
1	www.google.com	tpc.googlesyndication.com
1	pixel.quantserve.com	www.lotterypost.com
1	rules.quantcount.com	secure.quantserve.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	secure.quantserve.com	www.lotterypost.com
1	fonts.gstatic.com	fonts.googleapis.com
1	prebid.media.net	lp.vg
1	ap.lijit.com	lp.vg
1	ib.adnxs.com	lp.vg
1	as-sec.casalemedia.com	lp.vg
1	hbopenbid.pubmatic.com	lp.vg
1	c.deployads.com	lp.vg
1	static.cloudflareinsights.com	www.lotterypost.com
1	www.googletagmanager.com	www.lotterypost.com
1	fonts.googleapis.com	www.lotterypost.com
84	32

This site contains no links.

Subject Issuer	Validity	Valid
lotterypost.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
lp.vg Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.deployads.com Amazon	`2022-05-05` - `2023-06-03`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.google.nl GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.thelotter.com GeoTrust RSA CA 2018	`2021-12-16` - `2023-01-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.lotterypost.com/
Frame ID: 18C8BED2B5B6108211599E007FAE05D3
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/zrt_lookup.html
Frame ID: 89E13434C43C111A83128FF9DB4B8BA3
Requests: 1 HTTP requests in this frame

Frame: https://fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C29873D0629D78EC221790B9223F8FF6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1659520523&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659520523126&bpp=4&bdt=416&idt=239&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&correlator=6394051221892&frm=20&pv=2&ga_vid=2011165431.1659520523&ga_sid=1659520523&ga_hid=692482377&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=328&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44760911&oid=2&pvsid=3876547850538278&tmod=958379609&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=faEFeepmq3&p=https%3A//www.lotterypost.com&dtd=253
Frame ID: 2B38B291627E572172461B77E5EA1FA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1659520523&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659520523141&bpp=2&bdt=430&idt=244&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=6394051221892&frm=20&pv=1&ga_vid=2011165431.1659520523&ga_sid=1659520523&ga_hid=692482377&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44760911&oid=2&pvsid=3876547850538278&tmod=958379609&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=250
Frame ID: 07C6F1E169FD10D75C6B7629C257223D
Requests: 1 HTTP requests in this frame

Frame: https://wm.thelotter.com/playthebig.widget.ifr?langref=1&theme=four_six_eight_on_six_zero|v2&targeturl=&clickURL=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3a%2f%2flp.vg%2fpartner%2fbiggest&dateformat=ddd,+MMM+D,+YYYY&v=20160907
Frame ID: 768A50DD9876A6A32DD72B2B8D87E28E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D7B82567A4E3DF69285E9A635C7D59DD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CD501F9A9ECEB9FBA3F730A42D8195F8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://lp.vg/ HTTP 301
https://www.lotterypost.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

100 %
HTTPS

68 %
IPv6

22
Domains

32
Subdomains

29
IPs

6
Countries

1257 kB
Transfer

2884 kB
Size

20
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lp.vg/ HTTP 301
https://www.lotterypost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.lotterypost.com/
Redirect Chain

https://lp.vg/
https://www.lotterypost.com/

75 KB
19 KB

239ms
163ms

Document
text/html

2606:4700::6812:13ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:13ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2a4c09cfaf6a44e33051b3e64f381ef84cb9bdfc277600be7fb7cfcff6daaef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache,no-transform
cf-cache-status: DYNAMIC
cf-ray: 734e2d61edc0b8be-AMS
content-encoding: gzip
content-length: 18967
content-type: text/html; Charset=utf-8
date: Wed, 03 Aug 2022 09:55:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-lp-member-status: 0

Redirect headers

accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-transform
cf-cache-status: DYNAMIC
cf-ray: 734e2d5f4c1ab770-AMS
content-length: 151
content-type: text/html; charset=UTF-8
date: Wed, 03 Aug 2022 09:55:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.lotterypost.com/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfwAx9CFAX9wgtNufAE96yccwTY2KvLHcd6sCjh%2BNccgw06gzTXNYM3tc9o%2Bd6Jlv5Dzk%2FyAMktGgz6MiHSZcSQwr7fNSmqWSGwOHBmvSX62FDx67unjSnIcEM9l6RPsFRzhug%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2404
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 09:15:18 GMT

GET
H2 200 asp Show response
lp.vg/js/fs10828.0/ 71 KB
25 KB 36ms
33ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.vg/js/fs10828.0/asp

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1401058
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24905
access-control-allow-origin: *
last-modified: Tue, 12 Jan 2021 20:27:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOmUlJlbotqzo9ggcqFXeGKlfxxxnuLfmKT5D8veKW%2FOh0MvkMKN8T15VyVLFPApwuMmGD21icUV%2FeCML55grwXA3WA8X00hBMqccb%2FJcLUoEdkpRMnGkQGN0Iau8O%2Bgd1FHEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public, max-age=31507760,no-transform
accept-ranges: bytes
cf-ray: 734e2d632c3cb770-AMS
expires: Mon, 17 Jul 2023 20:53:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 121ms
42ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,700

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 08:28:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 03 Aug 2022 09:55:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Aug 2022 09:55:22 GMT

GET
H2 200 asp,asp-main.css,news.css
lp.vg/css/fs10828.0/ 63 KB
14 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 745299
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13978
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 16:51:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQ%2Bbi61njkb5%2Fll4pE1HDwmhWOx%2FYXOf1IXwesHl%2BeauEKgaqXhMf3cv4m209WLn6ESVRtJ4D1etNVFmI1XOl44Ohs%2FmgdJsQ2WCdHCkH7hsNBEbaqhSj593Ez9kC2jer9CmGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public, max-age=31536000,no-transform
accept-ranges: bytes
cf-ray: 734e2d632c3db770-AMS
expires: Tue, 25 Jul 2023 18:53:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb7c062c888fd8e0cba0276d802a7312444e2d835381337e49a83b8ae2311333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28608
x-xss-protection: 0
server: sffe
etag: "1292 / 475 of 1000 / last-modified: 1659516321"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 03 Aug 2022 09:55:22 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 129ms
35ms Script
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 03 Aug 2022 09:09:03 GMT
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront), 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 2780
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA6-C1, FRA56-C1
content-encoding: gzip
x-amz-cf-id: 4tRn5DQcz8Ixx45jLua-obABNyhmipUOJl2C3mUqHWyO5FVl6zurOA==

GET
H3 200 pb3.21.0.js Show response
lp.vg/js/f1/ 196 KB
62 KB 106ms
91ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.vg/js/f1/pb3.21.0.js

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 559353
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62878
access-control-allow-origin: https://m.lotterypost.com
last-modified: Wed, 03 Jun 2020 14:37:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wJ%2FMqqiwkUdQseNfXXp%2FFhO1KHjOa9N2D0o3QTaraGkZyHsmUpl1iCv9OiwkuQkSpVHYXUdkZdtXP%2FO5%2BEgt%2BDo%2BfJiqpEyLZRkimjeUmTfBE%2F4zNPYoej%2FXZz92634HmRIbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public, max-age=31522125,no-transform
accept-ranges: bytes
cf-ray: 734e2d640bf20c5d-AMS
expires: Thu, 27 Jul 2023 18:41:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 137ms
44ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-D86W

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba964a085a65e5d05e84d3f65ef1a3cbc7e16ee4d76fe2afd519470a6d03e109

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38202
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Aug 2022 09:55:22 GMT

GET
H3 200 lp_logo.png
lp.vg/images/ 20 KB
21 KB 130ms
116ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/lp_logo.png
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20811
access-control-allow-origin: *
last-modified: Tue, 21 Feb 2017 21:49:07 GMT
server: cloudflare
etag: "614390538c8cd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NnmBF4lufhVEq%2FV4gILDbMMG6H2wBpMYNQwzmm9wWaOytdaNJmDV8d3uslZqu15SUeyRWV8%2BNktArwu59l8OZ4%2FTj9j53m5qwMX8kM92jpzK4Mo9m6%2FkFu4AomX4SoQ9wsTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bf50c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 b.gif
www.lotterypost.com/ 43 B
450 B 220ms
160ms Image
image/gif 2606:4700::6812:13ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.lotterypost.com/b.gif

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:13ad , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: DYNAMIC
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
content-type: image/gif
access-control-allow-origin: *
cache-control: private,no-transform
cf-ray: 734e2d644aeab948-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare

GET
H3 200 usa-mega-button-2.png
lp.vg/images/ 18 KB
18 KB 50ms
35ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/usa-mega-button-2.png
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 399667
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17960
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 16:20:19 GMT
server: cloudflare
etag: "ecbb9ad59d5d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8uMJDs5%2BArw11BSWVpLPT%2Fhb8iUAl%2BOT%2BHw8P4Rl4mA8ghHOLGy9%2BS5rfYG0UDuxdSfG%2FpNP%2F5A753D2Q%2FVvkH4xW9czuKnVhNXaFYoi1ZWk3deEMjQEWFoqAHIYXk3wnKKog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bf60c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 LotteryPlaces_140x375.jpg
lp.vg/images/ 19 KB
19 KB 76ms
62ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/LotteryPlaces_140x375.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19025
access-control-allow-origin: *
last-modified: Tue, 21 Aug 2018 20:38:45 GMT
server: cloudflare
etag: "4f827df48e39d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alwo%2BLLKufRNDnZhwKJ9OZ%2BfbnmIvpxx92ypkiTtjh2XrLnms1bMnDc1hP3Ka%2BHfPFa6jUAXdb2thw4ROi8HLbVyV2ya7HcUHJyL5E5iqk2ob9VWRENLltNMXYBxKOcLoD2Rug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bf90c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 Results2012-US-FrontCover-57x72.jpg
lp.vg/images/amazon/ 2 KB
2 KB 389ms
374ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/amazon/Results2012-US-FrontCover-57x72.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1818
last-modified: Tue, 21 Aug 2018 20:35:02 GMT
server: cloudflare
etag: "1f7ea56f8e39d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZU0v%2FsU5sQoIJ4ff8KIj5w9Ii%2BlgrxAXCu0T9Vv4onQp63Pg4e5DwcK4WrZXLmfIeCvj3Dcsyw95BhLVrpdJdduGgX57Xnb60rKpssiaipYokeFp3rKSspbov6%2FlR02Rel233Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bfa0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 facebook-share.png
lp.vg/images/ 3 KB
4 KB 77ms
64ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/facebook-share.png
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3387
access-control-allow-origin: *
last-modified: Tue, 25 Sep 2018 17:12:37 GMT
server: cloudflare
etag: "fae128f5f254d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9N682KmhENT0Jd2X9GUj%2BDqniEjEfBBnrMaFGZrplyRvbyJqm9ZLIX7lWgx483fsuAdVUTroQ8%2BFOI%2FiDiI24Qnc2bNEw61LokbwRxsU7rnqeE%2Bb5CZnem8cZti0D1uWem9pg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bfb0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 newsicon_kylottery.jpg
lp.vg/images/ 27 KB
28 KB 128ms
115ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/newsicon_kylottery.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef46093fc7cf6e2204d8384a26a1f0d34fd5b519b214e035215511cd1766c45f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27553
access-control-allow-origin: *
last-modified: Wed, 09 Jan 2019 19:02:36 GMT
server: cloudflare
etag: "1043afe24da8d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GnGL%2FOYlpUIVaSr%2BgeX4BSJCrGbEKvVQnq8rZ5YmzGS6YdCOGDeTuV6g1LWNa6Z0I4npRBlsJXjRqA%2BTrW%2BsnP21fthz3lDUWuZ6WCxZfgi%2B%2FcIKSL0Khqv7f5W2B0qmgd3Jzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bfc0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 newsicon_megamillions.jpg
lp.vg/images/ 18 KB
19 KB 151ms
138ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/newsicon_megamillions.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18243
access-control-allow-origin: *
last-modified: Tue, 21 Aug 2018 21:01:49 GMT
server: cloudflare
etag: "d9d4d82d9239d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jo9mXcEek%2B%2FTgQ4ArS6PCmJlgCjyhlkbZSn%2FQnOHGt7HybU%2B9q6FETIjk45a5jw89iwLo4Uc7rcmwEmTr%2B1B1vdn4D9ao3ofFLqbu%2BoxfkG2UWaJU4lejqtbIO8MlKWmFFTPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bfd0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 newsicon_video.jpg
lp.vg/images/ 19 KB
20 KB 440ms
427ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/newsicon_video.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19468
last-modified: Tue, 22 Jun 2021 20:45:47 GMT
server: cloudflare
etag: "77f34294a767d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C0wLQMetJ8PpPtSXhpbrj4TQ5jhfFuQmgAbeHDg0NHl8DolAvlsbt9n6zXDFJQt2y8DYPUECujW9dXI54%2F5%2BxVBF29E%2B7AC782eMCidk%2B7AekoFMtydOdSt8u6SmV4GVDVnu2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bfe0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 newsicon_milottery.jpg
lp.vg/images/ 12 KB
13 KB 152ms
139ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/newsicon_milottery.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14513
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12678
access-control-allow-origin: *
last-modified: Tue, 21 Aug 2018 21:01:49 GMT
server: cloudflare
etag: "89abd12d9239d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZc1KAJ6aYbTVFzyXB%2FD2PpFILb1IJ00aK20vK7ZiIVVs4sgwiTxKc635o26oDfBan%2F5eCjkjWNvHP%2F04zCEk4XO7%2BsoCZWqQVJtmCPJ91FjvIxZEsTvvMiCEmRWgGscUgjY3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640bff0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 newsicon_insiderbuzz.jpg
lp.vg/images/ 16 KB
17 KB 441ms
429ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/newsicon_insiderbuzz.jpg
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f76d9c322a43c5c18deba7f3c8271af53dacda9b32d2b0dc39c29d943473b576

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16171
last-modified: Tue, 21 Aug 2018 21:01:48 GMT
server: cloudflare
etag: "fc9e612d9239d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2HepbJqEDN3w5Lo%2BGU86rcXb5zTjgT0BgakO1qIhXuW1IscHi1OI8aX72Ci6s0OomWBA9f8ufefkVKwWuN0hZgn5mIO6vTbhqrOlxbT2JN%2BoeNcF%2Bq8OeatMA4bVfYDgV82sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640c010c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
56 KB 161ms
71ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98b9658471eee87c8a28053880a5ad2a568878b617277048a1947b5e50882e89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57223
x-xss-protection: 0
server: cafe
etag: 14489521036769243649
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 09:55:22 GMT

GET
H3 200 advert.js Show response
lp.vg/script/ 70 B
859 B 34ms
33ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lp.vg/script/advert.js

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1332347
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Tue, 11 Feb 2020 14:29:00 GMT
server: cloudflare
etag: W/"6714389ae7e0d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uy8vUoI4dS3%2BYDJ8JCtxW%2BYj0XWo%2BIdzqkqabbqUzWCWqtKve7mA2yktuWuCeww%2BUK9sdD58vIO7w6VoBrfyfXsDTb%2FI772q31uyYMfmQLg%2B1%2BKN3wmFCDlfpnSEiFQeXt0rhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d63ebc90c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 14 KB
5 KB 167ms
88ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 734e2d647d2fb879-AMS

GET
H3 200 bgbody1.jpg
lp.vg/images/theme/ 3 KB
4 KB 388ms
377ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/theme/bgbody1.jpg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2922
last-modified: Thu, 11 Oct 2012 12:17:36 GMT
server: cloudflare
etag: "e828f165aaa7cd1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SRDFJS2KP8viCL%2BYV%2BhqqysQyjVMVj9n4I6SKszzAV%2FGJBmNAM%2BZcAb1q5J%2B%2Bad8NyDuxUtfGyCcbhvrCi4iKfTUdnfqzJ03WJIA%2FAzQ0unJfw3YC2eZOPSPZgnyK73E%2BlcQkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640c020c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 gold-star.svg
lp.vg/images/svg/ 1 KB
1 KB 149ms
139ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/gold-star.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Tue, 24 Jul 2018 20:57:06 GMT
server: cloudflare
etag: W/"33c4be19023d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgVr7BJdKMFcrXUyN%2FWHWKFloYZjkyyui3qAeuxVZL5rzYztNK9xXZ5gl9bdr7Jd0E3e4DcaXWX8FWLT1iZ0bLDBybf%2FgMRkhkN2mpFexvSLc6ZZcJS46UvmUiVrY2HugZ%2BcSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c050c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 books.svg
lp.vg/images/svg/ 3 KB
2 KB 149ms
140ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/books.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Tue, 24 Jul 2018 20:57:05 GMT
server: cloudflare
etag: W/"ba6cb7e09023d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AmQ94eefno6OfirFF0grSrN%2FjrEr9O3XIQ5kTqpyMu6BCyK105cgNkAPR0Lr5xKNciJpIjMybug9catPmQLTtnC99lyxYPkzPP7YzEO7lkfLxeEKMEurnsnVyfB%2FXN9ylYh%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c070c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 icon-gift-gold-64.png
lp.vg/images/theme/ 6 KB
7 KB 149ms
140ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/theme/icon-gift-gold-64.png
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6609
access-control-allow-origin: *
last-modified: Mon, 23 Jul 2018 18:37:22 GMT
server: cloudflare
etag: "b5abe231b422d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnjFjCPcdooYhfSotPwAZnEyYBzvPXTeM8oqsWh2fA4WxfSFQDud8rZUyZ3VqX8ex6UuPdYXQoVOkfNiywZgvVE2ROXzNl8Uwj3pEfkR0C46vT7zQ%2Be0%2BXcqs1Lb580nAS%2B3Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d640c080c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 facebook.svg
lp.vg/images/svg/ 332 B
986 B 149ms
140ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/facebook.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Tue, 24 Jul 2018 20:57:06 GMT
server: cloudflare
etag: W/"d37a27e19023d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXB57EAdcLZXoTIuCR1u3hg5AaBe9zL9IgTFuDi04ZW%2B1S%2B1wocEaKyXlbN69y7nrpX1pN2D%2B%2F9Araxx%2BRDB9wkOMFP4WRex2MQfTeW8BLdAQdpR%2Fre6q5OV4scvEuCZvfUQqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c0a0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 twitter.svg
lp.vg/images/svg/ 370 B
1001 B 149ms
140ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/twitter.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Tue, 24 Jul 2018 20:57:07 GMT
server: cloudflare
etag: W/"eee315e29023d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iClXHjfSPreaW0liMQyO%2BfM%2F468nT08giSDujKAQv8hxs%2FGBYHMBIZy%2F%2FsG3g68oG2vvh7L5GvbHLSJIL4d%2B0rfEX3GQ3ZrkmVBd3%2BwC%2BaZV11WqF4%2BvNugEUY9qxmMufVu%2Fsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c0b0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 instagram.svg
lp.vg/images/svg/ 3 KB
2 KB 149ms
141ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/instagram.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Fri, 30 Apr 2021 16:37:56 GMT
server: cloudflare
etag: W/"ceb4d42cdf3dd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Soa%2BR1h2F%2FO0Yw%2BiXV1prskEzqHxrsHjO1ib5LRD2ZDyE2xi2%2BpvCwm42JGxO8KfaWqds55oxHWUqWFMtfhXO7QYOvBgj%2FzVMnl6%2FLWBYVl23CNLaVDAkYuFE3VZOWQj%2BXjs0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c0c0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 youtube.svg
lp.vg/images/svg/ 358 B
972 B 148ms
141ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/youtube.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74488
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Sun, 28 Jul 2019 22:19:01 GMT
server: cloudflare
etag: W/"174bb1759245d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Fzz%2B4z8n71Ro2Gj6ey2asW8M%2Bw8RaqtcEjyDGK4al0ESUQRBmN6MqZuHbZOMzmXNWp1QGHAMQ07z0bX6WnZ7JdzOdUlQv2Z4TkFDPNTXTWwYpqfMKuWnmcwY0ocJNtsSvAWsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c0e0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
DATA 200
OK truncated
/ 46 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 amazon-logo.svg
lp.vg/images/svg/ 4 KB
2 KB 147ms
141ms Image
image/svg+xml 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/svg/amazon-logo.svg
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
last-modified: Sun, 17 Nov 2019 17:10:11 GMT
server: cloudflare
etag: W/"341238df699dd51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbBlACEgZF1LIUjPDDjZPNZfeTvrVpBb%2FiFFRefl7C%2FZI%2Fs7L1LwbUOLXcKRodWdgfljRmR6%2B0jxYMhuO9soC%2Bc%2BYGJhfouH8NYHzDmVoPCP%2BkVf4YerlIipepMIpYvLZQL%2FTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
cf-ray: 734e2d640c0f0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 SessionCount.aspx Show response
lp.vg/services/ 46 B
765 B 353ms
352ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lp.vg/services/SessionCount.aspx?callback=jQuery22408835840000096111_1659520522955&_=1659520522956
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f3b8cff9b502d16c0ddf6aef90173944d33fd5ff55956643f90d2b17a510426

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VwO3KxKi4%2FfKN8ax23iCPvjr8savL72yiCwWegTAi2uzsMyISdTibtWceT2YvKTa3UtVNqKqjXAUSw8Q9anEGpt7tIHjFG9xGWblPTQW1cGX1QB6znwbfgRUct0Uo96B0QomgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: no-cache, no-store,no-transform
cf-ray: 734e2d64aca80c5d-AMS
expires: -1

GET
H3 200 sprite-24-1.png
lp.vg/images/theme/ 135 KB
136 KB 45ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/theme/sprite-24-1.png
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18102
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 138480
access-control-allow-origin: *
last-modified: Sun, 06 Apr 2014 16:33:55 GMT
server: cloudflare
etag: "f04f9b0b651cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBD7pFDAvftMbvJzQm5uwabQvIo9SOh%2FSiQSTtIba9Vxz1chDN0D6lDh4Gt%2Bi8ovN8wqdmlELdv5gJTk2Gq1kim22zGRQnZPe4zcGmKx7IMIj1pY%2FGSQ5Uh6sFsLmpX8%2BqbfTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d64aca90c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
DATA 200
OK truncated
/ 140 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 235 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 sprite-16-2.png
lp.vg/images/theme/ 74 KB
75 KB 69ms
69ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/theme/sprite-16-2.png
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76265
access-control-allow-origin: *
last-modified: Tue, 13 May 2014 19:03:09 GMT
server: cloudflare
etag: "e0132fbdd6ecf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0N5ovNnIXzyZit0nxf2wd%2BQ41sj3mT0KZWObTBJqnFhP%2BTWLK7yA2DHJy5HzuHwmR8BusZ5UH7ZjF6UVfOZ6Xug5C0XSlmHm%2B2AUoY7TezVpTkR34cO%2BYGy0Pp%2B4cdPzI2oTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d64acac0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H3 200 bg-footerContent-2x.png
lp.vg/images/theme/ 29 KB
30 KB 70ms
70ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lp.vg/images/theme/bg-footerContent-2x.png
Requested by: Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74487
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30167
access-control-allow-origin: *
last-modified: Thu, 19 Jul 2018 18:33:19 GMT
server: cloudflare
etag: "7355ef78e1fd41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDywONdDNp58jipYB76kwysmiq39S3XUjyhKVmgBw4PP9rtXfu2bhEigQ4ArJPr5P148ScwJAo%2B2bKpLhWGssraSI6oLBKNl%2BbpPD2FgV2jp4d6CFuWSTvFV88lXYt%2FtH%2FBeGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ch: sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-mobile,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
cf-ray: 734e2d64acae0c5d-AMS
expires: Sun, 21 Aug 2033 05:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 35ms
35ms XHR
text/plain 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.lotterypost.com&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:08:44 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Server
age: 17198
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.lotterypost.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 04hBk7w1JJL700oGPn3iCZ4Ol3ZA2TLrPvUjnHwnsVvZElh6bHkjNQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 124ms
124ms XHR
text/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pid=5iFkuzcTwYZzO&cb=0&ws=1600x1200&v=8.1.0&t=1500&slots=%5B%7B%22sd%22%3A%22AUHead%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_728x90%22%7D%2C%7B%22sd%22%3A%22AURightColTop%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Primary%22%7D%2C%7B%22sd%22%3A%22AURightColMid%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Secondary%22%7D%5D&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-118.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: CA9WE7TKJGPNWJ5B6H7J
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.lotterypost.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: fMPeZd9ths901TlNE3-ey8HCirG8CVZdntXutM9zcPoDTCn3vEucGg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 101ms
34ms XHR
application/javascript 65.9.71.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.71.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-71-118.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 22657
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Wed, 03 Aug 2022 03:37:47 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: dL_06btsVRXY9rZ6Us7HzFUD8G3f2cgDJ4JlEZtiqfC7HeLFzYaIJA==

POST
H2 200 auction Show response
c.deployads.com/openrtb2/ 63 B
256 B 225ms
131ms XHR
application/json 18.200.56.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.deployads.com/openrtb2/auction?src=prebid_prebid_3.21.0&host=www.lotterypost.com
Requested by: Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.200.56.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-200-56-14.eu-west-1.compute.amazonaws.com
Software: SortableCactus/1.0 /
Resource Hash: 3a9d4613d5e7ca0a2a7c463d92aa0c628c2516de5959a8e4df9f7d2142d35c39

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 09:55:23 GMT
server: SortableCactus/1.0
content-type: application/json
access-control-allow-origin: https://www.lotterypost.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 63

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
119 B 141ms
74ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.lotterypost.com
date: Wed, 03 Aug 2022 09:55:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
as-sec.casalemedia.com/ 37 B
647 B 169ms
105ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=341167&v=7.2&r=%7B%22id%22%3A%22132d572a59865d5%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221460f463dbf2bf2%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341167%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2215353200f122df7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341166%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216387208db68823%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22171a6bc02e579d5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218ec91519d1110c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341162%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lotterypost.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by: Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 969eb1fcbbd8890123a36099e90f910fc10e3bc564d99159026568b8cc6f8dea

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kChKXV%2FkZguMe8U8yzrYtTcx2SvBVDJ%2FYxNU6PnM4YbHuls2fz11JEmbBlka3CzoYOv6YEXY2q9eWoj0qNnFksoLdtcCVA5iKDAPeARti55YEdV4T1KGd8Nu%2Bs%2BplP2MXxlWvcZZ2oU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.lotterypost.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 734e2d65abae2074-AMS
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 611 B
1 KB 163ms
89ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0ae5cfc90f94322978144d7e2fbf9ebd7584bd21c131f292e3b7890eb5de50c1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 Aug 2022 09:55:23 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.153.101; 31.204.153.101; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5cd40ada-5413-42e8-8120-fc82cc8487ad
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.lotterypost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
750 B 118ms
57ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.21.0
Requested by: Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 8a877ca3b6188b5d5caaabd14d55a2bd472818d758811a2734a3d748ca649b58

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 03 Aug 2022 09:55:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.lotterypost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
459 B 108ms
50ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid
Requested by: Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9f45b4f7360b8ba6553c63f3c9eb0d348d283194d2b1bc3bf47c453f95b04443

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.lotterypost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 pubads_impl_2022072702.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
130 KB 133ms
33ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 08:59:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132574
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 20:59:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 03 Aug 2023 08:59:01 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 78 B
712 B 141ms
42ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lotterypost.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

cb0d16916d2a20be32eff31e1b57d433748e1321e3303c7ddc08d4d3333bd914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76
x-xss-protection: 0
expires: Wed, 03 Aug 2022 09:55:23 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/ 339 KB
119 KB 123ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0d490d7132b7f15524fa3c4ec41fb0de0ba0b75cf7a31e81298dc930fec9caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122270
x-xss-protection: 0
server: cafe
etag: 563259246845568123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Aug 2022 09:55:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/ Frame 89E1 10 KB
5 KB 105ms
32ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220728/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 45763
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Aug 2022 21:12:40 GMT
etag: 8616628553774171045
expires: Tue, 16 Aug 2022 21:12:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v49/ 17 KB
18 KB 104ms
32ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.lotterypost.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 21:06:05 GMT
x-content-type-options: nosniff
age: 132558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17908
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 21:06:05 GMT

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 100ms
32ms Script
text/javascript 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D86W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1275
date: Wed, 03 Aug 2022 09:34:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Wed, 03 Aug 2022 11:34:08 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 118 KB
30 KB 125ms
32ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
etag: "kVQ9bYjc9nNVTXISAKx8jA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 10 Aug 2022 09:55:23 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 98ms
33ms Image
image/gif 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=52616397&utmhn=www.lotterypost.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lottery%20Post&utmhid=692482377&utmr=-&utmp=%2F&utmht=1659520523304&utmac=UA-7096458-1&utmgtm=2wg811D86W&utmcc=__utma%3D130209170.2011165431.1659520523.1659520523.1659520523.1%3B%2B__utmz%3D130209170.1659520523.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1278845749&utmredir=3&utmu=qAAgAAAAAAAAAAAAAgAAAAAE~

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Aug 2022 09:55:23 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 155ms
43ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=www.lotterypost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 141ms
43ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 124 KB
17 KB 494ms
428ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3876547850538278&correlator=1008934839468577&eid=31068742&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=13070090%2CLP_728x90%2CLP_468x60%2CLP_300x250_Primary%2CLP_300x250_Secondary%2CLP_120x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C120x600&ifi=3&adks=167273885%2C4006668155%2C1304712773%2C2713855732%2C267450723&sfv=1-0-38&ecs=20220803&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7C%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7C&eri=5&cust_params=Device%3DComputer%26Content%3DAll%26Category%3DHome&sc=1&cookie_enabled=1&abxe=1&dt=1659520523350&dlt=1659520522710&idt=603&adxs=712%2C496%2C1140%2C1140%2C178&adys=10%2C566%2C194%2C1325%2C1309&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.lotterypost.com%2F&frm=20&vis=1&psz=1300x0%7C804x3509%7C300x3529%7C300x3529%7C157x1991&msz=728x-1%7C468x-1%7C300x-1%7C300x-1%7C120x-1&fws=4%2C0%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0%2C0&ga_vid=2011165431.1659520523&ga_sid=1659520523&ga_hid=692482377&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

68509a86ca02fb1db2b02e1a55332f5233e353bb84e93ab90e7de0c3ec4f2612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16891
x-xss-protection: 0
google-lineitem-id: -1,53163250,-1,-1,53163250
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,40851062050,-1,-1,40851056890
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.lotterypost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C298 6 KB
4 KB 166ms
42ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 09:55:23 GMT
expires: Thu, 03 Aug 2023 09:55:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
418 B 40ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.lotterypost.com&callback=_gfp_s_&client=ca-pub-3077964989149008

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

8419f240b1cc93918bc56558ed434c35ecc7b7c248ffc0dcb7b095a72ee63486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B38 430 B
229 B 322ms
255ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1659520523&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659520523126&bpp=4&bdt=416&idt=239&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&correlator=6394051221892&frm=20&pv=2&ga_vid=2011165431.1659520523&ga_sid=1659520523&ga_hid=692482377&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=328&ady=3221&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44760911&oid=2&pvsid=3876547850538278&tmod=958379609&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=faEFeepmq3&p=https%3A//www.lotterypost.com&dtd=253

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7951b66bb1f911c91e59d373abc395a15907767e2c9b38db0afc0f941f6592c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 09:55:23 GMT
expires: Wed, 03 Aug 2022 09:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 07C6 0
19 B 100ms
44ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1659520523&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659520523141&bpp=2&bdt=430&idt=244&shv=r20220728&mjsv=m202207280101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=6394051221892&frm=20&pv=1&ga_vid=2011165431.1659520523&ga_sid=1659520523&ga_hid=692482377&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506%2C44760911&oid=2&pvsid=3876547850538278&tmod=958379609&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=250

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 09:55:23 GMT
expires: Wed, 03 Aug 2022 09:55:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-7alUP9zu-TfBA.js Show response
rules.quantcount.com/ 3 B
455 B 122ms
37ms Script
application/javascript 2600:9000:206f:a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-7alUP9zu-TfBA.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 05:39:56 GMT
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
age: 15328
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:09:04 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: XE0PW1kmfDkWSBoumkmWy9Gsa2-Dwd6ASMOdwuTDRoUxrddjKy2lzg==

GET
H2 200 pixel;r=282069931;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-1524830970-1659520523526;pbc=;ns=0;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;ref=;d=lott...
pixel.quantserve.com/ 35 B
371 B 47ms
37ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=282069931;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-1524830970-1659520523526;pbc=;ns=0;ce=1;qjs=1;qv=40d1d9f5-20220725143430;cm=;gdpr=0;ref=;d=lotterypost.com;dst=0;et=1659520523526;tzo=0;ogl=image.https%3A%2F%2Flp%252Evg%2Fimages%2Flp_icon_310%252Epng%2Cimage%3Awidth.310%2Cimage%3Aheight.310%2Cimage%3Aalt.Lottery%20Post

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 09:55:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 113ms
47ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10bfbad6a6c1ffa9bb88c2f7a2de0405eb8172b51426dbdd4b8e9766bec8fa6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10745
x-xss-protection: 0

POST
H2 200 rum Show response
cloudflareinsights.com/cdn-cgi/ 0
77 B 62ms
61ms XHR
text/plain 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Wed, 03 Aug 2022 09:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.lotterypost.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 734e2d6a7833b719-AMS
vary: Origin

OPTIONS
H2 200 rum
cloudflareinsights.com/cdn-cgi/ Frame 0
0 143ms
75ms Preflight
text/plain 2606:4700:440e::6812:2fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cloudflareinsights.com/cdn-cgi/rum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.lotterypost.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.lotterypost.com
access-control-max-age: 86400
cf-ray: 734e2d6a0f76b719-AMS
content-encoding: gzip
content-type: text/plain
date: Wed, 03 Aug 2022 09:55:23 GMT
server: cloudflare
vary: Origin
x-content-type-options: nosniff
x-frame-options: DENY

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 141ms
45ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 09:55:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 73ms
73ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssarxlbd3-5gq7Ropdfu9yNFh6hcWWqWEpqk-aOZQWrc9jsxkHy2Jj3dUhczBT7IGo8zWxZOsFduJJBPjokUka7UuCWJlIc5LqC3Bs2FTnPZHp9RJAyWJGIvEEfrmVHyk4ZgDOPoryFxeZF09zqHKn7TLDn4hhtdN1bmR1adyZAXVhIGuYr2j0qDnrgYB5KapEInO_MegCxT4TZWdd8W-zmKN2OFYtlIHU_GNMeIjzQHmtkRTkw8z5j6bmLsHa8Mbf4lajmW1Cz8CDuw07BJH6cHvTHcGvsZM4Nf1ovknt6bqlUy_u1lFTSZn1_cGy2mVRQoNU&sai=AMfl-YROj1Ra59FbioJVqbMe85-VF2LjReiGq2kt9rxQVvrP_v8N1GDMdJIdNNnm7TvKiuP41CW_sK9_XUSk2gnqV_anNF0yn1Ipsh5aFKKGc_6F6clMZoUfqIWNJLCO8vg&sig=Cg0ArKJSzBSriGjbGTtlEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.lotterypost.com
URL: https://www.lotterypost.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 03 Aug 2022 09:55:23 GMT

GET
H2 200 playthebig.widget.ifr Show response
wm.thelotter.com/ Frame 768A 1 KB
2 KB 143ms
47ms Document
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wm.thelotter.com/playthebig.widget.ifr?langref=1&theme=four_six_eight_on_six_zero|v2&targeturl=&clickURL=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3a%2f%2flp.vg%2fpartner%2fbiggest&dateformat=ddd,+MMM+D,+YYYY&v=20160907

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

c61e60e8b379bf346d917388a2b15d518a08c69d13c31cc7f5b9fbda892104e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=7200
content-encoding: gzip
content-length: 1193
content-type: text/html; charset=UTF-8
date: Wed, 03 Aug 2022 09:55:24 GMT
expires: Wed, 03 Aug 2022 11:55:24 GMT
last-modified: Wed, 03 Aug 2022 09:55:24 GMT
server: Microsoft-IIS/8.5
server-name: simba6
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,Accept-Encoding
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-iinfo: 14-142993888-142993907 NNNY CT(8 28 0) RT(1659520523885 38) q(0 0 0 2) r(0 0) U12
x-powered-by: ASP.NET

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 139 KB
43 KB 120ms
50ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43813
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659353321385471"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 09:55:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D7B8 13 KB
5 KB 102ms
33ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 09:22:06 GMT
expires: Thu, 03 Aug 2023 09:22:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CD50 783 B
1 KB 116ms
42ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1d37a265fdef7b2c2f86d046db1f21fc8e439b75506f2ecb4fc02dc203474f8c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fSF3HukaRkXTkFA8xCrkJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.lotterypost.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-fSF3HukaRkXTkFA8xCrkJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 Aug 2022 09:55:24 GMT
expires: Wed, 03 Aug 2022 09:55:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ Frame 768A 92 KB
33 KB 99ms
34ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: wm.thelotter.com
URL: https://wm.thelotter.com/playthebig.widget.ifr?langref=1&theme=four_six_eight_on_six_zero|v2&targeturl=&clickURL=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3a%2f%2flp.vg%2fpartner%2fbiggest&dateformat=ddd,+MMM+D,+YYYY&v=20160907

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wm.thelotter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 07:50:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33333
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 07:50:46 GMT

GET
H2 200 playthebig.widget.js Show response
wm.thelotter.com/ Frame 768A 102 KB
39 KB 63ms
63ms Script
text/javascript 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wm.thelotter.com/playthebig.widget.js?v=20220801075517

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

09ba27a7159be0401e66e97f19f32b107ee814a051d3800ffcef1308a796ef8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wm.thelotter.com/playthebig.widget.ifr?langref=1&theme=four_six_eight_on_six_zero|v2&targeturl=&clickURL=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3a%2f%2flp.vg%2fpartner%2fbiggest&dateformat=ddd,+MMM+D,+YYYY&v=20160907
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cdn: Imperva
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-iinfo: 14-142993888-142993907 PNNy RT(1659520523885 109) q(0 0 0 -1) r(1 1) U2
server-name: simba6
content-length: 40088
last-modified: Wed, 22 Jun 2022 08:22:01 GMT
server: Microsoft-IIS/8.5
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=7200
expires: Wed, 22 Jun 2022 10:22:01 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 133ms
69ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx_ZV-RBx7Gh8gGCHViaXVVs5OTOIylc6pPsT64DEMiSjJCWGajPEDoI6-_n48Wuf-PjbY4FC_KiTQuf3BdxGdc0k7r_BZFdsvpWm2ws49s1HrgWd-8MTv4MOh-6MpKndWtwXEKxSZ9fcCX-3jnlCSTNncEvBRkJ4cOJJFT-AgdBYKX1o5SSmpeEhXGHOrm1FkIzo2-oUtDQARPfiSFmwlWjOJm7DjVK1BKrmmE2y98YV6jUQZaKbSPuHjMbTuJkmVwnTgprhx2wX1MlNFoyMbR8dMmgIQqcDxvQiyfeAnQtv2u5fp5F_xGT8eN7oL0Oz1snHBJw&sai=AMfl-YS_WY7GSSfh2nPwe2zBHYXjKipIZdBOcDaTj-ch9PmxNsYAnPbBUXgy4wzWdjjAk_FY98Bo5VbXcPY6umIDmVzjWySomzp_z5gqJ1-BrN3ygZsaJ4g4xSQE1ta6bAc&sig=Cg0ArKJSzPo-7WXdGbcPEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 03 Aug 2022 09:55:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 03 Aug 2022 09:55:24 GMT

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad43674ed9896accbd910d081e64c7d0610681814225fb41caf5fc76476a9c97

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js Show response
pagead2.googlesyndication.com/bg/ Frame D7B8 36 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4JAIKwid8f35vx5JMDPHWQJTURDOey7UpTPwaznZUPM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 12:48:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 162442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13903
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 12:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 01 Aug 2023 12:48:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CD50 0
0 65ms
65ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072702&jk=3876547850538278&rc=
Requested by: Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D7B8 0
9 B 32ms
32ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?tZR5Eg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 GetTheBigDraw.ashx Show response
wm.thelotter.com/HttpHandlers/ Frame 768A 2 KB
2 KB 75ms
73ms XHR
text/plain 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://wm.thelotter.com/HttpHandlers/GetTheBigDraw.ashx?callback=jQuery17104300546855178813_1659520524208&affiliateid=&subaffiliateid=&clickurl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3A%2F%2Flp.vg%2Fpartner%2Fbiggest&dateformat=ddd%2C+MMM+D%2C+YYYY&theme=four_six_eight_on_six_zero%7Cv2&langref=1&targetUrl=&subsiteref=&countrycode=&statecode=&_=1659520524724

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

7d7f7c6367dd0c02b1a2fa94f5f384ca852ed31267d2c979ecacbc42b58c22fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://wm.thelotter.com/playthebig.widget.ifr?langref=1&theme=four_six_eight_on_six_zero|v2&targeturl=&clickURL=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsthI6x_Sr684CqqxTq7OoOBSuaYHRgKPfxeSPRedepcgi-BVIEH9A9g-tOkb10UoBDsvNfAhWKHZ4jHGlHqJzotB0m9inUxz_M7OaAPbOtzrwQErkkfhw2huo_RuZJagHEvyoVXWMxIFa_GmIMO4TqBwNPOjsb5JlTwMXPcVu-PQYF1bKMMjNeqAFuJs8OjPJHZ2zODZhyg566SK2JwFzdHF6rE4P1V7oZG7KFOtAbr2DE1_LHlb_B1i7qMRqS5-920Cl87Kcgol2knRDS0Kip-PK5YTBRWA3qkVQp_XWXvajEbzMwFTiqo2fonUojF_wQ%2526sai%253DAMfl-YT8du3gJsWkr7ZWJnwP71Y8U7eOU-_uF7M-kJy4WvUevYzyBpi1CwWbs1ZmQkB3dn2kBvSy43RRqGgOkP0pCQl5y-UQCpZS4B73a8qJ6BL3gM2Vnny8joYyxcW0agg%2526sig%253DCg0ArKJSzOGoSgUJSeE0EAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253Dhttps%3a%2f%2flp.vg%2fpartner%2fbiggest&dateformat=ddd,+MMM+D,+YYYY&v=20160907
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-iinfo: 14-142993888-142993907 PNNy RT(1659520523885 757) q(0 0 0 -1) r(0 0) U2
cache-control: private
server-name: simba6
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1621
x-cdn: Imperva

GET
H2 200 loader_red.gif
s10.thelotter.com//images/ Frame 768A 3 KB
3 KB 64ms
35ms Image
image/gif 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s10.thelotter.com//images/loader_red.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

04f5079f0b3a6503d69054897aeff17fa1e049fc2c74a288d541ceae5ae2c246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wm.thelotter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
last-modified: Wed, 22 Jun 2022 08:22:01 GMT
x-cdn: Imperva
etag: "a27092251186d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-origin: *
x-iinfo: 14-142993888-0 0CNN RT(1659520523885 784) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=31536000, public
content-length: 2962
expires: Thu, 03 Aug 2023 09:55:24 GMT

GET
H2 200 four_six_eight_on_six_zero.css
s10.thelotter.com/Widgets/PlayTheBig/Themes/v2/css/ Frame 768A 3 KB
945 B 48ms
47ms Stylesheet
text/css 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://s10.thelotter.com/Widgets/PlayTheBig/Themes/v2/css/four_six_eight_on_six_zero.css?v=20220801075516

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

f1c61a81411fa80ce289b5b26869938ee0b744943727f96d98e58d13092ad11e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wm.thelotter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 08:22:01 GMT
x-cdn: Imperva
etag: "801a8d251186d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/css
access-control-allow-origin: *
x-iinfo: 14-142993888-0 0CNN RT(1659520523885 850) q(0 -1 -1 -1) r(0 -1)
content-length: 836

GET
H2 200 PlayTheBigv2View.html Show response
s10.thelotter.com/Widgets/PlayTheBig/ Frame 768A 2 KB
1 KB 162ms
94ms XHR
text/html 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://s10.thelotter.com/Widgets/PlayTheBig/PlayTheBigv2View.html?v=20220801075517

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

865025e40f5cb08d46525d5f8b6d864a2a6eb0e5c86c79a15b3ba8b27cfd5f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Referer: https://wm.thelotter.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2022 08:22:01 GMT
x-cdn: Imperva
etag: "a1e9b8251186d81:0"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html
access-control-allow-origin: *
x-iinfo: 11-81019822-0 0CNN RT(1659520524750 89) q(0 -1 -1 10) r(0 -1)
cache-control: max-age=31536000, public
content-length: 708
expires: Thu, 03 Aug 2023 09:55:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072702&jk=3876547850538278&bg=!zc6lzorNAAacadVKvGk7ACkAdvg8WnOtd8gEVSOdx-x4wH-aVZyXzcsQwf9TdO-kgZLE0MR54jUubQIAAABBUgAAAAloAQcKAMAGhn9IP6Z_5BzgWO44bOLbdvCrvd3CkwFjoSgn2H2Nj031gGxp0hBfmsAmLgDrSDJlHrJl9yUF1I5ld3AQ4NcZ2LwlwjtK5oAqZ64eZ7RNmAjp5IEenvKGOVHvLiEOLmZy8INoUFM_yap47gGKAwqYFhnotQu71wjwQ4RN7xaSG5sE2ARjx1WUxUTN2tI0Ln-7KeFHURgGBUmFq_lZziGpCB-ROkZYI-1kOubE9f1TU2nauPjszMsKP-AMdSSVY0iZAsp4AS9jKOd_6H8Ern0TFRP-P6Cl49ukLP4PpiFu2xV5ON-CDkW8PAVQLZTkpHAhdVWk7hyGwQRfYUEJsKsXjzn5ZIMDKxjeqikI1OP9sTDRicsWLM4RJcy-hBb2H8XIbIZ7eJ22TXkaZAae_b7TN3tuKWDH_dqme9X46Rf7nZxEOswRESr4s1tom6nGtN7n_nQulhmNYmVFyE27NpPRo2ATuz_TBsd_POc7GwhwCPcnAPzmDmYGdKuD1Ydiw6Ibpt6qHNwWTrdenkGzOPoSdC3bjMALwScmb9PczpCtVEqNT-6DatKXYLI6Q2rtX3UF1WOETCtLcW4eylhJaYk8cAT8DVPec1VOqwHzPpnkuXmCpAaV-GwWGtOOgpzM6L-nB-QXjnCuMbFOV54klTpROpzEF_WFlzBnK9qW18rhJLqDkdbRIN3k6eWcQ_8twkY2HNiXPo9oItVX_Nm5dM6B7w5fGrP9DLPdSk63Q8gz20c7ToObx0FzHSdrM07pBuPhQWE7i7hLrpnqBzFHPQNjHCTaareS06L-fB2mD9RTgNlsusqRgIFMwZbjuzrOTtTp6CcI72l6_7vupMy-jBFxmr-pWImlznBSqusj3T3a2aCd7XHjQEqBQWHaxWZRV43GDBGukZO2-EjuAfL57y8jAxOJMUPmCbaNEbOG7JCNtktjHqCQaV6a3rZpNwlfIC86voqw_2wp6nebes3P_yOF6lpNmUock1YOxr_D7sgBP5Pjf-CkK6wnbrYpGcrfwcsHJ8vBXTqEoe90jPFIMSEZyc_JVOzvaX4tnCNPX5IAvOWyC1tafYEwmIdzrnctduGnKULhT125HP0bc2Ka5urdEtqOXFJyXWvvZ4YJWTJmrt6zT7unCyJv5zMKa-5Kd_MGnr_2qROLBbRmE37VJorcVam4axzeAGChQtF4mXZnXoRAA-IrUtQW3qmF5Hk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 200 dm.tlo
www.thelotter.com/objects/ Frame 768A 3 KB
3 KB 63ms
34ms Image
image/png 107.154.132.27
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thelotter.com/objects/dm.tlo?id=807&v=20220726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.132.27 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.132.27.ip.incapdns.net

Software

Resource Hash

11d4952ec4b578022891752fbf80af95c8800b5beb8af8c031fe71490438cc64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://wm.thelotter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 09:55:24 GMT
last-modified: Tue, 26 Jul 2022 06:38:26 GMT
x-cdn: Imperva
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
x-iinfo: 14-142993888-0 0CNN RT(1659520523885 1064) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=31536000, public
content-length: 2583
expires: Thu, 03 Aug 2023 09:55:24 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuD8LuLgWw-qzy8VD0zocFmgnhsm_VLFF3KyDi9yYIaZ5O3QpfkuS35QhbLXI2d-3LgPBLa04J0Mhlhm0QTGquVQiB0weHGCsD6iC3LNok6-Y_PJJnf&sig=Cg0ArKJSzIOrwzTCzgXvEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=4006668155&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659520522028&rpt=2081&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.lotterypost.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Aug 2022 09:55:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.lotterypost.com/	1970-01-20 13:44:16	Name: g Value: a=44776.2397309143&b=44776.260678206&c=%2f&d=
.lotterypost.com/	1970-01-20 13:44:16	Name: f Value: a=44776.2467893171
www.lotterypost.com/	1970-01-20 13:44:20	Name: tz Value: 1
www.lotterypost.com/	1969-12-31 23:59:59	Name: ASP_Session Value: QUBTACTD/BECMPOLAAEJDECDMNPHAIFDA
.lotterypost.com/	1970-01-20 04:58:42	Name: __cf_bm Value: YzZup2eUDuUvRi5JxzTpkKreipZ_aUF1Iho0QbF._jw-1659520523-0-AV3kxwzihrzxmrt9Uj+cTv4Hm/E76CjszMKBGHGmrDAc7/qMtvL6kxaSUqw4lIlfRVD7Zp7WZMAMQ4hkV9XCLuQ=
.adnxs.com/	1970-01-20 07:08:16	Name: icu Value: ChgIvtpWEAoYASABKAEwi4yplwY4AUABSAEQi4yplwYYAA..
.adnxs.com/	1970-01-20 07:08:16	Name: uuid2 Value: 1517196207147193278
.lotterypost.com/	1970-01-20 14:34:40	Name: __utma Value: 130209170.2011165431.1659520523.1659520523.1659520523.1
.lotterypost.com/	1969-12-31 23:59:59	Name: __utmc Value: 130209170
.lotterypost.com/	1970-01-20 09:21:28	Name: __utmz Value: 130209170.1659520523.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.lotterypost.com/	1970-01-20 04:58:41	Name: __utmt_UA-7096458-1 Value: 1
.lotterypost.com/	1970-01-20 04:58:42	Name: __utmb Value: 130209170.1.10.1659520523
.quantserve.com/	1970-01-20 14:28:54	Name: mc Value: 62ea460b-8a528-3fa71-408e8
.lotterypost.com/	1970-01-20 14:23:09	Name: __qca Value: P0-1524830970-1659520523526
.lotterypost.com/	1970-01-20 14:20:16	Name: __gads Value: ID=791c6eeb72873edf-221fa423e4cd00a1:T=1659520523:S=ALNI_MYkPePa92v7nd-9B_G_ai7RKWj9iQ
.doubleclick.net/	1970-01-20 14:20:16	Name: IDE Value: AHWqTUlT1ZXhV6lrHqZ3NTfy7Qi83vH-WoAHqVembAJIy1chIHL7oSPaYCmXYPwXFAI
.thelotter.com/	1970-01-20 13:43:34	Name: visid_incap_1073201 Value: j2VvyPnSSMS6OzqmEddAggtG6mIAAAAAQUIPAAAAAABw+3pCaK6rXIlpofE0I2oH
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_1368_1073201 Value: nfwZOzEfngh+pnegOR38EgtG6mIAAAAApJ6h4PdiqF75UgK3WB5/iw==
.thelotter.com/	1970-01-20 13:43:34	Name: visid_incap_1066313 Value: R0XcAcgDS9GCBlkwws00gwxG6mIAAAAAQUIPAAAAAAAQZfZPGH+dfxrhw/EyydK+
.thelotter.com/	1969-12-31 23:59:59	Name: incap_ses_1368_1066313 Value: 4x2ENYBa7RnEp3egOR38EgxG6mIAAAAAYe75B3lPl9yROUZzE1T/DA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.nl
ajax.googleapis.com
ap.lijit.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.deployads.com
cloudflareinsights.com
fbcd77ae77b1a9ffe90f5e127e630faf.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
lp.vg
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid.media.net
rules.quantcount.com
s10.thelotter.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
tpc.googlesyndication.com
wm.thelotter.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lotterypost.com
www.thelotter.com
104.18.18.126
107.154.132.27
142.250.74.194
18.200.56.14
185.64.189.112
216.52.2.19
2600:9000:206f:a00:6:44e3:f8c0:93a1
2606:4700:440e::6812:2fe6
2606:4700:440e::ac40:9c1a
2606:4700::6812:13ad
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:806::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9d
2a06:98c1:3121::3
34.107.148.139
37.252.172.249
65.9.71.118
04f5079f0b3a6503d69054897aeff17fa1e049fc2c74a288d541ceae5ae2c246
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09ba27a7159be0401e66e97f19f32b107ee814a051d3800ffcef1308a796ef8c
0ae5cfc90f94322978144d7e2fbf9ebd7584bd21c131f292e3b7890eb5de50c1
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74
0f3b8cff9b502d16c0ddf6aef90173944d33fd5ff55956643f90d2b17a510426
10bfbad6a6c1ffa9bb88c2f7a2de0405eb8172b51426dbdd4b8e9766bec8fa6d
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
11d4952ec4b578022891752fbf80af95c8800b5beb8af8c031fe71490438cc64
1d37a265fdef7b2c2f86d046db1f21fc8e439b75506f2ecb4fc02dc203474f8c
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96
3a9d4613d5e7ca0a2a7c463d92aa0c628c2516de5959a8e4df9f7d2142d35c39
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67596f497ba9670488a07493b079a6c8d32fb1714209db992e1e32a99c4dffe5
68509a86ca02fb1db2b02e1a55332f5233e353bb84e93ab90e7de0c3ec4f2612
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7951b66bb1f911c91e59d373abc395a15907767e2c9b38db0afc0f941f6592c4
7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97
7d7f7c6367dd0c02b1a2fa94f5f384ca852ed31267d2c979ecacbc42b58c22fd
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8419f240b1cc93918bc56558ed434c35ecc7b7c248ffc0dcb7b095a72ee63486
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb
865025e40f5cb08d46525d5f8b6d864a2a6eb0e5c86c79a15b3ba8b27cfd5f44
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8a877ca3b6188b5d5caaabd14d55a2bd472818d758811a2734a3d748ca649b58
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
969eb1fcbbd8890123a36099e90f910fc10e3bc564d99159026568b8cc6f8dea
98b9658471eee87c8a28053880a5ad2a568878b617277048a1947b5e50882e89
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e
9f45b4f7360b8ba6553c63f3c9eb0d348d283194d2b1bc3bf47c453f95b04443
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa
ad43674ed9896accbd910d081e64c7d0610681814225fb41caf5fc76476a9c97
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
ba964a085a65e5d05e84d3f65ef1a3cbc7e16ee4d76fe2afd519470a6d03e109
bb7c062c888fd8e0cba0276d802a7312444e2d835381337e49a83b8ae2311333
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5
c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98
c2a4c09cfaf6a44e33051b3e64f381ef84cb9bdfc277600be7fb7cfcff6daaef
c61e60e8b379bf346d917388a2b15d518a08c69d13c31cc7f5b9fbda892104e9
c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb0d16916d2a20be32eff31e1b57d433748e1321e3303c7ddc08d4d3333bd914
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1
ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d
d0d490d7132b7f15524fa3c4ec41fb0de0ba0b75cf7a31e81298dc930fec9caa
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
d60f6f17937b8ed0a18321076438f53d6bb0d62879d42d3832bd50aa7e91e18d
d8543b5dcaea1fc4a0301dc12b5b2adc9079e0794dd6a45879588fb844f3438e
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e090082b089df1fdf9bf1e493033c75902535110ce7b2ed4a533f06b39d950f3
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef46093fc7cf6e2204d8384a26a1f0d34fd5b519b214e035215511cd1766c45f
f1c61a81411fa80ce289b5b26869938ee0b744943727f96d98e58d13092ad11e
f76d9c322a43c5c18deba7f3c8271af53dacda9b32d2b0dc39c29d943473b576
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.lotterypost.com Open in urlscan Pro 2606:4700::6812:13ad Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

68 %IPv6

22 Domains

32 Subdomains

29 IPs

6 Countries

1257 kBTransfer

2884 kBSize

20 Cookies

0 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.lotterypost.com Open in urlscan Pro
2606:4700::6812:13ad Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

68 %
IPv6

22
Domains

32
Subdomains

29
IPs

6
Countries

1257 kB
Transfer

2884 kB
Size

20
Cookies

84 HTTP transactions
5 data transactions