www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://valottery.com/
Effective URL:
https://www.valottery.com/
Submission Tags: falconsandbox
Submission: On September 21 via api (September 21st 2021, 3:46:55 pm UTC) from US — Scanned from DE

Summary HTTP 219 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 49 IPs in 6 countries across 44 domains to perform 219 HTTP transactions. The main IP is 52.168.86.34, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is www.valottery.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 17th 2021. Valid for: a year.

This is the only time www.valottery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
47 111	52.168.86.34 52.168.86.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
6	13.107.213.45 13.107.213.45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	8.43.82.17 8.43.82.17	394729 (NPIASN) (NPIASN)
2	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
34	93.184.221.168 93.184.221.168	15133 (EDGECAST) (EDGECAST)
1	142.250.184.202 142.250.184.202	15169 (GOOGLE) (GOOGLE)
3	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
8	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	18.66.130.11 18.66.130.11	16509 (AMAZON-02) (AMAZON-02)
3	151.101.2.65 151.101.2.65	54113 (FASTLY) (FASTLY)
2 6	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
3	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
4	143.204.98.35 143.204.98.35	16509 (AMAZON-02) (AMAZON-02)
2	185.60.216.19 185.60.216.19	32934 (FACEBOOK) (FACEBOOK)
1	104.21.89.178 104.21.89.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.14.109 151.101.14.109	54113 (FASTLY) (FASTLY)
2	104.18.7.244 104.18.7.244	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.12.251 104.18.12.251	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	54.72.92.6 54.72.92.6	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
2	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	18.194.150.131 18.194.150.131	16509 (AMAZON-02) (AMAZON-02)
3	34.247.115.39 34.247.115.39	16509 (AMAZON-02) (AMAZON-02)
2 2	104.18.11.79 104.18.11.79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
1	13.32.121.126 13.32.121.126	16509 (AMAZON-02) (AMAZON-02)
2	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
2	34.192.56.19 34.192.56.19	14618 (AMAZON-AES) (AMAZON-AES)
1	169.50.137.179 169.50.137.179	36351 (SOFTLAYER) (SOFTLAYER)
16 22	169.50.137.190 169.50.137.190	36351 (SOFTLAYER) (SOFTLAYER)
1	34.199.218.203 34.199.218.203	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
1	18.66.173.29 18.66.173.29	16509 (AMAZON-02) (AMAZON-02)
2 2	107.178.240.89 107.178.240.89	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	34.192.117.147 34.192.117.147	14618 (AMAZON-AES) (AMAZON-AES)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.209.129.133 52.209.129.133	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
2 2	104.18.12.5 104.18.12.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	162.247.243.148 162.247.243.148	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	8.43.83.18 8.43.83.18	394729 (NPIASN) (NPIASN)
3	93.184.220.43 93.184.220.43	15133 (EDGECAST) (EDGECAST)
219	49

111 52.168.86.34 (Washington, United States) 47 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.107.213.45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videocdn.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.43.82.17 (United States)

ASN394729 (NPIASN, US)

gamesrv1.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 93.184.221.168 (London, United Kingdom)

ASN15133 (EDGECAST, US)

download.gamesrv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.130.11 (United States)

ASN16509 (AMAZON-02, US)

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.65 (United States)

ASN54113 (FASTLY, US)

www.zmbl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.198 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

8930728.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6528888.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-35.fra50.r.cloudfront.net

gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.89.178 (None, )

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extend.vimeocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.7.244 (None, )

ASN13335 (CLOUDFLARENET, US)

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.251 (None, )

ASN13335 (CLOUDFLARENET, US)

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.72.92.6 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

content.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-aeui1.uplynk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.150.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-150-131.eu-central-1.compute.amazonaws.com

77148.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.247.115.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-115-39.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.79 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

action.dstillery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
action.media6degrees.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.13.5 (None, )

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-126.fra60.r.cloudfront.net

tag.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.36 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.56.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-56-19.compute-1.amazonaws.com

pixel.mtrcs.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.179 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b3.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.190 (United States) 16 redirects

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.218.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-218-203.compute-1.amazonaws.com

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.173.29 (United States)

ASN16509 (AMAZON-02, US)

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.89 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 89.240.178.107.bc.googleusercontent.com

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.117.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-117-147.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.129.133 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.12.5 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 162.247.243.148 (United States)

ASN13335 (CLOUDFLARENET, US)

insights-collector.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.83.18 (United States)

ASN394729 (NPIASN, US)

info.valottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)

mediacdn.espssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
128	valottery.com 47 redirects valottery.com www.valottery.com cdn.valottery.com gamesrv1.valottery.com info.valottery.com videocdn.valottery.com	2 MB
34	gamesrv1.com download.gamesrv1.com	2 MB
25	simpli.fi 16 redirects tag.simpli.fi i.simpli.fi um.simpli.fi	18 KB
12	newrelic.com insights-collector.newrelic.com	3 KB
10	doubleclick.net 5 redirects 8930728.fls.doubleclick.net 6528888.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	5 KB
8	gstatic.com fonts.gstatic.com	138 KB
5	uplynk.com content.uplynk.com content-aeui1.uplynk.com	4 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	tribalfusion.com 2 redirects a.tribalfusion.com s.tribalfusion.com	5 KB
4	google.com 2 redirects www.google.com adservice.google.com	1 KB
4	foresee.com gateway.foresee.com	82 KB
4	listrakbi.com cdn.listrakbi.com s1.listrakbi.com m1.listrakbi.com	64 KB
3	espssl.com mediacdn.espssl.com	62 KB
3	samba.tv tag.mtrcs.samba.tv pixel.mtrcs.samba.tv	5 KB
3	adsrvr.org insight.adsrvr.org	781 B
3	google-analytics.com www.google-analytics.com	20 KB
3	zmbl.co www.zmbl.co	24 KB
3	googletagmanager.com www.googletagmanager.com	179 KB
2	openx.net 1 redirects us-u.openx.net	481 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	1 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	rlcdn.com idsync.rlcdn.com	108 B
2	pro-market.net 2 redirects fei.pro-market.net	824 B
2	tapad.com 1 redirects pixel.tapad.com	889 B
2	facebook.com www.facebook.com	403 B
2	facebook.net connect.facebook.net	114 KB
2	jquery.com code.jquery.com	97 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	googleadservices.com 1 redirects www.googleadservices.com	648 B
1	lijit.com ce.lijit.com	348 B
1	bluekai.com stags.bluekai.com	745 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	agkn.com 1 redirects aa.agkn.com	319 B
1	tremorhub.com simplifi.partners.tremorhub.com	183 B
1	media6degrees.com 1 redirects action.media6degrees.com	525 B
1	dstillery.com 1 redirects action.dstillery.com	296 B
1	siteimproveanalytics.io 77148.global.siteimproveanalytics.io	650 B
1	listrak.com services.listrak.com	3 KB
1	vimeocdn.com extend.vimeocdn.com	6 KB
1	siteimproveanalytics.com siteimproveanalytics.com	9 KB
219	44

	Domain	Requested by
110	www.valottery.com	46 redirects www.valottery.com cdn.valottery.com
34	download.gamesrv1.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
22	um.simpli.fi	16 redirects 8930728.fls.doubleclick.net
12	insights-collector.newrelic.com	download.gamesrv1.com
10	gamesrv1.valottery.com	www.valottery.com gamesrv1.valottery.com download.gamesrv1.com
8	fonts.gstatic.com	fonts.googleapis.com
5	cdn.valottery.com	www.valottery.com
4	ib.adnxs.com	2 redirects 8930728.fls.doubleclick.net
4	content-aeui1.uplynk.com	cdn.valottery.com
4	gateway.foresee.com	www.valottery.com gateway.foresee.com
4	fonts.googleapis.com	www.valottery.com download.gamesrv1.com client
3	mediacdn.espssl.com	ajax.googleapis.com mediacdn.espssl.com
3	insight.adsrvr.org	6528888.fls.doubleclick.net 8930728.fls.doubleclick.net
3	6528888.fls.doubleclick.net	1 redirects www.googletagmanager.com 6528888.fls.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.valottery.com
3	8930728.fls.doubleclick.net	1 redirects www.googletagmanager.com 8930728.fls.doubleclick.net
3	www.zmbl.co	www.valottery.com www.zmbl.co
3	www.googletagmanager.com	www.valottery.com www.googletagmanager.com download.gamesrv1.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects 8930728.fls.doubleclick.net
2	sync.search.spotxchange.com	1 redirects 8930728.fls.doubleclick.net
2	bcp.crwdcntrl.net	1 redirects 8930728.fls.doubleclick.net
2	loadm.exelator.com	1 redirects 8930728.fls.doubleclick.net
2	idsync.rlcdn.com	8930728.fls.doubleclick.net
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects 8930728.fls.doubleclick.net
2	s.tribalfusion.com	1 redirects a.tribalfusion.com
2	pixel.mtrcs.samba.tv	tag.mtrcs.samba.tv 8930728.fls.doubleclick.net
2	www.facebook.com	www.valottery.com
2	tag.simpli.fi	8930728.fls.doubleclick.net
2	a.tribalfusion.com	1 redirects 8930728.fls.doubleclick.net
2	adservice.google.com	2 redirects
2	www.google.com	www.valottery.com 8930728.fls.doubleclick.net
2	connect.facebook.net	www.valottery.com connect.facebook.net
2	cdn.listrakbi.com	www.valottery.com cdn.listrakbi.com
2	code.jquery.com	www.valottery.com
2	maxcdn.bootstrapcdn.com	www.valottery.com maxcdn.bootstrapcdn.com
1	m1.listrakbi.com	cdn.listrakbi.com
1	videocdn.valottery.com
1	info.valottery.com	download.gamesrv1.com
1	pixel.rubiconproject.com	8930728.fls.doubleclick.net
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	ce.lijit.com	8930728.fls.doubleclick.net
1	stags.bluekai.com	8930728.fls.doubleclick.net
1	sync.bfmio.com	8930728.fls.doubleclick.net
1	sync.intentiq.com	8930728.fls.doubleclick.net
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	8930728.fls.doubleclick.net
1	i.simpli.fi	tag.simpli.fi
1	tag.mtrcs.samba.tv	8930728.fls.doubleclick.net
1	action.media6degrees.com	1 redirects
1	action.dstillery.com	1 redirects
1	77148.global.siteimproveanalytics.io	www.valottery.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	content.uplynk.com	cdn.valottery.com
1	services.listrak.com	cdn.listrakbi.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	extend.vimeocdn.com	www.valottery.com
1	siteimproveanalytics.com	www.valottery.com
1	ajax.googleapis.com	www.valottery.com
1	valottery.com	1 redirects
219	62

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
www.linkedin.com
www.instagram.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
www.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-17` - `2022-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-30` - `2021-11-22`	3 months	crt.sh
cdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-03` - `2022-01-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.valottery.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-21` - `2022-02-21`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
s3.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2021-09-18` - `2022-08-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.listrakbi.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.zmbl.co COMODO RSA Domain Validation Secure Server CA	`2020-05-11` - `2022-02-21`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
foresee.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.vimeocdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-18` - `2022-06-19`	a year	crt.sh
listrakbi.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
listrak.com Cloudflare Inc ECC CA-3	`2021-08-09` - `2022-08-08`	a year	crt.sh
*.uplynk.com Amazon	`2021-08-19` - `2022-09-17`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.global.siteimproveanalytics.io DigiCert SHA2 Secure Server CA	`2020-03-30` - `2022-04-04`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.samba.tv Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.tapad.com DigiCert SHA2 Secure Server CA	`2020-10-05` - `2021-11-06`	a year	crt.sh
*.intentiq.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.bfmio.com Amazon	`2021-05-16` - `2022-06-14`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.newrelic.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-26` - `2022-03-29`	a year	crt.sh
s3.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-10-30` - `2021-11-30`	a year	crt.sh
videocdn.valottery.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-30` - `2022-07-30`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.valottery.com/
Frame ID: 10A2A9233D9D05278377104F5245F136
Requests: 157 HTTP requests in this frame

Frame: https://www.valottery.com/live_draw_show/index.html
Frame ID: C4AB9A256A172EAD9ED4F8A14A21C62C
Requests: 12 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 41114BC5F322B53F9846401F9397B0E5
Requests: 1 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 987459C4FDAAF4CD453111276AF32726
Requests: 1 HTTP requests in this frame

Frame: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: CDBE7CA54FDA71E19683C8B1348BD8CA
Requests: 2 HTTP requests in this frame

Frame: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Frame ID: 493FE9B6EE655BD66679FABB640A9AB2
Requests: 33 HTTP requests in this frame

Frame: https://download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame/index.html
Frame ID: 3E8D14F8EED8C64A93546EC5F8EF245E
Requests: 2 HTTP requests in this frame

Frame: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
Frame ID: 385BFCD468BF39D90E2587F509EF6F38
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Virginia Lottery - Play Games and Check Winning Numbers

Page URL History Show full URLs

https://valottery.com/ HTTP 307
https://www.valottery.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
/([\d.]+)/jquery(?:\.min)?\.js

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

219
Requests

99 %
HTTPS

0 %
IPv6

44
Domains

62
Subdomains

49
IPs

6
Countries

4400 kB
Transfer

11990 kB
Size

53
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/valottery

Search URL Search Domain Scan URL

URL: https://twitter.com/VirginiaLottery

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/VirginiaLottery

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/virginia-lottery

Search URL Search Domain Scan URL

URL: https://www.instagram.com/virginialottery/

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/virginia-lottery-official-app/id1409781643?ls=1&version=App-Version-3.0.7&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.va.lottery&version=App-Version-4.0.0

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://valottery.com/ HTTP 307
https://www.valottery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620

Request Chain 15

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584

Request Chain 16

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F

Request Chain 17

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE

Request Chain 18

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9

Request Chain 19

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A

Request Chain 20

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B

Request Chain 21

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7 HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7

Request Chain 22

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD

Request Chain 23

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1 HTTP 307
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1

Request Chain 24

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF HTTP 307
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF

Request Chain 25

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75 HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75

Request Chain 26

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D

Request Chain 27

https://www.valottery.com/-/media/VAL/Images/Promos/Jackpots/MM-Play-Now-Promo-Circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D HTTP 307
https://www.valottery.com/-/media/val/images/promos/jackpots/mm-play-now-promo-circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D

Request Chain 28

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C

Request Chain 29

https://www.valottery.com/-/media/VAL/Images/Promos/Cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C HTTP 307
https://www.valottery.com/-/media/val/images/promos/cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C

Request Chain 30

https://www.valottery.com/-/media/VAL/Images/Promos/Crown-Jewel-Jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2 HTTP 307
https://www.valottery.com/-/media/val/images/promos/crown-jewel-jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2

Request Chain 45

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A

Request Chain 46

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186

Request Chain 47

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9 HTTP 307
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9

Request Chain 48

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E HTTP 307
https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E

Request Chain 49

https://www.valottery.com/-/media/VAL/Images/Promos/Big-Money-Jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276 HTTP 307
https://www.valottery.com/-/media/val/images/promos/big-money-jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276

Request Chain 50

https://www.valottery.com/-/media/VAL/Images/Promos/Interstitials/PowerHours_InterstitialCBT.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB HTTP 307
https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB

Request Chain 51

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333

Request Chain 52

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265

Request Chain 53

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E

Request Chain 54

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601 HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601

Request Chain 55

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D HTTP 307
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D

Request Chain 56

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C& HTTP 307
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Request Chain 57

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx HTTP 307
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Request Chain 66

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx HTTP 307
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Request Chain 74

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/hero_swapImageDesktop_sunsetwinnings.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_sunsetwinnings.ashx

Request Chain 75

https://www.valottery.com/api/v1/drawgames/15/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/15/nextdrawing

Request Chain 76

https://www.valottery.com/api/v1/drawgames/20/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/20/nextdrawing

Request Chain 77

https://www.valottery.com/api/v1/drawgames/1070/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

Request Chain 78

https://www.valottery.com/api/v1/drawgames/1065/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

Request Chain 79

https://www.valottery.com/api/v1/drawgames/1030/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

Request Chain 80

https://www.valottery.com/api/v1/drawgames/1040/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

Request Chain 81

https://www.valottery.com/api/v1/drawgames/1050/nextDrawing HTTP 307
https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

Request Chain 86

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 88

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 108

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

Request Chain 109

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

Request Chain 117

https://adservice.google.com/ddm/fls/i/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 118

https://adservice.google.com/ddm/fls/i/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F HTTP 302
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Request Chain 121

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount] HTTP 302
https://insight.adsrvr.org/track/pxl/?adv=8d79pb6&ct=0:k1onzat&fmt=3

Request Chain 132

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/150x45/bankamillion.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

Request Chain 133

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=589E08B160FD495EA407F15743CABF2E

Request Chain 134

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E

Request Chain 135

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=589E08B160FD495EA407F15743CABF2E HTTP 302
https://um.simpli.fi/aa_px?sk=164890603916000272081

Request Chain 137

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=589E08B160FD495EA407F15743CABF2E

Request Chain 140

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=589E08B160FD495EA407F15743CABF2E;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=589E08B160FD495EA407F15743CABF2E;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/398696.gif?partner_uid=-7291093971443891088

Request Chain 141

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0&xl8blockcheck=1

Request Chain 143

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=589E08B160FD495EA407F15743CABF2E

Request Chain 144

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=589E08B160FD495EA407F15743CABF2E

Request Chain 145

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E

Request Chain 146

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=589E08B160FD495EA407F15743CABF2E

Request Chain 147

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=589E08B160FD495EA407F15743CABF2E

Request Chain 148

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1632239207368&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Z_5JYaSFGciU-garjQI&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z_5JYaSFGciU-garjQI&cid=CAQSKQCNIrLMLuY_6YPBVev30LweWh9qzEoW0b0pPgnsCdu2I64prwZb8MOp&random=3518014972

Request Chain 149

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E&__user_check__=1&sync_id=21075590-1af3-11ec-bde8-12c786060206

Request Chain 150

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=589E08B160FD495EA407F15743CABF2E HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D589E08B160FD495EA407F15743CABF2E

Request Chain 151

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=589E08B160FD495EA407F15743CABF2E&expires=365

Request Chain 152

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=589E08B160FD495EA407F15743CABF2E HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=589E08B160FD495EA407F15743CABF2E

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEHDvD5mCXOjU_S_gLXRVM1k&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=589E08B160FD495EA407F15743CABF2E HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 155

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%222630619931%22%2C%22th%22%3A7822345132%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a4mneMmFfZd0s7XYVQ20cFyMdbbRWEHby%22%2C%22url%22%3A%22https%3A%2F%2F8930728.fls.doubleclick.net%2F%22%2C%22clientName%22%3A%22Virginia%2520Lottery%22%2C%22clientID%22%3A769933%2C%22eventType%22%3A%22visitor%22%2C%22segmentNumber%22%3A0%2C%22segmentName%22%3A%22VALotto%22%7D HTTP 302
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://a.tribalfusion.com/i.match?p=b26&u=7925486445016005058&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24 HTTP 302
https://ib.adnxs.com/setuid?entity=305&code=18072662189203670867

Request Chain 156

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

Request Chain 157

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/Powerball.ashx HTTP 307
https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

Request Chain 183

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_C5-EZMatch-229x95.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

Request Chain 184

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life.ashx HTTP 307
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

219 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.valottery.com/
Redirect Chain

https://valottery.com/
https://www.valottery.com/

156 KB
31 KB

567ms
557ms

Document
text/html

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4401bea79eb66abf71d551275f8929db9bc19103192783620b5c5bae01f0d17f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.valottery.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server
set-cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; path=/; secure; HttpOnly; SameSite=Lax SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; expires=Fri, 19-Sep-2031 15:46:44 GMT; path=/; secure; HttpOnly ShowVALAlert=winningNumbers; expires=Sun, 21-Sep-2121 15:46:45 GMT; path=/; secure; HttpOnly
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
content-length: 30952

Redirect headers

content-type: text/html; charset=UTF-8
location: https://www.valottery.com/
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:43 GMT
content-length: 149

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 62ms
24ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:46:45 GMT
server: ESF
date: Tue, 21 Sep 2021 15:46:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 15:46:45 GMT

GET
H2 200 bootstrap.min.css
www.valottery.com/dist/vendor/bootstrap/css/ 119 KB
19 KB 112ms
108ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Mar 2020 17:23:17 GMT
server
x-frame-options: SAMEORIGIN
etag: "8070b894b7fbd51:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 19689
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap-datepicker.standalone.min.css
www.valottery.com/dist/vendor/bootstrap-datepicker/css/ 16 KB
2 KB 112ms
109ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dist/vendor/bootstrap-datepicker/css/bootstrap-datepicker.standalone.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2214
x-xss-protection: 1; mode=block

GET
H2 200 video-js.min.css
www.valottery.com/dist/vendor/videojs/ 45 KB
13 KB 192ms
189ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/videojs/video-js.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /dist/vendor/videojs/video-js.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
x-frame-options: SAMEORIGIN
etag: "80e04db9a2c0d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 13687
x-xss-protection: 1; mode=block

GET
H2 200 styles.bundle.css
cdn.valottery.com/css/ 398 KB
31 KB 488ms
127ms Stylesheet
text/css 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/css/styles.bundle.css?cachebuster=20210830
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 906e71f52631575bbc2e2454a0db08cc2d50f509ec8d2a4263103148a8b25683

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:45 GMT
content-encoding: br
x-azure-ref-originshield: 0Zf5JYQAAAACiCH/rgAD5RK8+atZLucagTE9OMjFFREdFMDExMAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: 2VZyLUlqTLxcQSMSX0xF1g==
x-cache: TCP_REMOTE_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 30 Aug 2021 15:10:13 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D96BC84496C34F
x-azure-ref: 0Zf5JYQAAAADAOYIDSGZmTai+QFKxsrq+UFJHMDFFREdFMDkwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: b93abe45-101e-009a-4df6-aeb617000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
7 KB 70ms
50ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 752, 617, 617
age: 2470427
cdn-cachedat: 2021-08-02 15:28:29
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 18374a3871bc2e758de6de54beff4b1a
cf-ray: 69246d9a6e2d2c3a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 common.css
www.valottery.com/neo/web/_webportal/css/ 1 KB
747 B 192ms
189ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/common.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /neo/web/_webportal/css/common.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "a748f4b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 662
x-xss-protection: 1; mode=block

GET
H2 200 top-bar.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 194ms
191ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/top-bar.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /neo/web/_webportal/css/top-bar.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "e7bf5b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 968
x-xss-protection: 1; mode=block

GET
H2 200 cart-preview.css
www.valottery.com/neo/web/_webportal/css/ 2 KB
1 KB 192ms
190ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/cart-preview.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /neo/web/_webportal/css/cart-preview.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Aug 2017 12:19:09 GMT
server
x-frame-options: SAMEORIGIN
etag: "2bcbf7b3911d31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 986
x-xss-protection: 1; mode=block

GET
H2 200 instant-game.css
www.valottery.com/neo/web/_webportal/css/ 3 KB
984 B 192ms
190ms Stylesheet
text/css 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/css/instant-game.css

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /neo/web/_webportal/css/instant-game.css
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 19:28:43 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a7f07f4b4ed61:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 898
x-xss-protection: 1; mode=block

GET
H2 200 webportal.js Show response
www.valottery.com/neo/web/_webportal/ 20 KB
4 KB 193ms
191ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/neo/web/_webportal/webportal.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /neo/web/_webportal/webportal.js
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 09 Aug 2020 12:28:23 GMT
server
x-frame-options: SAMEORIGIN
etag: "80cd9592486ed61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:44 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4386
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK mwc-app.js Show response
gamesrv1.valottery.com/MWC/ 65 KB
19 KB 615ms
108ms Script
application/javascript 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/MWC/mwc-app.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d4a35b74db1bc2543055525dac91f0267abb696798892eab74f949f198f60fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Sun, 12 Sep 2021 10:41:10 GMT
X-Powered-By: ASP.NET
ETag: "027ab3c2a7d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache
Date: Tue, 21 Sep 2021 15:46:45 GMT
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Content-Length: 18435

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 31ms
12ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:45 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1632239205.dop154.fr8.t,1632239205.cds233.fr8.hn,1632239205.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 32ms
13ms Script
application/javascript 69.16.175.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:45 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1632239205.dop154.fr8.t,1632239205.cds233.fr8.hn,1632239205.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620

12 KB
12 KB

119ms
119ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 17:47:22 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12351
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx?h=67&w=123&la=en&hash=259640C21ABD949CED37BA4174D06F48B8987620
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_pb_homepage_dropdown.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_PB_homepage_Dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584
https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584

3 KB
4 KB

120ms
120ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 29 Jun 2021 05:39:59 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_PB_homepage_Dropdown.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3474
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_pb_homepage_dropdown.ashx?h=66&w=188&la=en&hash=7CD7EDD60B7DD6EA6C77C78D3BF05DD7E4E21584
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 289
x-xss-protection: 1; mode=block

GET
H2

200

cash4life_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F

2 KB
2 KB

120ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:24 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Cash4Life_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 1625
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cash4life_sm.ashx?h=60&w=83&la=en&hash=81139B5EA3AB5010820CB97D384B1F6277EA406F
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p3fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE

7 KB
8 KB

120ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:17:56 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P3Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx?h=51&w=127&la=en&hash=70B5FA8FC505C73FB69B2610A86C7265E6241AAE
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo_dropdownnumberscards_p4fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9

8 KB
8 KB

119ms
119ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:18:48 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P4Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7864
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx?h=51&w=127&la=en&hash=13FFD79AF8D5BA24F42F35B619F634ABDB7536E9
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 300
x-xss-protection: 1; mode=block

GET
H2

200

logo-numberscards_c5-ezmatch.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo-numbersCards_C5-EZMatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A
https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A

9 KB
9 KB

121ms
121ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:47 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo-numbersCards_C5-EZMatch.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9088
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo-numberscards_c5-ezmatch.ashx?h=48&w=107&la=en&hash=58EB62600E6D980DC0E07D30EDEC9603A919A29A
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 292
x-xss-protection: 1; mode=block

GET
H2

200

bankamillion_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/BankAMillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B
https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B

11 KB
12 KB

224ms
224ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Nov 2017 15:39:23 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="BankAMillion_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 11716
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/bankamillion_sm.ashx?h=48&w=144&la=en&hash=9A608ABBF465956D728363485797C1D58726442B
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 279
x-xss-protection: 1; mode=block

GET
H2

200

logo_keno_winningnumbers_midpage.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_keno_winningNumbers_midPage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7
https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7

4 KB
4 KB

224ms
223ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 01 Nov 2020 05:19:23 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_keno_winningNumbers_midPage.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3787
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_keno_winningnumbers_midpage.ashx?h=55&w=151&la=en&hash=449DFE331887829391EAD5518455F301ABCC5DE7
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 296
x-xss-protection: 1; mode=block

GET
H2

200

logo_rollingjackpot_winningnumbers.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD
https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD

9 KB
9 KB

224ms
223ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 26 May 2019 08:51:06 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_rollingjackpot_winningnumbers.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 9574
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_rollingjackpot_winningnumbers.ashx?h=67&w=123&la=en&hash=0EACA962F933ABDE427F9A5E836A99D68A4F83BD
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 298
x-xss-protection: 1; mode=block

GET
H2

200

enter-tickets.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1
https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1

321 B
418 B

115ms
115ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:31 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="enter tickets.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 321
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/enter-tickets.ashx?h=11&w=14&la=en&hash=B3BCBC59CE7FA9757C7544E0D09DA1C763504DB1
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

online-play.ashx
www.valottery.com/-/media/val/images/header/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF
https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF

292 B
388 B

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Nov 2018 12:24:14 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="online-play.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 292
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/header/online-play.ashx?h=15&w=15&la=en&hash=515CD32640688C19B95078F3E2887CF047A7C8FF
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 265
x-xss-protection: 1; mode=block

GET
H2

200

desktop_topnav_logo2021.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75
https://www.valottery.com/-/media/val/images/promos/logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75

7 KB
7 KB

115ms
115ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

660459946fc4a5a471e102cc527af368daf8ca417a2b88a7552541874c6e237d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 16:34:02 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="desktop_topnav_logo2021.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7399
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/desktop_topnav_logo2021.ashx?h=60&w=226&la=en&hash=8B42D7B835FE0384B62A6B05C7FD2D4821D71F75
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 283
x-xss-protection: 1; mode=block

GET
H2

200

footer_logo2021.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D
https://www.valottery.com/-/media/val/images/promos/logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D

4 KB
5 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1f24b5a731326be79343e88ca5889dafbb15cd79b8bb5ddebd9e215ffea5b0e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 16:33:55 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="footer_logo2021.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4499
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/footer_logo2021.ashx?h=60&w=67&la=en&hash=40BF732EB35489FF31FE21B6B90B011B98A2EB1D
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 274
x-xss-protection: 1; mode=block

GET
H2

200

mm-play-now-promo-circle.ashx
www.valottery.com/-/media/val/images/promos/jackpots/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Jackpots/MM-Play-Now-Promo-Circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D
https://www.valottery.com/-/media/val/images/promos/jackpots/mm-play-now-promo-circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D

32 KB
32 KB

224ms
222ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/jackpots/mm-play-now-promo-circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c865aa768ae5088e878d3f8d1132f89193ef0d8b4b3eeb9cd8ce7b3c0fbfc049

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/jackpots/mm-play-now-promo-circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 13 Sep 2021 12:12:56 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MM-Play-Now-Promo-Circle.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 32600
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/jackpots/mm-play-now-promo-circle.ashx?h=234&w=234&la=en&hash=B577B6370B473ABFB84A7FB94484830150C00F8D
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 289
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_astroportals.ashx
www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Promo-Circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C
https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C

18 KB
18 KB

225ms
221ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f5fa9902987ef01793df21333d090f5894b619670d69568faccce1ba032ea330

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/instant-games/promo-circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 03 Sep 2021 15:09:25 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_astroportals.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18514
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/promo-circles/bubblepromo_astroportals.ashx?h=234&w=234&la=en&hash=8BEDB385194CEFDAADD91F161044CE4AADF58F6C
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 308
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_cash5refresh.ashx
www.valottery.com/-/media/val/images/promos/cash-5/refresh/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C
https://www.valottery.com/-/media/val/images/promos/cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C

22 KB
22 KB

225ms
225ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

557df66808182be0b02863fd8832183b72eff2d1b686ff1167e7fbaa6d057920

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Sun, 03 Jan 2021 21:10:23 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_cash5refresh.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 22376
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/cash-5/refresh/bubblepromo_cash5refresh.ashx?h=234&w=234&la=en&hash=185BA00B8AEA618C4B4AB5D7071B4052AAAAA78C
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 295
x-xss-protection: 1; mode=block

GET
H2

200

bubblepromo_crownjeweljackpot.ashx
www.valottery.com/-/media/val/images/promos/crown-jewel-jackpot/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Crown-Jewel-Jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2
https://www.valottery.com/-/media/val/images/promos/crown-jewel-jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2

16 KB
16 KB

224ms
224ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/crown-jewel-jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

107a3e37d04cd9d89ff84a6b514efc04124ea1a0ae8959e7dc2c9ac480412287

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/crown-jewel-jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 20 Aug 2021 18:08:52 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bubblepromo_crownjeweljackpot.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 16216
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/crown-jewel-jackpot/bubblepromo_crownjeweljackpot.ashx?h=234&w=234&la=en&hash=AF797E7EEF880F346109541D247896ACB31632F2
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 305
x-xss-protection: 1; mode=block

GET
H2 200 290x192_1182_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1182/ 49 KB
49 KB 93ms
22ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1182/290x192_1182_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F38) / ASP.NET
Resource Hash: 29a14dc7599de5484006c7223a6272cc6bc8822bebf999bdaa2cf2aef7425d65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "a9ef9197e57d71:0"
last-modified: Tue, 01 Jun 2021 17:50:21 GMT
server: ECAcc (frc/8F38)
age: 42298
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 49796

GET
H2 200 ilottery_gamecard_flag_new.png
www.valottery.com/images/ilottery/ 3 KB
3 KB 119ms
116ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_new.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/ilottery/ilottery_gamecard_flag_new.png
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 20 May 2020 02:08:34 GMT
server
etag: "5e7a58914b2ed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3243
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3217_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3217/ 80 KB
80 KB 81ms
10ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3217/290x192_3217_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA7) / ASP.NET
Resource Hash: 5daa8ade5d465d442e91dbea61ac28ce84c3bdab5b85260ee43e78231e17d3a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "33f6be57668fd71:0"
last-modified: Thu, 12 Aug 2021 10:39:35 GMT
server: ECAcc (frc/8FA7)
age: 212735
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 81888

GET
H2 200 290x192_1787_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/ 91 KB
91 KB 96ms
26ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1787/290x192_1787_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F41) / ASP.NET
Resource Hash: 7cf6c891a0f1da250e9064b3e65550cd644fc674609ad52d3845ac8b9d634023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "a1b804763b1d61:0"
last-modified: Mon, 02 Nov 2020 21:58:21 GMT
server: ECAcc (frc/8F41)
age: 159565
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 93116

GET
H2 200 ilottery_gamecard_flag_featured.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 120ms
116ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_featured.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/ilottery/ilottery_gamecard_flag_featured.png
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 09 Nov 2020 14:49:15 GMT
server
etag: "35e1817ea7b6d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 5036
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3430_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3430/ 21 KB
21 KB 86ms
16ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3430/290x192_3430_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA5) / ASP.NET
Resource Hash: 34ef44ca5b56c778f52c14eb45621e74e706df8a1a86f09de0fb935cef87d5ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "c42f7b8c285ed71:0"
last-modified: Thu, 10 Jun 2021 18:43:47 GMT
server: ECAcc (frc/8EA5)
age: 124033
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 21782

GET
H2 200 ilottery_gamecard_flag_progressive.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 119ms
117ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_progressive.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/ilottery/ilottery_gamecard_flag_progressive.png
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 19:31:06 GMT
server
etag: "19244786aabed61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4904
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3213_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3213/ 73 KB
73 KB 19ms
18ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3213/290x192_3213_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F95) / ASP.NET
Resource Hash: b80bc30222d12c1cecbdf3836745a1cb363fe36e2f101fb27dc3964c41c202b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "fa2b84496342d71:0"
last-modified: Thu, 06 May 2021 10:33:43 GMT
server: ECAcc (frc/8F95)
age: 199877
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 74585

GET
H2 200 290x192_1123_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/1123/ 56 KB
56 KB 13ms
8ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/1123/290x192_1123_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F31) / ASP.NET
Resource Hash: 6ab464d03d1de4fc9df7142654844408f767c68dd5f68dde635069a177bd174c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "4cb9431639f3d61:0"
last-modified: Mon, 25 Jan 2021 16:42:36 GMT
server: ECAcc (frc/8F31)
age: 250384
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 57305

GET
H2 200 ilottery_gamecard_flag_popular.png
www.valottery.com/images/ilottery/ 5 KB
5 KB 111ms
106ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/ilottery_gamecard_flag_popular.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/ilottery/ilottery_gamecard_flag_popular.png
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 16:21:32 GMT
server
etag: "80cbf83934b1d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4975
x-xss-protection: 1; mode=block

GET
H2 200 290x192_3214_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3214/ 70 KB
70 KB 16ms
11ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3214/290x192_3214_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F48) / ASP.NET
Resource Hash: b139dd93f7c1f9e816dd6e25182efe6efc19c7f031325081c1e47ba6cab0c257

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "a7b73197ac77d71:0"
last-modified: Tue, 13 Jul 2021 06:01:58 GMT
server: ECAcc (frc/8F48)
age: 113839
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 71450

GET
H2 200 290x192_3215_1x_ENG.png
download.gamesrv1.com/NMWC/Resources/Game_Thumb/3215/ 77 KB
78 KB 16ms
12ms Image
image/png 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/NMWC/Resources/Game_Thumb/3215/290x192_3215_1x_ENG.png
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6F) / ASP.NET
Resource Hash: 16216d2d481225790ac4f9f63deb73317c5e1769149350ec3d0765e31864fefe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "9186d61b1873d71:0"
last-modified: Wed, 07 Jul 2021 10:09:01 GMT
server: ECAcc (frc/8F6F)
age: 110906
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/png
cache-control: max-age=259200
accept-ranges: bytes
content-length: 79261

GET
H2 200 val-footer-logo.png
www.valottery.com/images/ilottery/ 9 KB
9 KB 108ms
107ms Image
image/png 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/images/ilottery/val-footer-logo.png

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f582d213e3668de85436bc63703b309e517be4e128ac37b71d66e85ac13690e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /images/ilottery/val-footer-logo.png
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 13:32:58 GMT
server
etag: "82518cf6249d61:0"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:47 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 8837
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 30ms
8ms Script
text/javascript 142.250.184.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f10.1e100.net

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 10:17:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30399
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 21 Sep 2022 10:17:53 GMT

GET
H2

200

icon_winningnumbers_balls.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/icon_winningNumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A
https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A

2 KB
2 KB

225ms
224ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 22 Jan 2020 14:43:31 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="icon_winningNumbers_balls.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2187
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/icon_winningnumbers_balls.ashx?h=40&w=71&la=en&hash=166B4FB8CAAAE9531AE946D9299C107F889B015A
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 288
x-xss-protection: 1; mode=block

GET
H2

200

random-number-generator-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186
https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186

3 KB
3 KB

119ms
118ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:49:16 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="random-number-generator-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3356
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/random-number-generator-icon.ashx?h=108&w=194&la=en&hash=0295725D4B8A8CC449637068A396E61181300186
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 290
x-xss-protection: 1; mode=block

GET
H2

200

find-a-retailer-icon.ashx
www.valottery.com/-/media/val/images/promos/icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9
https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9

2 KB
2 KB

120ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 17:45:17 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="find-a-retailer-icon.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2126
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/icons/find-a-retailer-icon.ashx?h=118&w=135&la=en&hash=60DD956B2A71EC09F3E532E23A8D324946462DB9
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 282
x-xss-protection: 1; mode=block

GET
H2

200

blockpromopnp82021.ashx
www.valottery.com/-/media/val/images/promos/print-n-play/2021/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E
https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E

65 KB
65 KB

123ms
123ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cf6ec5ae0cfa97d28dcc66069843c1fcce4c08d1c4275a5c216ba326b43790e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 16:15:27 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="blockpromopnp82021.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 66069
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/print-n-play/2021/blockpromopnp82021.ashx?la=en&hash=2E95449374614FB11E7139F8C77F08580352262E
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 272
x-xss-protection: 1; mode=block

GET
H2

200

blockpromo_bigmoneyjackpots.ashx
www.valottery.com/-/media/val/images/promos/big-money-jackpots/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Big-Money-Jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276
https://www.valottery.com/-/media/val/images/promos/big-money-jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276

42 KB
42 KB

117ms
117ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/big-money-jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

18b70dfd8aba9949c84f3274ba0023b3099ffa633936f982bd2a9fdce502b9b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/big-money-jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 07 Jul 2021 13:48:50 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="blockpromo_bigmoneyjackpots.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 42845
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/big-money-jackpots/blockpromo_bigmoneyjackpots.ashx?la=en&hash=6CE47B19492605DAA754E333C78C0AEEC3B7C276
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 282
x-xss-protection: 1; mode=block

GET
H2

200

powerhours_interstitialcbt.ashx
www.valottery.com/-/media/val/images/promos/interstitials/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Interstitials/PowerHours_InterstitialCBT.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB
https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB

46 KB
46 KB

119ms
119ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f22202d5d46efe1f1a3ec66734e0866e3af063dcc41490c5ae55d34984c2c3e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 14 Apr 2021 17:30:40 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="PowerHours_InterstitialCBT.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 47085
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/interstitials/powerhours_interstitialcbt.ashx?la=en&hash=607328EC018BEEE80AE180267D5F277BC314FBEB
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

facebook.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333
https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333

3 KB
3 KB

117ms
117ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:11 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="facebook.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2935
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:47 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/facebook.ashx?h=18&w=18&la=en&hash=0C9204BAEE80CD850946FD8203927FF06DCC8333
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 268
x-xss-protection: 1; mode=block

GET
H2

200

twitter.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265
https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265

3 KB
3 KB

117ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:15:00 GMT
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="twitter.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3034
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/twitter.ashx?h=14&w=18&la=en&hash=00241D9AED9F693CF0BAF4B5D65EE15EF4FFA265
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

youtube.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E
https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E

3 KB
3 KB

118ms
118ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:50 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="youtube.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2927
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/youtube.ashx?h=12&w=18&la=en&hash=B8E48B447ADA983FF99CCD7D0AD53D393017962E
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 267
x-xss-protection: 1; mode=block

GET
H2

200

linkedin_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601
https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601

240 B
357 B

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2017 16:40:16 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="linkedin_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 240
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/linkedin_footer.ashx?h=15&w=15&la=en&hash=EFDF1EB449326CECDEB5BECC2649431CEDC31601
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 275
x-xss-protection: 1; mode=block

GET
H2

200

instagram_footer.ashx
www.valottery.com/-/media/val/images/social-icons/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Social-Icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D
https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D

341 B
441 B

115ms
115ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Fri, 11 Oct 2019 14:14:36 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="instagram_footer.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 341
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/social-icons/instagram_footer.ashx?h=18&w=18&la=en&hash=7E07A9B889C29A5908DBFE6C2EE43454DCF9698D
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 276
x-xss-protection: 1; mode=block

GET
H2

200

53d8198ebdfc429a8260c2f200fe4fe7.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/53D8198EBDFC429A8260C2F200FE4FE7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

3 KB
3 KB

118ms
117ms

Image
image/gif

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 23 Apr 2019 15:32:43 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="apple_app.gif"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2602
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/53d8198ebdfc429a8260c2f200fe4fe7.ashx?la=en&hash=F26335C9E80A56018EBE73995AFFA5ED355F3A7C&
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 255
x-xss-protection: 1; mode=block

GET
H2

200

c646eb7c858a499db091d338bb81a3f3.ashx
www.valottery.com/-/media/
Redirect Chain

https://www.valottery.com/-/media/C646EB7C858A499DB091D338BB81A3F3.ashx
https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

4 KB
4 KB

116ms
115ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/c646eb7c858a499db091d338bb81a3f3.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 29 Jun 2020 12:43:52 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="google-play-badge.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3795
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/c646eb7c858a499db091d338bb81a3f3.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H2 200 app.bundle.js Show response
cdn.valottery.com/jscript/ 1 MB
240 KB 19ms
19ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20210712
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 77211b2e98b06e01565e08bcb05f556923345f5f5cfc5a132de87b5084997a24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
x-azure-ref-originshield: 0/RVGYQAAAABnvmkhEpc1RKoKU15qN63MTE9OMjFFREdFMTUwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: qc9dhM0jlEKpf7kbgICOMw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Tue, 13 Jul 2021 02:26:15 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D945A597035F08
x-azure-ref: 0Zv5JYQAAAAD2YVZ498exSbRUlFXb96U+UFJHMDFFREdFMDkwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 524c33a8-d01e-002d-57ab-acb912000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 pulltorefresh.js Show response
www.valottery.com/assets/ 10 KB
3 KB 108ms
107ms Script
application/javascript 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/assets/pulltorefresh.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /assets/pulltorefresh.js
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Apr 2020 16:56:35 GMT
server
x-frame-options: SAMEORIGIN
etag: "80a3b9d0fd17d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 2652
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 11 KB
6 KB 160ms
159ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&CurrencyCode=USD&IUA=neow&LNG=ENU&IP=&AR=&AFI=&GameVerticalID=&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012&cm=PLI&rst=j&uniqueNoCache=1632239206347

Requested by

Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

36937fb71bcc955dee583edf948acb3c67d362ca6da9a20dbf5a53f42dfba3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 4738
Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:45 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
68 KB 84ms
45ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

dbef2a6bf0d72426b50072142f13ec23e3b178b4bec416691ef7ceda2bb8ac5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69260
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 15:46:46 GMT

GET
H2 200 index.html Show response
www.valottery.com/live_draw_show/ Frame C4AB 959 B
755 B 108ms
108ms Document
text/html 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/live_draw_show/index.html

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.valottery.com
:scheme: https
:path: /live_draw_show/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

content-type: text/html
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 14:28:49 GMT
accept-ranges: bytes
etag: "a3b9bc156fe3d61:0"
vary: Accept-Encoding
server
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
content-length: 645

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 44 KB
45 KB 30ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:08:18 GMT
x-content-type-options: nosniff
age: 41908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:08:18 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.valottery.com/dist/vendor/bootstrap/fonts/ 18 KB
18 KB 109ms
108ms Font
application/font-woff2 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/dist/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.valottery.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
:path: /dist/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.valottery.com/dist/vendor/bootstrap/css/bootstrap.min.css?cachebuster=20210504
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 20 Mar 2018 23:25:25 GMT
server
etag: "2ff67cb9a2c0d31:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18028
x-xss-protection: 1; mode=block

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v12/ 46 KB
46 KB 39ms
17ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 13:46:49 GMT
x-content-type-options: nosniff
age: 352797
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46988
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 13:46:49 GMT

GET
H2

200

sunburst_2.ashx
www.valottery.com/-/media/val/images/background-illustrations/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Background-Illustrations/sunburst_2.ashx
https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

242 KB
243 KB

119ms
119ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/background-illustrations/sunburst_2.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2017 19:22:16 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="sunburst_2.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 248152
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/background-illustrations/sunburst_2.ashx
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 208
x-xss-protection: 1; mode=block

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 10ms
6ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 41617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:13:09 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 30ms
16ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 632, 617, 617, 617
age: 13068645
cdn-cachedat: 2021-04-23 11:02:20
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64464
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: a53a510e4b77027b45e5caf016587c57
accept-ranges: bytes
cf-ray: 69246da03c9f6913-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|Poppins:400,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 495735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 22:04:31 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 306 KB
61 KB 66ms
10ms Script
text/javascript 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0f9109bc35c16ca11ac71da792d21bc10a57f7ce768088138a38506595d0afd4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 15:46:46 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-AspNet-Version: 4.0.30319
X-ltk: 9/18/2021 9:01:45 PM
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 61287
Last-Modified: Fri, 20 Aug 2021 13:52:54 GMT
Server: cloudflare
ETag: "H5gpuFZ3i/FigCy0pZbSNQ=="
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: FRA60-P2
Accept-Ranges: bytes
CF-RAY: 690ee272dd05bebf-FRA
X-Amz-Cf-Id: GRJ6NQhcAL6CkUGeLJWlPaZ0KlFGZNZR806-WstaSLgHfY_xv-fRSg==
Expires: Tue, 21 Sep 2021 16:46:37 GMT

GET
H2 200 zmbl.js Show response
www.zmbl.co/build/ 79 KB
23 KB 53ms
6ms Script
application/javascript 151.101.2.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/build/zmbl.js?v=3.1.0

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

29568049c9af5ffe7d9d5c7561b9403e6eb2c5be4269b4f89432fe2c0fc77712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur, 1.1 varnish
age: 1319
x-cache: HIT
content-encoding: gzip
content-length: 23102
x-served-by: cache-hhn4043-HHN
last-modified: Fri, 17 Sep 2021 15:51:45 GMT
server: Cowboy
x-timer: S1632239207.579963,VS0,VE1
date: Tue, 21 Sep 2021 15:46:46 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 435.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/ 344 KB
150 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F67) / ASP.NET
Resource Hash: 0a177fd5f989ae233cce8b52b735078ec6af89ca6cb804c0bec238676daff8e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "bb98acb4c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:12 GMT
server: ECAcc (frc/8F67)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 153496

GET
H2 200 436.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/ 63 KB
27 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/436.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F91) / ASP.NET
Resource Hash: 5b1281aa48b18b9e236ebf32ba59987ccafb72f885a79609ea15a10358bb5108

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "6488b4b4c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:12 GMT
server: ECAcc (frc/8F91)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 27284

GET
H2

200

hero_swapimagedesktop_sunsetwinnings.ashx
www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Instant-Games/Swap-Banners/hero_swapImageDesktop_sunsetwinnings.ashx
https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_sunsetwinnings.ashx

83 KB
83 KB

116ms
115ms

Image
image/jpeg

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_sunsetwinnings.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e49776be07243e2df2b62df2edd0125264b841bffba2d4affa9ec3ce1120644d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_sunsetwinnings.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 14 Sep 2021 13:35:08 GMT
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="hero_swapImageDesktop_sunsetwinnings.jpg"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 85180
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:46 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/instant-games/swap-banners/hero_swapimagedesktop_sunsetwinnings.ashx
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 243
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/15/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/15/nextDrawing
https://www.valottery.com/api/v1/drawgames/15/nextdrawing

629 B
674 B

129ms
129ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/15/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

920bd844ad96201e27c5fc6e77b2d429e36a261c988403ef03efb89d3371ff60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/15/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 629
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/15/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 180
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/20/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/20/nextDrawing
https://www.valottery.com/api/v1/drawgames/20/nextdrawing

618 B
716 B

1639ms
1639ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/20/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

cd789cf988c5a008ef8e79e994513ebb7d5c68360844378dd39e4060b2eb18f9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/20/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 618
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/20/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 180
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1070/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1070/nextDrawing
https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

629 B
670 B

609ms
609ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1070/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

545ee27b24d865638c41dd42bd51dea6531ce96877491c1e9937fb48928b1eea

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/1070/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 629
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1070/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1065/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1065/nextDrawing
https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

633 B
701 B

2656ms
2656ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1065/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b6223161949802808850b0de56c327469dc6578ca8df050049dd86ca30b210d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/1065/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 633
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1065/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1030/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1030/nextDrawing
https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

638 B
683 B

2149ms
2148ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1030/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28cda897217473aee9bbd190750cf50e44a900612617ba4f784a6fcad275d71a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/1030/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 638
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1030/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1040/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1040/nextDrawing
https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

643 B
688 B

1124ms
1124ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1040/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e36c3ef709b7e26a13d6ddd9da10fd5174ab72a809460d3c1265e8b927594fb4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/1040/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:47 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 643
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1040/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2

200

nextdrawing Show response
www.valottery.com/api/v1/drawgames/1050/
Redirect Chain

https://www.valottery.com/api/v1/drawgames/1050/nextDrawing
https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

642 B
740 B

118ms
118ms

XHR
application/json

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/drawgames/1050/nextdrawing

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

275cb9d8b09e73b4ba990445e79082a4bb345496dc632ec315bbd7fb2cbe1070

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207
:path: /api/v1/drawgames/1050/nextdrawing
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 642
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/api/v1/drawgames/1050/nextdrawing
date: Tue, 21 Sep 2021 15:46:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 182
x-xss-protection: 1; mode=block

GET
H2 200 video-js.css
cdn.valottery.com/live-draw-show/ Frame C4AB 44 KB
10 KB 16ms
16ms Stylesheet
text/css 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video-js.css
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
x-azure-ref-originshield: 0txBIYQAAAACo59oJIp4URrjR2SKx0PGKTE9OMjFFREdFMTUyMgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: nSwg8y0lCcUL3Lkjn7m2Lg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:23 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F43953E7
x-azure-ref: 0Zv5JYQAAAABK5Cl1rwejRrDyR1OE/cQqUFJHMDFFREdFMDkwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 791ce960-701e-00e7-3ec7-ad2adf000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 video.js Show response
cdn.valottery.com/live-draw-show/ Frame C4AB 2 MB
335 KB 20ms
19ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/video.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
x-azure-ref-originshield: 0txBIYQAAAACkAxShfDJYRpgBIYNuuP3wTE9OMjFFREdFMDEwOAA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: TRBMje7ARKMlSRoICa/OUw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F470C1CB
x-azure-ref: 0Zv5JYQAAAAD+9dzwgw+1Q6mrNnt51B5EUFJHMDFFREdFMDkwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: deb14061-a01e-0044-7179-ade6be000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H2 200 videojs-http-streaming.js Show response
cdn.valottery.com/live-draw-show/ Frame C4AB 937 KB
185 KB 18ms
18ms Script
application/javascript 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.valottery.com/live-draw-show/videojs-http-streaming.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
x-azure-ref-originshield: 0txBIYQAAAAACF+HaKcxZR5exB8pweiwkTE9OMjFFREdFMTUxOQA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-md5: ALiRz1YETu9PeIDWre8EIA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Mon, 22 Jun 2020 15:57:24 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D816C4F4551E67
x-azure-ref: 0Zv5JYQAAAAA3bcXAg400RKkt2CWYXucOUFJHMDFFREdFMDkwNgA1ODQwNGU2ZC1lNWI5LTRkOWMtYTBiZi0wMTQ1MmYxNWY3NzQ=
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e87f9e52-301e-00c2-4d7a-adb26c000000
access-control-expose-headers: content-length
x-ms-version: 2009-09-19

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
49 KB 67ms
44ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3ee8186ccb2ae54218750ad095acb56efae9097773d9995614a12c03bce8f81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49986
x-xss-protection: 0
expires: Tue, 21 Sep 2021 15:46:46 GMT

GET
H3

200

activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
8930728.fls.doubleclick.net/ Frame 4111
Redirect Chain

https://8930728.fls.doubleclick.net/activityi;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww....

482 B
409 B

26ms
25ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

61e00a0ad719d05543831e0bf0aa1adaaf52c6717cc618ade465dbdb55d36940

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8930728.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 16:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 48ms
13ms Script
text/javascript 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3286
date: Tue, 21 Sep 2021 14:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Tue, 21 Sep 2021 16:52:00 GMT

GET
H3

200

activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
6528888.fls.doubleclick.net/ Frame 9874
Redirect Chain

https://6528888.fls.doubleclick.net/activityi;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2...

490 B
416 B

46ms
26ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

8ec87fdc53c5606802a33e019f4ff8f40d931ea4e9e4dbfdd4de2979218d6269

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6528888.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:46 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 391
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 21-Sep-2021 16:01:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/virginialottery/production/ 109 KB
24 KB 73ms
13ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: 849c98bcf02648a5c2be9992cd1f8bf03146c5cafdec75bd77bdefeacaebb467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 12:15:58 GMT
content-encoding: gzip
age: 12648
x-edge-origin-shield-skipped: 0
status: 200
x-cache: Hit from cloudfront
content-length: 23742
access-control-allow-origin: *
last-modified: Fri, 02 Jul 2021 12:55:45 GMT
server: nginx/1.18.0
etag: W/"177c28d57e2bf250ebc8e3d375948189"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: mZQ_xuyd8V3ud0e6WO00J1lxL9whJcEr5Xmv-yanIgPzx8IAIPDyNA==
expires: Tue, 21 Sep 2021 16:15:58 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 23ms
7ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: ch5WJ+zNEXNsD4VQX1yAI//unDwkrAgy2yulgTAomxwGDost9MmGk918u8zEpN0AQalRpt4a09djg/p1DTd2xw==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 21 Sep 2021 15:46:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 siteanalyze_77148.js Show response
siteimproveanalytics.com/js/ 23 KB
9 KB 112ms
69ms Script
application/javascript 104.21.89.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_77148.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.89.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: NKN4PN5Z0AH02ZSA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8089
x-amz-id-2: u9KyiVrkl0Jaxd08ztNuFtDpWIV1kqCoz5EEhWXqcnhdDJHT4KM0KjSH1ABOwvb/nyU00IozJZs=
last-modified: Tue, 22 Jun 2021 14:44:58 GMT
server: cloudflare
etag: "338e574f139b53e598851d6c150d2e11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvHoI%2FYKjZhbb%2FpJErygPnhGvXrZU4CCB%2B0XaNU4%2F3wdEPhpgO63xausqAlgBqFDRkqLAWVAKMDZwG3Qgty1xQUaDLwiiw%2BZkIKMcakrgzzbIYzUWcc02pEkPpP7904POiWYTVaYLcZp9z0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 69246da1dbc2411a-PRG

GET
H2 200 27249216.js Show response
extend.vimeocdn.com/ga/ 17 KB
6 KB 53ms
6ms Script
text/javascript 151.101.14.109
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://extend.vimeocdn.com/ga/27249216.js
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache /
Resource Hash: b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
age: 38585449
x-cache: HIT
x-cache-hits: 551543
content-length: 5672
x-served-by: cache-fra19179-FRA
x-vimeo-dc: ge
last-modified: Mon, 29 Jun 2020 23:08:13 GMT
server: Apache
x-timer: S1632239207.698214,VS0,VE0
etag: "43cc-5a94122101140"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2030 01:35:50 GMT

GET
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json Show response
www.zmbl.co/targets/ 1 KB
1 KB 9ms
6ms XHR
application/json 151.101.2.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Requested by

Host: www.zmbl.co
URL: https://www.zmbl.co/build/zmbl.js?v=3.1.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.2.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: application/json
Referer: https://www.valottery.com/
X-Zembula-Enabled: true
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: W/"dd9cb03fbf21ee22bbf1b24a4ee9e8ec"
age: 344404
x-cache: HIT
access-control-max-age: 600
content-length: 542
via: 1.1 vegur, 1.1 varnish
x-request-id: cc718c73-ca91-4ca2-84bb-50c0c5f5e7e3
x-served-by: cache-hhn4043-HHN
x-runtime: 0.245778
x-content-digest: fc1a9ec1fb7a2d96b14a46f4bfbec0f26a46ebad
server: Cowboy
x-timer: S1632239207.692236,VS0,VE1
x-frame-options: ALLOWALL
date: Tue, 21 Sep 2021 15:46:46 GMT
vary: Origin,Accept-Encoding, Fastly-Orig-Host
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.valottery.com
access-control-expose-headers
cache-control: public, no-cache
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
x-rack-cache: stale, valid, store
x-cache-hits: 1

OPTIONS
H2 200 e1340cf7-41f4-43bb-990d-c2007e475943.json
www.zmbl.co/targets/ Frame 0
0 30ms
11ms Preflight 151.101.2.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zmbl.co/targets/e1340cf7-41f4-43bb-990d-c2007e475943.json

Protocol

Server

151.101.2.65 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-zembula-enabled
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Cowboy
access-control-allow-methods: GET, OPTIONS
access-control-expose-headers
access-control-max-age: 600
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 vegur, 1.1 varnish
accept-ranges: bytes
date: Tue, 21 Sep 2021 15:46:46 GMT
age: 2730
x-served-by: cache-fra19143-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1632239207.678174,VS0,VE1
vary: Accept-Encoding, Fastly-Orig-Host
access-control-allow-origin: https://www.valottery.com
access-control-allow-credentials: true
access-control-allow-headers: X-Zembula-Enabled, X-Zembula-SlideIn-Live, X-Zembula-Overlay-Live, X-Zembula-SlideIn-Criteria-Type, X-Zembula-Overlay-Criteria-Type, X-Zembula-SlideIn-Criteria-Value, X-Zembula-Overlay-Criteria-Value, X-Zembula-SlideIn-Criteria-Id, X-Zembula-Overlay-Criteria-Id, X-Zembula-SlideIn-iFrame, X-Zembula-Overlay-iFrame, X-Zembula-Inline-iFrame, X-Zembula-SlideIn-CTA-Close, X-Zembula-Overlay-CTA-Close, X-Zembula-SlideIn-Position, Content-Type
content-length: 20

GET
H2 200 getIds Show response
s1.listrakbi.com/hDU7VeqGarZm/session/ 175 B
1 KB 189ms
126ms Script
application/x-javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/hDU7VeqGarZm/session/getIds?callback=ltkCallback8070&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 042bb30e80e819da82ce188bb2a35eed90e4410f33dbc1aa7300c269a2c10f41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
content-type: application/x-javascript; charset=utf-8
cache-control: no-cache
cf-ray: 69246da20d4b5b5c-FRA
expires: -1

GET
H2 200 app-bundle~widgets-sport.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/ 42 KB
17 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle~widgets-sport.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F89) / ASP.NET
Resource Hash: c621771674ba60113a3608656537d88c18316105ff78902a3fbb6b66ea52783f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "8b9047c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:40 GMT
server: ECAcc (frc/8F89)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 16956

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/ 246 KB
98 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F04) / ASP.NET
Resource Hash: 9f0a6c1b7751055b352a6fc70158bfa43d4587621b5e2b30a269bd036ded2880

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "1fef3fc5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:40 GMT
server: ECAcc (frc/8F04)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 100406

GET
H2 200 48.css
download.gamesrv1.com/secure/MWC/2021.08_405424/ 145 KB
33 KB 10ms
8ms Stylesheet
text/css 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/48.css
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA7) / ASP.NET
Resource Hash: 449693c548a52829666000defe81d2045a95856bba01b7358bf252b5ff5aa7d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "204e2eb5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:13 GMT
server: ECAcc (frc/8FA7)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 33761

GET
H2 200 app-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/appBl/ 803 KB
230 KB 11ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/appBl/app-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F93) / ASP.NET
Resource Hash: 7aca2cb481aa824b0d8f7d2131a1d5e3ccaa16aef807e7abe63fcf9a7b1a9b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
content-encoding: gzip
etag: "c5fd84b5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:14 GMT
server: ECAcc (frc/8F93)
age: 709600
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 235564

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 405ms
359ms Script
text/javascript 104.18.12.251
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.251 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
cf-ray: 69246da23a974e43-FRA
x-aspnet-version: 4.0.30319
content-length: 2729

GET
BLOB 200
OK 76684f53-be0f-4bac-b5c9-1588a9d378a4
https://www.valottery.com/ Frame C4AB 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/76684f53-be0f-4bac-b5c9-1588a9d378a4
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
BLOB 200
OK 762606e8-50bd-4c48-96d8-b0a3ae2a956f
https://www.valottery.com/ Frame C4AB 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/762606e8-50bd-4c48-96d8-b0a3ae2a956f
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/live_draw_show/index.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 7a5dbb27be9e4845b902647b334625da.m3u8 Show response
content.uplynk.com/channel/ Frame C4AB 2 KB
891 B 392ms
145ms XHR
application/vnd.apple.mpegurl 54.72.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da.m3u8

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

41eb27c98af122ef4f99ecf852b12a3b242e3f1d24b51a882b80ce9a97eff244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 03fc2df7dd4348cc82fa861149caf591
content-length: 573
x-content-type-options: nosniff

GET
H2 200 glyphicons-halflings-regular.woff
download.gamesrv1.com/secure/MWC/2021.08_405424/assets/base/fonts/ 23 KB
23 KB 24ms
7ms Font
font/x-woff 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/assets/base/fonts/glyphicons-halflings-regular.woff
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/48.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9D) / ASP.NET
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

Referer: https://download.gamesrv1.com/secure/MWC/2021.08_405424/48.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:46 GMT
etag: "e966a6b5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:14 GMT
server: ECAcc (frc/8E9D)
age: 712690
x-powered-by: ASP.NET
x-cache: HIT
content-type: font/x-woff
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 23320

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
463 B 45ms
14ms XHR
text/plain 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1732052-1&cid=2133082553.1632239207&jid=2106526788&gjid=1899242715&_gid=860029487.1632239207&_u=YGBAiEABBAAAAE~&z=1596149670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 21 Sep 2021 15:46:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
6ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1655034717&t=pageview&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F&ul=en-us&de=UTF-8&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=2106526788&gjid=1899242715&cid=2133082553.1632239207&tid=UA-1732052-1&_gid=860029487.1632239207&gtm=2wg9k0T3WQN9J&z=702671250

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 13:06:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 9597
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-J0YJNS3PS0&gtm=2oe9k0&_p=1655034717&sr=1600x1200&ul=en-us&cid=2133082553.1632239207&_s=1&dl=https%3A%2F%2Fwww.valottery.com%2F&dt=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&sid=1632239206&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J0YJNS3PS0&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.valottery.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

logo_dropdownnumberscards_p3fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P3Fireball.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

7 KB
8 KB

118ms
118ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:17:56 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P3Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7593
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p3fireball.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 225
x-xss-protection: 1; mode=block

GET
H2

200

megamillions_sm.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/MegaMillions_sm.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

12 KB
12 KB

116ms
115ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/megamillions_sm.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 20 Sep 2021 17:47:22 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="MegaMillions_sm.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 12351
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/megamillions_sm.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 204
x-xss-protection: 1; mode=block

GET
BLOB 200
OK de3cf49a-1062-40bd-b394-3c7a9142c7af
https://www.valottery.com/ Frame C4AB 23 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.valottery.com/de3cf49a-1062-40bd-b394-3c7a9142c7af
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length: 23533
Content-Type: application/javascript

GET
H3 200 509692809681502 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 142ms
135ms Script
application/x-javascript 185.60.216.19
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/509692809681502?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frx5.fbcdn.net

Software

Resource Hash

cf1e1e7b3e64f09203c702f451827ada9a4557bac5973e6368098e257b3dd73f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: jN/wkJG0EFWBdsg0/NNV90cuLSR2A6+Kgp4i3v5ipYiDG04ha1JvybzvuAu+GZgOcAPjRzRa/qsqTAuNEkJ/vw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 21 Sep 2021 15:46:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 mpathy-modern.js Show response
gateway.foresee.com/code/6.1.2-mp/ 81 KB
27 KB 23ms
7ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/6.1.2-mp/mpathy-modern.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 19 Sep 2021 16:39:20 GMT
content-encoding: gzip
age: 169646
x-cache: Hit from cloudfront
status: 200
content-length: 26751
access-control-allow-origin: *
last-modified: Thu, 18 Mar 2021 15:05:31 GMT
server: nginx/1.12.1
etag: W/"809a12b3d845af05b552212f8a272cee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: BXUOH027CVzWVsOoIrkbNUv2OQNlMUGiMybA9hmzYR4mGLqfvT7Bjg==
expires: Sun, 17 Oct 2021 16:39:20 GMT

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
2 KB 8ms
7ms Stylesheet
text/css 18.66.130.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.130.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 20 Sep 2021 19:51:19 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Age: 112456
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 21 Jul 2021 14:43:11 GMT
Server: cloudflare
ETag: W/"f064b7ba3e7ed71:0"
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Content-Type: text/css
Via: 1.1 6e8224d5f2990b031ca60a58f18ac909.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
CF-RAY: 68917ea11c3f4e8b-FRA
X-Amz-Cf-Id: xNbDodQTb7-04CQQQHj3wr_TEUUWzXfdv7pVdAHqgu_f2qb91f1vcQ==

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.14.5-fs/ 58 KB
19 KB 14ms
14ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.utils.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 20:47:46 GMT
content-encoding: gzip
age: 68341
x-cache: Hit from cloudfront
status: 200
content-length: 19338
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.12.1
etag: W/"20da4972d4302e2944463977d82cdf65"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: i5rHIlE76OfuLtO9IoAkCB5dtbRBE0foUnX2BtOQS4fzyPiggL20lA==
expires: Mon, 18 Oct 2021 20:47:46 GMT

GET
H2 200 fs.compress.js Show response
gateway.foresee.com/code/19.14.5-fs/ 31 KB
12 KB 15ms
14ms Script
application/javascript 143.204.98.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.14.5-fs/fs.compress.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/virginialottery/production/gateway.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-35.fra50.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 20 Sep 2021 21:23:11 GMT
content-encoding: gzip
age: 66215
x-cache: Hit from cloudfront
status: 200
content-length: 11641
access-control-allow-origin: *
last-modified: Mon, 07 Jun 2021 19:56:13 GMT
server: nginx/1.12.1
etag: W/"6f6ff76e4273c8dcc527c14eb8b24744"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA50-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: O8hEv2k_zFdhf7aJ2JtNMGREoLcAvLqO6Kknkj5V7z9y2vRs0jlTeg==
expires: Mon, 18 Oct 2021 21:23:11 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 52ms
31ms Image
image/gif 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1732052-1&cid=2133082553.1632239207&jid=2106526788&_u=YGBAiEABBAAAAE~&z=269678972

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
6528888.fls.doubleclick.net/ddm/fls/r/ Frame CDBE
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww...
https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2...

330 B
294 B

27ms
27ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Requested by

Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/activityi;dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 6528888.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://6528888.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:47 GMT
expires: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 269
x-xss-protection: 0
set-cookie: IDE=AHWqTUlxkwP6aQmWuE4iw0AitPsh0edRPCZlIQEVArj7lcLV-4nsoiDNT3bREnNsEXk; expires=Thu, 21-Sep-2023 15:46:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F Show response
8930728.fls.doubleclick.net/ddm/fls/r/ Frame 493F
Redirect Chain

https://adservice.google.com/ddm/fls/i/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valotte...
https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww....

2 KB
1 KB

36ms
36ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/activityi;dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8930728.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8930728.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:47 GMT
expires: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 1059
x-xss-protection: 0
set-cookie: IDE=AHWqTUmG5HildUDM2B4K-yvJ4w4mxzT1p1g4Md_1zktqPGmY8kZYyn9-t7EpNlAiAag; expires=Thu, 21-Sep-2023 15:46:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Sep 2021 15:46:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK image.aspx
77148.global.siteimproveanalytics.io/ 34 B
650 B 122ms
7ms Image
image/gif 18.194.150.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://77148.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.valottery.com%2F&title=Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers&res=1600x1200&accountid=77148&rt=2461&prev=8e5d9508-04d0-d42b-ff82-820dc56c9401&luid=f70fb396-b801-c2f9-3eb8-51985eb36729&rnd=37331
Requested by: Host: www.valottery.com
URL: https://www.valottery.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.150.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-150-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 15:46:47 GMT
Cache-Control: max-age=0, no-cache="set-cookie"
Expires: Tue, 21 Sep 2021 15:46:47 UTC
Connection: keep-alive
Content-Type: image/gif
Content-Length: 34
P3p: NOI OUR IND COM NAV INT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame CDBE 70 B
260 B 108ms
33ms Image
image/gif 34.247.115.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=d7dwi9z&ct=0:s2xb1ei&fmt=3
Requested by: Host: 6528888.fls.doubleclick.net
URL: https://6528888.fls.doubleclick.net/ddm/fls/r/dc_pre=CLqF6_C0kPMCFZbV1QodRIIISA;src=6528888;type=count0;cat=sitev03v;ord=1;num=8418091817981;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.115.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-115-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6528888.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

/
insight.adsrvr.org/track/pxl/ Frame 493F
Redirect Chain

https://action.dstillery.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://action.media6degrees.com/orbserv/nspix?adv=cl1005366&ns=3705&nc=Homepage&ncv=38&dstOrderId=[OrderId]&dstOrderAmount=[OrderAmount]
https://insight.adsrvr.org/track/pxl/?adv=8d79pb6&ct=0:k1onzat&fmt=3

70 B
260 B

31ms
31ms

Image
image/gif

34.247.115.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=8d79pb6&ct=0:k1onzat&fmt=3
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.115.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-115-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://insight.adsrvr.org/track/pxl/?adv=8d79pb6&ct=0:k1onzat&fmt=3
p3p: CP="COM NAV INT STA NID OUR IND NOI"
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 69246da6eb775363-FRA
content-length: 0

GET
H2 200 pixel.js Show response
a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/ Frame 493F 8 KB
2 KB 199ms
166ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe0a14026852753cbc7ecab44b4a530f1ce43c51f8c86cf746f81cfdd0b7e7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2003
x-function: 151
last-modified: Fri, 13 Aug 2021 06:35:37 GMT
server: cloudflare
x-reuse-index: 328
etag: 6424330678436827723
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=3600, private
cf-ray: 69246da4b8224e38-FRA
expires: Tue, 21 Sep 2021 16:46:47 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ Frame 493F 70 B
261 B 106ms
32ms Image
image/gif 34.247.115.39
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=k5obd07&ct=0:e9md8kf&fmt=3
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.115.39 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-115-39.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 493F 3 KB
4 KB 53ms
14ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Requested by

Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Fqbg6TODNwKbKnoxyooh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 940e8ba0-2d7e-0137-e23f-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ Frame 493F 3 KB
4 KB 62ms
23ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3100
x-request-id: Fqbg6TOJZ7aZbQ0xyopB
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sambaTag.js Show response
tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 493F 3 KB
3 KB 46ms
7ms Script
application/javascript 13.32.121.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-126.fra60.r.cloudfront.net
Software: /
Resource Hash: 6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 02:28:36 GMT
Via: 1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
Age: 47891
Transfer-Encoding: chunked
Access-Control-Allow-Methods: HEAD,OPTIONS,GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA60-P1
Access-Control-Allow-Headers: Content-Type, Authorization
X-Amz-Cf-Id: 4O_vJLpGABjBE49clfGEr1XJnsc1BbV6pOfC1t2Hwgxm2_pgRSYMWA==

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 22ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=PageView&dl=https%3A%2F%2Fwww.valottery.com%2F&rl=&if=false&ts=1632239207169&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1632239207168.1662686308&it=1632239206946&coo=false&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 21 Sep 2021 15:46:47 GMT

GET
H2 200 load Show response
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 493F 729 B
979 B 309ms
92ms XHR
application/json 34.192.56.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/load?sa_referrer=https%3A%2F%2F8930728.fls.doubleclick.net%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJnI7PC0kPMCFWQTBgAdwz8J-A%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D8091503310427%3Bgtm%3D2wg9k0%3Bauiddc%3D1742364717.1632239207%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F&c=1632239207172
Requested by: Host: tag.mtrcs.samba.tv
URL: https://tag.mtrcs.samba.tv/v3/tag/commonwealthOfVirginia/virginialottery-homepage/sambaTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.56.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-56-19.compute-1.amazonaws.com
Software: /
Resource Hash: 57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:47 GMT
access-control-allow-headers: Content-Type, Authorization
content-length: 729
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: application/json

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame C4AB 11 KB
839 B 560ms
524ms XHR
application/vnd.apple.mpegurl 54.72.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=08fbaab95bbd4ac98fc25e974b6e3a1b

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

22d85403f5752c49439053ae117baa993ec8f3541dce3b9170d41759478ec9b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 237d4ab6408d4734b950ba8d4019117e
content-length: 522
x-content-type-options: nosniff

GET
H2 200 displayAd.js Show response
s.tribalfusion.com/ Frame 493F 678 B
709 B 180ms
172ms Script
application/x-javascript 104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/displayAd.js?dver=0.8&th=7822345132
Requested by: Host: a.tribalfusion.com
URL: https://a.tribalfusion.com/pixel/tags/Virginia%20Lottery/769933/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b080a159f6062300b70010d1dde2b053196b6739af9cffa1cdf727a2a18b4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVo TAIa OUR BUS"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 332
x-function: 153
last-modified: Wed, 11 Aug 2021 04:08:51 GMT
server: cloudflare
x-reuse-index: 110
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: private
cf-ray: 69246da5da304e38-FRA
expires: Mon, 20 Dec 2021 15:46:47 GMT

GET
H2 200 p Show response
i.simpli.fi/ Frame 493F 752 B
1 KB 52ms
14ms Script
application/javascript 169.50.137.179
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=87665&cb=sifi_att_17963502272._hp

Requested by

Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/940e8ba0-2d7e-0137-e23f-06a9ed4ca31b?referer={{Page%20URL}}

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.179 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b3.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

3fcad31fc799b6116ec39fd5414820d200bedafa31a9bc8d7bcdf38f200432cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

bankamillion.ashx
www.valottery.com/-/media/val/images/winning-numbers/150x45/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/150x45/bankamillion.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

18 KB
19 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4d6af973b9ea670ac79c24c681f0e6cf4b6b680e32159d5ff04d1972f1f4b47e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/150x45/bankamillion.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 31 Jul 2017 13:35:24 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="bankamillion.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 18871
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/150x45/bankamillion.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 208
x-xss-protection: 1; mode=block

GET
H2

200

sync
simplifi.partners.tremorhub.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=589E08B160FD495EA407F15743CABF2E

43 B
183 B

338ms
105ms

Image
image/gif

34.199.218.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.218.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-218-203.compute-1.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://simplifi.partners.tremorhub.com/sync?UISF=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 493F
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E

95 B
426 B

24ms
24ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=589E08B160FD495EA407F15743CABF2E
date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/ Frame 493F
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=589E08B160FD495EA407F15743CABF2E
https://um.simpli.fi/aa_px?sk=164890603916000272081

43 B
409 B

15ms
15ms

Image
image/gif

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164890603916000272081

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Sep 2021 15:46:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://um.simpli.fi/aa_px?sk=164890603916000272081
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2 200 nexage
um.simpli.fi/ Frame 493F 43 B
409 B 63ms
13ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 493F
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=589E08B160FD495EA407F15743CABF2E

0
0

117ms
30ms

Image
text/html

18.66.173.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.173.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 493F 43 B
409 B 64ms
13ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2 200 freewheel
um.simpli.fi/ Frame 493F 43 B
409 B 14ms
11ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

451

398696.gif
idsync.rlcdn.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=589E08B160FD495EA407F15743CABF2E;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=589E08B160FD495EA407F15743CABF2E;mimetype=img;sr
https://idsync.rlcdn.com/398696.gif?partner_uid=-7291093971443891088

0
42 B

15ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-7291093971443891088
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:46 GMT
via: 1.1 google
server: Apache-Coyote/1.1
access-control-allow-origin: *
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://idsync.rlcdn.com/398696.gif?partner_uid=-7291093971443891088
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/ Frame 493F
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0&xl8blockcheck=1

0
751 B

38ms
38ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0&xl8blockcheck=1
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=589E08B160FD495EA407F15743CABF2E&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ Frame 493F 43 B
409 B 14ms
12ms Image
image/gif 169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H/1.1

204

sync
sync.bfmio.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=589E08B160FD495EA407F15743CABF2E

0
421 B

416ms
97ms

Image
text/plain

34.192.117.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.117.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-117-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 21 Sep 2021 15:46:46 GMT

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://sync.bfmio.com/sync?pid=141&uid=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/ Frame 493F
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=589E08B160FD495EA407F15743CABF2E

62 B
745 B

196ms
146ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 15:46:47 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 956f
Content-Type: image/gif

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://stags.bluekai.com/site/29931?id=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

200

tpid=589E08B160FD495EA407F15743CABF2E
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/ Frame 493F
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E

49 B
740 B

43ms
43ms

Image
image/gif

52.209.129.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.129.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.143
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=589E08B160FD495EA407F15743CABF2E
cache-control: no-cache
x-server: 10.45.1.206
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=589E08B160FD495EA407F15743CABF2E

0
348 B

82ms
13ms

Image
text/plain

216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:47 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://ce.lijit.com/merge?pid=2&3pid=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=589E08B160FD495EA407F15743CABF2E

0
66 B

31ms
14ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://idsync.rlcdn.com/419566.gif?partner_uid=589E08B160FD495EA407F15743CABF2E
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/1026675585/ Frame 493F
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1632239207368&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...

42 B
64 B

66ms
32ms

Image
image/gif

142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z_5JYaSFGciU-garjQI&cid=CAQSKQCNIrLMLuY_6YPBVev30LweWh9qzEoW0b0pPgnsCdu2I64prwZb8MOp&random=3518014972

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
location: https://www.google.com/pagead/1p-conversion/1026675585/?random=1477686008&cv=7&fst=1632239207368&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Z_5JYaSFGciU-garjQI&cid=CAQSKQCNIrLMLuY_6YPBVev30LweWh9qzEoW0b0pPgnsCdu2I64prwZb8MOp&random=3518014972
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E&__user_check__=1&sync_id=21075590-1af3-11ec-bde8-12c786060206

43 B
548 B

17ms
16ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E&__user_check__=1&sync_id=21075590-1af3-11ec-bde8-12c786060206
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 15:46:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 59
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 21 Sep 2021 15:46:47 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=589E08B160FD495EA407F15743CABF2E&__user_check__=1&sync_id=21075590-1af3-11ec-bde8-12c786060206
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 69
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=589E08B160FD495EA407F15743CABF2E
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D589E08B160FD495EA407F15743CABF2E

43 B
1 KB

81ms
81ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D589E08B160FD495EA407F15743CABF2E

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:47 GMT
X-Proxy-Origin: 216.131.114.186; 216.131.114.186; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 096a346f-4e3f-46aa-be1d-cff3feb7a01e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:47 GMT
X-Proxy-Origin: 216.131.114.186; 216.131.114.186; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 196c7bd7-d25d-4216-89af-74ccfb6dd7ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D589E08B160FD495EA407F15743CABF2E
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 493F
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=589E08B160FD495EA407F15743CABF2E&expires=365

0
239 B

30ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=589E08B160FD495EA407F15743CABF2E&expires=365
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
server: openresty
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=589E08B160FD495EA407F15743CABF2E&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 20 Sep 2021 15:46:47 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 493F
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=589E08B160FD495EA407F15743CABF2E
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=589E08B160FD495EA407F15743CABF2E

43 B
180 B

23ms
23ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=589E08B160FD495EA407F15743CABF2E
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=589E08B160FD495EA407F15743CABF2E
date: Tue, 21 Sep 2021 15:46:47 GMT
via: 1.1 google
server: OXGW/16.216.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

204

g_match
um.simpli.fi/ Frame 493F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEHDvD5mCXOjU_S_gLXRVM1k&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=589E08B160FD495EA407F15743CABF2E
https://um.simpli.fi/g_match?id=

0
320 B

12ms
12ms

Image
text/plain

169.50.137.190
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

be.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:47 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 20 Sep 2021 15:46:47 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 impression
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/ Frame 493F 0
214 B 327ms
109ms Image
text/plain 34.192.56.19
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage/impression?sa_referrer=https%3A%2F%2F8930728.fls.doubleclick.net%2F&sa_fullurl=https%3A%2F%2F8930728.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJnI7PC0kPMCFWQTBgAdwz8J-A%3Bsrc%3D8930728%3Btype%3Dpagev0%3Bcat%3Dvalot0%3Bord%3D8091503310427%3Bgtm%3D2wg9k0%3Bauiddc%3D1742364717.1632239207%3B~oref%3Dhttps%253A%252F%252Fwww.valottery.com%252F&c=1632239207172&
Requested by: Host: 8930728.fls.doubleclick.net
URL: https://8930728.fls.doubleclick.net/ddm/fls/r/dc_pre=CJnI7PC0kPMCFWQTBgAdwz8J-A;src=8930728;type=pagev0;cat=valot0;ord=8091503310427;gtm=2wg9k0;auiddc=1742364717.1632239207;~oref=https%3A%2F%2Fwww.valottery.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.56.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-192-56-19.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Sep 2021 15:46:47 GMT
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: HEAD,OPTIONS,GET

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 493F
Redirect Chain

https://s.tribalfusion.com/visitor?%7B%22tagKey%22%3A%222630619931%22%2C%22th%22%3A7822345132%2C%22version%22%3A%221.0%22%2C%22tKey%22%3A%22a4mneMmFfZd0s7XYVQ20cFyMdbbRWEHby%22%2C%22url%22%3A%22htt...
https://ib.adnxs.com/getuidu?https://a.tribalfusion.com/i.match?p=b26&u=$UID&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://a.tribalfusion.com/i.match?p=b26&u=7925486445016005058&redirect=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D305%26code%3D%24TF_USER_ID_ENC%24
https://ib.adnxs.com/setuid?entity=305&code=18072662189203670867

43 B
1 KB

20ms
19ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=305&code=18072662189203670867

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8930728.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:47 GMT
X-Proxy-Origin: 216.131.114.186; 216.131.114.186; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4a56c9cf-adcb-4880-a5cb-14ca0301235e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Sep 2021 15:46:47 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 154
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69246da83e3c96ce-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://ib.adnxs.com/setuid?entity=305&code=18072662189203670867
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

logo_dropdownnumberscards_p4fireball.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_DropdownNumbersCards_P4Fireball.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

8 KB
8 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 14:18:48 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_DropdownNumbersCards_P4Fireball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 7864
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_dropdownnumberscards_p4fireball.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 225
x-xss-protection: 1; mode=block

GET
H2

200

powerball.ashx
www.valottery.com/-/media/val/images/promos/logo/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Promos/Logo/Powerball.ashx
https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

6 KB
6 KB

116ms
116ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0da5449c35c4ceb45e7d54cf77ab873d4dca7ee6f866b934cb36a61fbf37176d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/promos/logo/powerball.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 13:27:18 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Powerball.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 6259
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:48 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/promos/logo/powerball.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 194
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 15ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=509692809681502&ev=Microdata&dl=https%3A%2F%2Fwww.valottery.com%2F&rl=&if=false&ts=1632239208673&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Virginia%20Lottery%20-%20Play%20Games%20and%20Check%20Winning%20Numbers%5Cn%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22Find%20a%20Virginia%20Lottery%20game%20you%20love!%20Play%20Online%20Instant%20Games%20or%20Mega%20Millions%2C%20Powerball%20or%20Cash4Life%C2%AE%20online!%20Enter%20eXTRA%20Chances%20or%202nd%20Chance%20promotions!%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1632239207168.1662686308&it=1632239206946&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.valottery.com
URL: https://www.valottery.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Tue, 21 Sep 2021 15:46:48 GMT

GET
H2 200 index.html Show response
download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame/ Frame 3E8D 172 B
363 B 10ms
9ms Document
text/html 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame/index.html
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F21) / ASP.NET
Resource Hash: 8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0

Request headers

:method: GET
:authority: download.gamesrv1.com
:scheme: https
:path: /secure/MWC/2021.08_405424//xd-local-storage-shared-frame/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.valottery.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
age: 712692
cache-control: public,max-age=31536000
content-type: text/html
date: Tue, 21 Sep 2021 15:46:48 GMT
etag: "41693c6c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:41 GMT
server: ECAcc (frc/8F21)
vary: Accept-Encoding
x-cache: HIT
x-powered-by: ASP.NET
x-robots-tag: noindex, nofollow
content-length: 234

GET
H2 200 xd-local-storage-shared-frame-loader.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424// Frame 3E8D 2 KB
1 KB 8ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame-loader.js
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F3F) / ASP.NET
Resource Hash: d9e53e72dd5b08e61f15b9bab370c87e422559ca17d1b7b581d9dd8d541c6054

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://download.gamesrv1.com/secure/MWC/2021.08_405424//xd-local-storage-shared-frame/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "2b3c7c6c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:41 GMT
server: ECAcc (frc/8F3F)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 1225

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 51ms
16ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246daf8ddf696a-FRA

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 58ms
23ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246daf89866993-FRA

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 48ms
13ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246daf8b6b4ee6-FRA

GET
H2 200 branding.css.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/ 40 KB
10 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/branding.css.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F40) / ASP.NET
Resource Hash: cd802ada5483975c7fbe5a83a76728935be929d249d9815aeadbe05a6a723d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "25c24b7c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:16 GMT
server: ECAcc (frc/8F40)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 9997

GET
H2 200 icons.css.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/ 15 KB
3 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/icons.css.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2B) / ASP.NET
Resource Hash: 59014bc8fc186f85e55f479a65c303932f6251d17682e68c1c42befb862c5a55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "abd73db7c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:17 GMT
server: ECAcc (frc/8F2B)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3046

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 120ms
120ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123b4b340c6fa59f9c9989d070ba079ab6763a90083d6011f23a36c0eb02e13f

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246daf9e15696a-FRA
Content-Length: 63

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 142ms
141ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f12ad07c1de11b68a813c4b8ae3e3c48b9522ace6b276993302fa325540ee517

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246dafa9c86993-FRA
Content-Length: 63

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 140ms
140ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9dc67d21b0889b829dabe88fdcaa804ec5a15431ba4150c4c942a47a9a3dd6e

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246daf9b8f4ee6-FRA
Content-Length: 63

GET
H2 200 regulation-va.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/regulationCustomization/regulation/ 7 KB
3 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/regulationCustomization/regulation/regulation-va.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9D) / ASP.NET
Resource Hash: 8d89a56943965f77c2712bad06fc0fe8e8e6ac99e26b31f51ab0deba786b25be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "998a8c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:40 GMT
server: ECAcc (frc/8E9D)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 3176

GET
H3 200 css Show response
fonts.googleapis.com/ 8 KB
729 B 48ms
24ms XHR
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 13:49:42 GMT
server: ESF
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 15:46:48 GMT

GET
H3 200 css
fonts.googleapis.com/ 8 KB
729 B 29ms
15ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700&subset=latin,latin-ext

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/appBl/app-bundle.js?v=2021.08_405424

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:23:09 GMT
server: ESF
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 15:46:48 GMT

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 49ms
27ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246daf8fbc4aa9-FRA

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 151ms
151ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d22abd2f58b583f200e455877ab7534a9bbce09637f52a06fbe5ae5faf3b42e

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246dafa8114aa9-FRA
Content-Length: 63

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
62 KB 56ms
55ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T3WQN9J

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

48c06ff706f206ff67adf1a566c0e3588548c0af9ce773dfe52adfed4fc855be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63856
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 21 Sep 2021 15:46:48 GMT

GET
H2 200 login-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/login/ 32 KB
11 KB 11ms
11ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/login/login-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F70) / ASP.NET
Resource Hash: 3f03c4e6df1caeb3b0f4a8a3b7489a35fe849f971fdc8d2da85f4cfebb06b72c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "70f42dc3c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:37 GMT
server: ECAcc (frc/8F70)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 11103

GET
H2 200 base-bundle-uxt-2~8ef0ea5e.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/account/account-bundle~modules/base/base-bundle-uxt-1~modules/base/ 126 KB
51 KB 12ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/account/account-bundle~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~8ef0ea5e.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1A) / ASP.NET
Resource Hash: 46dcd955191441bd16d9d8f7aa1c293c087f794be8e44699b44a9d741ecbb856

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "229262c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:40 GMT
server: ECAcc (frc/8F1A)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 51757

GET
H2 200 base-bundle-uxt-3~6be9331b.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 173 KB
85 KB 13ms
12ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3~6be9331b.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F04) / ASP.NET
Resource Hash: 27c186362b4748382af220d0620dc2683387fd5b8e879fa9fff9b1a54bca70bd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "40a492c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:41 GMT
server: ECAcc (frc/8F04)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 86657

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 294 KB
106 KB 14ms
14ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6F) / ASP.NET
Resource Hash: ed98acadca2bcaa151ef47ebee2475cb789df2d05eab6500ee8dfccd38c80e31

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "28e486c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:41 GMT
server: ECAcc (frc/8F6F)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 108855

GET
H2 200 base-bundle-uxt-3.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/ 146 KB
47 KB 17ms
16ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/base/base-bundle-uxt-1~modules/base/base-bundle-uxt-2~modules/base/base-bundle-uxt-3.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA6) / ASP.NET
Resource Hash: 8187840fc5a6c27689812bba0ec6c174524981edb339682f967e7d80fc0e12d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "71a837c2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:35 GMT
server: ECAcc (frc/8EA6)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 47816

GET
H2 200 base-bundle-uxt-1.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/base/ 2 KB
939 B 8ms
8ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/base/base-bundle-uxt-1.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FED) / ASP.NET
Resource Hash: bb1a0967e43d7d6099eccb7b896931e3dee2dfbdf6a38ef9a8e143413ca5ca10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:48 GMT
content-encoding: gzip
etag: "ca242bc2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:35 GMT
server: ECAcc (frc/8FED)
age: 712692
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 840

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
808 B 109ms
109ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENG&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=2nl6ybc8uvj49ubp&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

43bc5dd20184cd4936522688ea3f2f575bfdb1e824208aabd25b57173b021538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 357
Date: Tue, 21 Sep 2021 15:46:48 GMT
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 580ms
100ms Preflight 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Tue, 21 Sep 2021 15:46:48 GMT

GET
H2

200

logo_c5-ezmatch-229x95.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/logo_C5-EZMatch-229x95.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

17 KB
17 KB

120ms
120ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d7f3a550a9946103f8ec640689863b6b989bc874fbf4a5d77db7e2b6231125b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _4c_=%7B%22_4c_s_%22%3A%22q1Yqz0jNU7IyNDM2MjK2NDIwNzAx1VHKTq0sVrKqrq0FAA%3D%3D%22%7D; _fbp=fb.1.1632239207168.1662686308; mpt_rate_comparator_50033=26.849681594529496|1634831208806; mpt_vid=163223920880781780|1695311208807
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Tue, 27 Oct 2020 02:05:39 GMT
server
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="logo_C5-EZMatch-229x95.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 17542
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:49 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/logo_c5-ezmatch-229x95.ashx
date: Tue, 21 Sep 2021 15:46:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 211
x-xss-protection: 1; mode=block

GET
H2

200

cash4life.ashx
www.valottery.com/-/media/val/images/winning-numbers/
Redirect Chain

https://www.valottery.com/-/media/VAL/Images/Winning-Numbers/Cash4Life.ashx
https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

4 KB
5 KB

114ms
114ms

Image
image/png

52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b400dd5fcb38c85929561997154146554b2150314a0a9c2f4cb54215cd44fd13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /-/media/val/images/winning-numbers/cash4life.ashx
pragma: no-cache
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _fbp=fb.1.1632239207168.1662686308; mpt_rate_comparator_50033=26.849681594529496|1634831208806; mpt_vid=163223920880781780|1695311208807; _4c_=%7B%22_4c_s_%22%3A%22dVJdj9MwEPwrlp%2BbyrHz2bfQEwhET0cBwVvlONvGShpHjmkoVf47duv0jkrkxbszO%2BuRMxc81tDhVZgwSllOSU6ibIEbOA94dcFaVu444RWGMhFRlJBAsLwKojgsgzyN0wBSlqU5CfMKKF7g325XREgYU5KSOJkWWPR%2BxwULVYHdFebLMFrGwX6wCvPHIsQWvVbVL2F25ty7oRFKNFSNJSo4SQG7UVamduqEkFe0BnmojYPpDe61a2w1yq5S46PMo4%2ByUqtxACdd11odAeXMosq%2BAv5xVTirGvag9XXKdoM0zueJt8oY0OelUEcP2%2FdzjNQH2cmZt9wGDnwj21aqzm1%2BttCLGkGXvG19v%2BZDHc%2BcFE30pma%2B%2Fio0N6IGPS95X3yZyy0YLturR9c%2BaT6iD%2FwIMw8%2Fv20LtK55J%2B6Y49FWWfuvHlCEPss9eOQd7xpUIO99tqRlZ55fWn6e71aW7g7oExdNr4xHN6q0hlDR9%2F8Cb4T9yf%2BzVgneukttKK2vYvf945PtaMgYyWgcs%2BU9qSmefNwYZTROSEYSauNk7EtmLoL2m26rr%2BkL79M0CokLZ%2B6nw2wevqUggO7%2FqoQ8qKbpLw%3D%3D%22%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
last-modified: Wed, 18 Oct 2017 14:02:36 GMT
server
date: Tue, 21 Sep 2021 15:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=604800
content-disposition: inline; filename="Cash4Life.png"
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4517
x-xss-protection: 1; mode=block
expires: Tue, 28 Sep 2021 15:46:49 GMT

Redirect headers

content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
location: https://www.valottery.com/-/media/val/images/winning-numbers/cash4life.ashx
date: Tue, 21 Sep 2021 15:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000
content-length: 198
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 132ms
132ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0957d465805a42df08ddcbc001357a2011b5ac727443d9f616ce8e7185d9ed4e

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246db3e8514aa9-FRA
Content-Length: 63

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 18ms
18ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:49 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246db3c81c4aa9-FRA

GET
H2 200 Lang_ENU.json Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/assets/lang/124/ 267 KB
77 KB 7ms
7ms XHR
application/json 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/assets/lang/124/Lang_ENU.json?bid=405424
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/appBl/app-bundle.js?v=2021.08_405424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1D) / ASP.NET
Resource Hash: eca930c8da6be0645f990507be73423312922017792ee0feb1202a02dee324c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "4a3f92c1c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:34 GMT
server: ECAcc (frc/8F1D)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 78833

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/cart/ 38 KB
14 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~modules/cart/cart-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1D) / ASP.NET
Resource Hash: 773320fabeee0f1678a36b01b2da70490e05358c5f68165d1489b2e3711c0663

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "c0be98c5c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:41 GMT
server: ECAcc (frc/8F1D)
age: 709592
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 14607

GET
H2 200 cart-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/cart/ 195 KB
61 KB 11ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/cart/cart-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F75) / ASP.NET
Resource Hash: 0f0d58ec2ad789719c4016df46800cb54c5b3b4de1ec799dccdb9840bbf18b44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "e25854c2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:35 GMT
server: ECAcc (frc/8F75)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 62053

GET
H2 200 dbg-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/dbg/ 60 KB
20 KB 8ms
8ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/dbg/dbg-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F77) / ASP.NET
Resource Hash: 23c8e4cf7e80d9e773b5306c27e4d1b2962e92b78fdd08effcf6130336286317

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "646ea8c2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:36 GMT
server: ECAcc (frc/8F77)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 20640

GET
H2 200 bonuses-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/bonuses/ 58 KB
19 KB 9ms
9ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/bonuses/bonuses-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA7) / ASP.NET
Resource Hash: 924f460d7d9064f84b9de164b6ebeb2d424a825a228779d70323a42922449681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "49b643c2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:35 GMT
server: ECAcc (frc/8EA7)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 19439

GET
H2 200 46.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/ 48 KB
15 KB 7ms
7ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/46.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F08) / ASP.NET
Resource Hash: 75ade42c26455e59825877538af1bc5dc8fc7c6d9890e4a2633f2092b12226ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "cedcfcb4c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:13 GMT
server: ECAcc (frc/8F08)
age: 712691
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 15145

GET
H2 200 dbg-game-bundle.js Show response
download.gamesrv1.com/secure/MWC/2021.08_405424/modules/dbg-game/ 221 KB
66 KB 10ms
10ms Script
application/javascript 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/modules/dbg-game/dbg-game-bundle.js?v=2021.08_405424
Requested by: Host: gamesrv1.valottery.com
URL: https://gamesrv1.valottery.com/MWC/mwc-app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F20) / ASP.NET
Resource Hash: 361782169dabcae9c33cb5d2c1633e867a438a15f1a9f9ea3f33725a7799e202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:49 GMT
content-encoding: gzip
etag: "1993bcc2c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:36 GMT
server: ECAcc (frc/8F20)
age: 709591
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 67485

GET
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 51 KB
10 KB 144ms
144ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012&cm=GGL&rst=j&uniqueNoCache=1632239209651

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

7fa6d6ec9adbacabd7d5bbf6bb74e7e11944b860647a497b2cc733a088179cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 9760
Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:48 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 99ms
99ms Preflight 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=cpw9tfpygmpcj05n&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012

Protocol

HTTP/1.1

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Tue, 21 Sep 2021 15:46:48 GMT

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 352 B
809 B 111ms
111ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

958c40cbfd5b98a23766c15c294ac1f5c650f64f1ee17e235978851017fef65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 358
Date: Tue, 21 Sep 2021 15:46:49 GMT
Expires: -1

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame C4AB 11 KB
848 B 569ms
569ms XHR
application/vnd.apple.mpegurl 54.72.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=08fbaab95bbd4ac98fc25e974b6e3a1b

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3dbe736ee3b0157cea51379631c5bbc31c58925a75028619d7ef9c161d7e2ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:50 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: 237d4ab6408d4734b950ba8d4019117e
content-length: 531
x-content-type-options: nosniff

OPTIONS
H/1.1 200
OK /
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ Frame 0
0 100ms
100ms Preflight 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/api/v1/TICKER/ns/124/?ReqData=G&OCBW=true&LNG=ENU&IUA=neow&AFI=&PAR=&GCLID=&AR=&MMI=&CurrencyCode=USD&GameVerticalID=&pn=Initialize&rnd=b2011jxdai55epr4&KA=0&PlayMode=D&PlatformType=W&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012

Protocol

HTTP/1.1

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: private
Content-Length: 0
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST,GET
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Access-Control-Max-Age: 1728000
X-Powered-By: ASP.NET
Strict-Transport-Security: max-age=31536000
Date: Tue, 21 Sep 2021 15:46:48 GMT

POST
H/1.1 200
OK / Show response
gamesrv1.valottery.com/api/v1/TICKER/ns/124/ 18 KB
4 KB 109ms
109ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

7910c9b395bcc4144511a5d5b7cc5d976cb4a9b9cdb42127df18fd48f69b51d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Content-Length: 3560
Date: Tue, 21 Sep 2021 15:46:49 GMT
Expires: -1

OPTIONS
H/1.1 200
OK events
insights-collector.newrelic.com/v1/accounts/1418688/ Frame 0
0 20ms
19ms Preflight
application/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Protocol: HTTP/1.1
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-insert-key
Origin: https://www.valottery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 21 Sep 2021 15:46:50 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-insert-key
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, OPTIONS
Access-Control-Max-Age: 86400
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69246db909184aa9-FRA

GET
H2 200 preloader.gif
download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/ 49 KB
49 KB 10ms
10ms Image
image/gif 93.184.221.168
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/assets/branded/124/preloader.gif?bid=405424
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.168 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F2F) / ASP.NET
Resource Hash: f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:50 GMT
etag: "cf955b7c2a7d71:0"
last-modified: Sun, 12 Sep 2021 10:41:17 GMT
server: ECAcc (frc/8F2F)
age: 712672
x-powered-by: ASP.NET
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 50456

POST
H/1.1 200
OK events Show response
insights-collector.newrelic.com/v1/accounts/1418688/ 63 B
559 B 494ms
494ms XHR
text/json 162.247.243.148
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://insights-collector.newrelic.com/v1/accounts/1418688/events
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/vendors~appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.148 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766bc1f8be1ed8b6010ffc8a597620a514e57716ad60dc00f166ad9c22b4b165

Request headers

Referer: https://www.valottery.com/
X-Insert-Key: I_iqVhUhNbRonpaLFe_F3aqICrZd3iur
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 21 Sep 2021 15:46:50 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 69246db929614aa9-FRA
Content-Length: 63

POST
H2 200 updatesessionuser Show response
www.valottery.com/api/v1/ 85 B
205 B 121ms
120ms XHR
application/json 52.168.86.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.valottery.com/api/v1/updatesessionuser

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/jscript/app.bundle.js?cachebuster=20210712

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.168.86.34 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.valottery.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: ASP.NET_SessionId=gsnzuwbehd4wqvrkhv5sonsg; SC_ANALYTICS_GLOBAL_COOKIE=d4c3c91299614a7da8e7a321d01f88e3|False; ShowVALAlert=winningNumbers; UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _fbp=fb.1.1632239207168.1662686308; mpt_rate_comparator_50033=26.849681594529496|1634831208806; mpt_vid=163223920880781780|1695311208807; _4c_=%7B%22_4c_s_%22%3A%22dVJdj9MwEPwrlp%2BbyrHz2bfQEwhET0cBwVvlONvGShpHjmkoVf47duv0jkrkxbszO%2BuRMxc81tDhVZgwSllOSU6ibIEbOA94dcFaVu444RWGMhFRlJBAsLwKojgsgzyN0wBSlqU5CfMKKF7g325XREgYU5KSOJkWWPR%2BxwULVYHdFebLMFrGwX6wCvPHIsQWvVbVL2F25ty7oRFKNFSNJSo4SQG7UVamduqEkFe0BnmojYPpDe61a2w1yq5S46PMo4%2ByUqtxACdd11odAeXMosq%2BAv5xVTirGvag9XXKdoM0zueJt8oY0OelUEcP2%2FdzjNQH2cmZt9wGDnwj21aqzm1%2BttCLGkGXvG19v%2BZDHc%2BcFE30pma%2B%2Fio0N6IGPS95X3yZyy0YLturR9c%2BaT6iD%2FwIMw8%2Fv20LtK55J%2B6Y49FWWfuvHlCEPss9eOQd7xpUIO99tqRlZ55fWn6e71aW7g7oExdNr4xHN6q0hlDR9%2F8Cb4T9yf%2BzVgneukttKK2vYvf945PtaMgYyWgcs%2BU9qSmefNwYZTROSEYSauNk7EtmLoL2m26rr%2BkL79M0CokLZ%2B6nw2wevqUggO7%2FqoQ8qKbpLw%3D%3D%22%7D
content-length: 23
:path: /api/v1/updatesessionuser
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.valottery.com
referer: https://www.valottery.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.valottery.com/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server
date: Tue, 21 Sep 2021 15:46:50 GMT
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=31536000
content-length: 85
x-xss-protection: 1; mode=block
expires: -1

POST
H/1.1 200
OK sapi.aspx Show response
gamesrv1.valottery.com/ScratchCards/ 4 KB
3 KB 139ms
139ms XHR
application/json 8.43.82.17
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesrv1.valottery.com/ScratchCards/sapi.aspx?CSI=124&IUA=neow&LNG=ENU&PlayMode=M&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012&cm=GCL&rst=j

Requested by

Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/435.js?v=2021.08_405424

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

8.43.82.17 , United States, ASN394729 (NPIASN, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.valottery.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Content-Length: 2563
Pragma: no-cache
Date: Tue, 21 Sep 2021 15:46:49 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: POST,GET
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.valottery.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With,X-Prototype-Version,Content-Type,Cache-Control,Pragma,Origin
Expires: -1

GET
H/1.1 200
OK visit.aspx Show response
info.valottery.com/ Frame 385B 247 B
374 B 597ms
108ms Document
text/html 8.43.83.18
NPIASN

General

Check archive.org

Show headers Download Go to

Full URL: https://info.valottery.com/visit.aspx?BrandID=124&Language=ENU&Currency=USD&Platform=W&IsGameStandaloneMode=false&UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012
Requested by: Host: download.gamesrv1.com
URL: https://download.gamesrv1.com/secure/MWC/2021.08_405424/appBl/app-bundle.js?v=2021.08_405424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 8.43.83.18 , United States, ASN394729 (NPIASN, US),
Reverse DNS
Software: /
Resource Hash: bb548e3aa3c3b942b8313c29796e15ef8006363bb1e62778fd78f6bff87a1d5a

Request headers

Host: info.valottery.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.valottery.com/
Accept-Encoding: gzip, deflate, br
Cookie: UniqueDeviceId=548a977c-a64f-4099-b4bd-fd7a4a070012; _gcl_au=1.1.1742364717.1632239207; _gid=GA1.2.860029487.1632239207; _dc_gtm_UA-1732052-1=1; _ga_J0YJNS3PS0=GS1.1.1632239206.1.0.1632239206.0; _ga=GA1.1.2133082553.1632239207; ltkpopup-session-depth=1-2; GSIDhDU7VeqGarZm=98412cab-a209-48dc-85a5-01512bde923c; nmstat=8e5d9508-04d0-d42b-ff82-820dc56c9401; _fbp=fb.1.1632239207168.1662686308; mpt_rate_comparator_50033=26.849681594529496|1634831208806; mpt_vid=163223920880781780|1695311208807; _4c_=%7B%22_4c_s_%22%3A%22dVJdj9MwEPwrlp%2BbyrHz2bfQEwhET0cBwVvlONvGShpHjmkoVf47duv0jkrkxbszO%2BuRMxc81tDhVZgwSllOSU6ibIEbOA94dcFaVu444RWGMhFRlJBAsLwKojgsgzyN0wBSlqU5CfMKKF7g325XREgYU5KSOJkWWPR%2BxwULVYHdFebLMFrGwX6wCvPHIsQWvVbVL2F25ty7oRFKNFSNJSo4SQG7UVamduqEkFe0BnmojYPpDe61a2w1yq5S46PMo4%2ByUqtxACdd11odAeXMosq%2BAv5xVTirGvag9XXKdoM0zueJt8oY0OelUEcP2%2FdzjNQH2cmZt9wGDnwj21aqzm1%2BttCLGkGXvG19v%2BZDHc%2BcFE30pma%2B%2Fio0N6IGPS95X3yZyy0YLturR9c%2BaT6iD%2FwIMw8%2Fv20LtK55J%2B6Y49FWWfuvHlCEPss9eOQd7xpUIO99tqRlZ55fWn6e71aW7g7oExdNr4xHN6q0hlDR9%2F8Cb4T9yf%2BzVgneukttKK2vYvf945PtaMgYyWgcs%2BU9qSmefNwYZTROSEYSauNk7EtmLoL2m26rr%2BkL79M0CokLZ%2B6nw2wevqUggO7%2FqoQ8qKbpLw%3D%3D%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/

Response headers

Cache-Control: no-cache
Connection: close
Content-Type: text/html
Pragma: no-cache
Content-Length: 247

GET
H3 200 css
fonts.googleapis.com/ 4 KB
529 B 15ms
15ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f10.1e100.net

Software

ESF /

Resource Hash

44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 14:11:07 GMT
server: ESF
date: Tue, 21 Sep 2021 15:46:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Sep 2021 15:46:52 GMT

GET
H2 200 fontawesomev5.min.css
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 418 B
623 B 62ms
11ms Stylesheet
text/css 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6763) /
Resource Hash: e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:52 GMT
last-modified: Thu, 08 Feb 2018 20:17:05 GMT
server: ECS (frb/6763)
age: 54581
etag: "516682c919a1d31:0"
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 418

GET
H2 200 BannerBlue_Popup.jpg
videocdn.valottery.com/listrak/ 10 KB
10 KB 246ms
17ms Image
image/jpeg 13.107.213.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://videocdn.valottery.com/listrak/BannerBlue_Popup.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.213.45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 21 Sep 2021 15:46:51 GMT
last-modified: Fri, 08 Jan 2021 16:19:57 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: yznYqEEGhqD80LO4EpR7Zw==
etag: 0x8D8B3F13DDB83E6
x-azure-ref: 0bP5JYQAAAADry3ICv2oUTJIdiKPxNI3CUFJHMDFFREdFMDYwOAA3YTQyN2UzZS1mY2UxLTQ1ZjgtODEzOS03ZDEwZWJiYTZkZTE=
x-cache: TCP_HIT
content-type: image/jpeg
x-ms-request-id: 47779961-601e-002a-730f-aeb1b6000000
x-ms-version: 2009-09-19
x-azure-ref-originshield: 0GYZIYQAAAADgUSmSmKrXSJZxjQUj3sUyTE9OMjFFREdFMTUwOQA3YTQyN2UzZS1mY2UxLTQ1ZjgtODEzOS03ZDEwZWJiYTZkZTE=
content-length: 9866

GET
H2 200 Gotham-Book.woff2
mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/ 19 KB
20 KB 38ms
10ms Font
application/font-woff2 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/9391/Shared/2018/Fonts/Gotham/Gotham-Book.woff2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A8) /
Resource Hash: 1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2

Request headers

Referer: https://www.valottery.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:52 GMT
last-modified: Tue, 02 Jan 2018 15:15:39 GMT
server: ECS (frb/67A8)
age: 4623
etag: "ba5d7f8cdc83d31:0"
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 19832

GET
H2 200 ModalImpression.ashx Show response
m1.listrakbi.com/ 103 B
544 B 541ms
515ms Script
application/javascript 104.18.7.244
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m1.listrakbi.com/ModalImpression.ashx?callback=ltkCallback4660&t=impression&ctid=hDU7VeqGarZm&globalSessionUID=98412cab-a209-48dc-85a5-01512bde923c&mid=d9f118bf-8a80-4592-96b1-112433f8cbe7
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=hDU7VeqGarZm&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.7.244 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ac5d45efc86258df1746c39f11dd677f5b16b306c2fd3f51a40558ab96b22679

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:52 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69246dc39a985b5c-FRA
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: private
content-type: application/javascript; charset=utf-8

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
6ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 22:04:31 GMT
x-content-type-options: nosniff
age: 495741
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Sep 2022 22:04:31 GMT

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 8ms
8ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:53:27 GMT
x-content-type-options: nosniff
age: 384805
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7776
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Sep 2022 04:53:27 GMT

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:13:09 GMT
x-content-type-options: nosniff
age: 41623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:13:09 GMT

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 8 KB
8 KB 7ms
7ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,500,600,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 12:19:14 GMT
x-content-type-options: nosniff
age: 358058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7832
x-xss-protection: 0
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 17 Sep 2022 12:19:14 GMT

GET
H2 200 FontAwesome-v-5-Custom.ttf
mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/ 41 KB
42 KB 6ms
6ms Font
application/octet-stream 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/FontAwesome-v-5-Custom.ttf
Requested by: Host: mediacdn.espssl.com
URL: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9

Request headers

Referer: https://mediacdn.espssl.com/1/Shared/Templates/Popup/Fonts/fontawesomev5.min.css
Origin: https://www.valottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:52 GMT
last-modified: Thu, 08 Feb 2018 20:14:37 GMT
server: ECS (frb/67D3)
age: 47933
etag: "572f797119a1d31:0"
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 42456

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame C4AB 11 KB
852 B 620ms
619ms XHR
application/vnd.apple.mpegurl 54.72.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=08fbaab95bbd4ac98fc25e974b6e3a1b

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

a974b154af0c7cd942a9a6e359705c15ac5c17c7f6f056400b2c40269fdf95c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:53 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: a1a26a4566cc413481770d409c638d37
content-length: 535
x-content-type-options: nosniff

GET
H2 200 a.m3u8 Show response
content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/ Frame C4AB 11 KB
850 B 37ms
37ms XHR
application/vnd.apple.mpegurl 54.72.92.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://content-aeui1.uplynk.com/channel/7a5dbb27be9e4845b902647b334625da/a.m3u8?pbs=08fbaab95bbd4ac98fc25e974b6e3a1b

Requested by

Host: cdn.valottery.com
URL: https://cdn.valottery.com/live-draw-show/video.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.72.92.6 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-92-6.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

abcaf0db0845629877cd4a1a2278bfbd29992e0b90c179710a73bdba07a2809a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.valottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 15:46:54 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-services: a1a26a4566cc413481770d409c638d37
content-length: 533
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pixel.mtrcs.samba.tv/v2/tag/commonwealthOfVirginia/virginialottery-homepage	1970-01-20 06:52:47	Name: sambapxid Value: e2f7c10526d3be2c
.listrakbi.com/hDU7VeqGarZm	1970-01-23 13:02:52	Name: gsid Value: IZN7sdhLTby1LbJhzBLA%2fa%2fkr5VPrzpd8fb1LYCRDvPjJCYxmW73qizgAndTd%2fr3O9sBjs%2fmRn8%3d
www.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: gsnzuwbehd4wqvrkhv5sonsg
www.valottery.com/	1970-01-23 12:59:59	Name: SC_ANALYTICS_GLOBAL_COOKIE Value: d4c3c91299614a7da8e7a321d01f88e3\|False
www.valottery.com/	1970-02-25 09:58:32	Name: ShowVALAlert Value: winningNumbers
.valottery.com/	1970-01-20 06:09:35	Name: UniqueDeviceId Value: 548a977c-a64f-4099-b4bd-fd7a4a070012
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: m4nnxay4rzm4w1joawaxmxib
gamesrv1.valottery.com/	1969-12-31 23:59:59	Name: TS01f5bd3b Value: 010eeb971297cde9372595e2685ddcbb93ec927c14b36a607ef4caee220c0c5cd1acaf062b033527437327a670659dd0ec3be889712077f7a924db645c99ea1a9779ed75c2
.valottery.com/	1970-01-19 23:33:35	Name: _gcl_au Value: 1.1.1742364717.1632239207
s1.listrakbi.com/	1970-01-19 21:34:04	Name: AWSALBCORS Value: AZpvCmd8d96Jx/Y0pRqry07IcIJKM/J/0wGsNtLPz7017s7vG5AzeBb1jmlixJ2DFJfGBWTgps6Ewu413mcvb4yJDN+eyOZBmWCdcDu6GDSYIpq6rBAUMZj5emhH
.listrakbi.com/	1970-01-19 23:33:35	Name: usid Value: 0214161b72484525a64b0faca0237b42
.valottery.com/	1970-01-19 21:25:25	Name: _gid Value: GA1.2.860029487.1632239207
.valottery.com/	1970-01-19 21:23:59	Name: _dc_gtm_UA-1732052-1 Value: 1
.valottery.com/	1970-01-20 14:55:11	Name: _ga_J0YJNS3PS0 Value: GS1.1.1632239206.1.0.1632239206.0
.valottery.com/	1970-01-20 14:55:11	Name: _ga Value: GA1.1.2133082553.1632239207
.valottery.com/	1969-12-31 23:59:59	Name: ltkpopup-session-depth Value: 1-2
.valottery.com/	1970-01-23 13:02:52	Name: GSIDhDU7VeqGarZm Value: 98412cab-a209-48dc-85a5-01512bde923c
.valottery.com/	1970-01-20 21:23:59	Name: nmstat Value: 8e5d9508-04d0-d42b-ff82-820dc56c9401
.doubleclick.net/	1970-01-20 14:55:11	Name: IDE Value: AHWqTUmG5HildUDM2B4K-yvJ4w4mxzT1p1g4Md_1zktqPGmY8kZYyn9-t7EpNlAiAag
77148.global.siteimproveanalytics.io/	1969-12-31 23:59:59	Name: AWSELBCORS Value: 1981F7471278D2E5200322457FFB222DB8AF541B057095385CB5B7C14B792926FCB43A208BB8B164D723AAF47F25263754445DC5F573EAEF3568C7163C04CBE82B9BF19D6C
.valottery.com/	1970-01-19 23:33:35	Name: _fbp Value: fb.1.1632239207168.1662686308
.simpli.fi/	1970-01-20 06:11:01	Name: suid Value: 589E08B160FD495EA407F15743CABF2E
.simpli.fi/	1970-01-19 21:34:04	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-19 22:50:23	Name: TapAd_TS Value: 1632239207498
.tapad.com/	1970-01-19 22:50:23	Name: TapAd_DID Value: 095b1596-f30b-47ac-84e9-f5eb0b6f98e5
.agkn.com/	1970-01-20 06:09:35	Name: ab Value: 0001%3Axa4KwsZXWbsNoUpEA4mJNnd3goBxGCtg
.openx.net/	1970-01-20 06:09:35	Name: i Value: fbfcee28-4d85-46e4-a265-b97677abaf6e\|1632239207
.adnxs.com/	1970-01-19 23:33:35	Name: uuid2 Value: 7925486445016005058
.spotxchange.com/	1970-01-20 06:09:39	Name: audience Value: 21075541-1af3-11ec-bde8-12c786060206
.pro-market.net/	1970-01-20 01:43:11	Name: anProfile Value: "-1je713uchyqhc+1+1f=1+1g=1+1j=41+rs=s+rt=D88372BA+s2=(qzsjtz)+vm=24-589E08B160FD495EA407F15743CABF2E"
.pro-market.net/	1970-01-19 22:07:11	Name: anHistory Value: "-1je713uchyqhc+2+!#7%/$z!T.K"
.tapad.com/	1970-01-19 22:50:23	Name: TapAd_3WAY_SYNCS Value:
.exelator.com/	1970-01-20 00:16:47	Name: EE Value: "6573f624fe07b95bef1357e75de5b9cf"
.exelator.com/	1970-01-20 00:16:47	Name: ud Value: "eJxrXxzq6XKLQcHM1Nw4zczIJC3VwDzJ0jQpNc3Q2NQ81dw0JdU0yTI5bXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ4SX5RZvoiF9fFRSlpDItKik8F72NpBQCNfyn4"
.crwdcntrl.net/	1970-01-20 03:52:44	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:52:44	Name: _cc_id Value: 43dfdb1fa1469686ddc0a3a659d30e40
.crwdcntrl.net/	1970-01-20 03:52:47	Name: _cc_cc Value: "ACZ4XmNQMDFOSUtJMkxLNDQxszSzMEtJSTZINE40M7VMMTZINTFgAIJEz3%2FpIBoKAGOeCxs%3D"
.crwdcntrl.net/	1970-01-20 03:52:47	Name: _cc_aud Value: "ABR4XmNgYGBI9PyXDqSgAAAZagIQ"
.bluekai.com/	1970-01-20 01:43:11	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 01:43:11	Name: bkpa Value: KJpEnXTLu5DlLgx6BgEwEnWN+qO6BqOy1Mxpzc1hLEHN5Exh1czpBeDl1Ujt5c/pzQD9J8Xn3y==
.bluekai.com/	1970-01-20 01:43:11	Name: bku Value: blx99s4IuVcBFo6M
.media6degrees.com/	1970-01-20 01:43:11	Name: clid Value: 2qzsjtz01171aefikptnld6s000000017c011301901
.media6degrees.com/	1970-01-20 01:43:11	Name: sglst Value: 445d008r01g4n4ame
.media6degrees.com/	1970-01-20 01:43:11	Name: acs Value: 014020i0j0k1qzsjtzxzt10xzt10xzt10
.bfmio.com/	1970-01-20 06:09:35	Name: __141_cid Value: 589E08B160FD495EA407F15743CABF2E
.bfmio.com/	1970-01-20 06:09:35	Name: __io_cid Value: 71ec904bf764331d6d9f43c282dd5e882ad0df7d
.tribalfusion.com/	1970-01-19 23:33:35	Name: ANON_ID Value: a7ntAZcwyEodpuMNpbZaFuE0GNZbhumk0e98A6Gj03q3c6woY2Tdo2xNm2EpjTN7rZaSW6bZb8eZd6yTp7A9H4r2MTs1Pqr8eaZd1jD
.adnxs.com/	1970-01-19 23:33:35	Name: anj Value: dTM7k!M4.gDunaTF']wIg2E?kpT9Tm!]tbPl1N!7OnM$=BX/uifh1QfoE<Mh/M[PjGHxgcyi5bjH2!ul!VuifEv3tXF3Cu(j'le-376yoPDWi2Mbodgkq#W2Q+pnR9XUY2FqALQC7ZAqF1`*b_8<-f2SH
.valottery.com/	1970-01-19 21:34:04	Name: mpt_rate_comparator_50033 Value: 26.849681594529496\|1634831208806
.valottery.com/	1970-01-19 21:34:04	Name: mpt_vid Value: 163223920880781780\|1695311208807
.valottery.com/	1970-01-20 14:54:14	Name: _4c_ Value: %7B%22_4c_s_%22%3A%22dVJdj9MwEPwrlp%2BbyrHz2bfQEwhET0cBwVvlONvGShpHjmkoVf47duv0jkrkxbszO%2BuRMxc81tDhVZgwSllOSU6ibIEbOA94dcFaVu444RWGMhFRlJBAsLwKojgsgzyN0wBSlqU5CfMKKF7g325XREgYU5KSOJkWWPR%2BxwULVYHdFebLMFrGwX6wCvPHIsQWvVbVL2F25ty7oRFKNFSNJSo4SQG7UVamduqEkFe0BnmojYPpDe61a2w1yq5S46PMo4%2ByUqtxACdd11odAeXMosq%2BAv5xVTirGvag9XXKdoM0zueJt8oY0OelUEcP2%2FdzjNQH2cmZt9wGDnwj21aqzm1%2BttCLGkGXvG19v%2BZDHc%2BcFE30pma%2B%2Fio0N6IGPS95X3yZyy0YLturR9c%2BaT6iD%2FwIMw8%2Fv20LtK55J%2B6Y49FWWfuvHlCEPss9eOQd7xpUIO99tqRlZ55fWn6e71aW7g7oExdNr4xHN6q0hlDR9%2F8Cb4T9yf%2BzVgneukttKK2vYvf945PtaMgYyWgcs%2BU9qSmefNwYZTROSEYSauNk7EtmLoL2m26rr%2BkL79M0CokLZ%2B6nw2wevqUggO7%2FqoQ8qKbpLw%3D%3D%22%7D
.valottery.com/	1970-01-19 21:45:35	Name: ltkpopup-suppression-d9f118bf-8a80-4592-96b1-112433f8cbe7 Value: 1
m1.listrakbi.com/	1970-01-19 21:34:04	Name: AWSALBCORS Value: zR1AQQ7F/v1mOPqESfwOXW1ohhIHA33JB2aGoo8FGJHMgb6G5ajFQmkXiV63mKTHVqJyKfSaB+3/sjoJdpGuLSYuFdAhe+g2SofU5faRxMomY+Q3ry/VNmUruy+A

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=589E08B160FD495EA407F15743CABF2E Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://idsync.rlcdn.com/398696.gif?partner_uid=-7291093971443891088 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=589E08B160FD495EA407F15743CABF2E Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6528888.fls.doubleclick.net
77148.global.siteimproveanalytics.io
8930728.fls.doubleclick.net
a.tribalfusion.com
aa.agkn.com
action.dstillery.com
action.media6degrees.com
adservice.google.com
ajax.googleapis.com
bcp.crwdcntrl.net
cdn.listrakbi.com
cdn.valottery.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
content-aeui1.uplynk.com
content.uplynk.com
download.gamesrv1.com
extend.vimeocdn.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
gamesrv1.valottery.com
gateway.foresee.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
info.valottery.com
insight.adsrvr.org
insights-collector.newrelic.com
loadm.exelator.com
m1.listrakbi.com
maxcdn.bootstrapcdn.com
mediacdn.espssl.com
pixel.mtrcs.samba.tv
pixel.rubiconproject.com
pixel.tapad.com
s.tribalfusion.com
s1.listrakbi.com
services.listrak.com
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tag.mtrcs.samba.tv
tag.simpli.fi
um.simpli.fi
us-u.openx.net
valottery.com
videocdn.valottery.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.valottery.com
www.zmbl.co
104.111.215.191
104.18.10.207
104.18.11.79
104.18.12.251
104.18.12.5
104.18.13.5
104.18.7.244
104.21.89.178
107.178.240.89
13.107.213.45
13.32.121.126
142.250.184.202
142.250.185.100
142.250.185.194
142.250.185.198
142.250.185.232
142.250.185.66
142.250.185.99
142.250.186.34
143.204.98.35
151.101.14.109
151.101.2.65
162.247.243.148
169.50.137.176
169.50.137.179
169.50.137.190
172.217.16.142
172.217.23.98
18.168.102.56
18.194.150.131
18.66.130.11
18.66.173.29
185.33.221.91
185.60.216.19
185.94.180.125
216.52.2.39
216.58.212.170
31.13.92.36
34.192.117.147
34.192.56.19
34.199.218.203
34.247.115.39
35.227.248.159
35.244.159.8
35.244.174.68
52.168.86.34
52.209.129.133
54.72.92.6
54.78.254.47
69.16.175.42
69.173.144.139
74.125.133.157
8.43.82.17
8.43.83.18
93.184.220.43
93.184.221.168
001e370b1fd6e571b85c8eca9dd7015c380338191093b3d925e4f8a19fb9c03f
042bb30e80e819da82ce188bb2a35eed90e4410f33dbc1aa7300c269a2c10f41
04d460ffe7f58f851a3541a46f0a2852f5a238ebbd8892c4c8b550bbfd94af25
08a3be036ed38e505cb6afac3ea8555eace23b0bfdec73c5a8d20d102c6d11f7
0957d465805a42df08ddcbc001357a2011b5ac727443d9f616ce8e7185d9ed4e
0a177fd5f989ae233cce8b52b735078ec6af89ca6cb804c0bec238676daff8e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b24be5e511ec921e562e093463c5c92e626d5bd622270025eef6931dab5fb24
0b3a45c5472ff3523a1ab888d28fa1bcb5322e3fc9bdda17c56dd06284a41201
0cddddf4baa64e44af7a4a316e2642029be0b6738ce81ddb8389fca6f325f5c2
0da5449c35c4ceb45e7d54cf77ab873d4dca7ee6f866b934cb36a61fbf37176d
0e783858cb51da56d136db74b1862aa62f48ff11c3a36e794214b549fc84aa9c
0f0d58ec2ad789719c4016df46800cb54c5b3b4de1ec799dccdb9840bbf18b44
0f9109bc35c16ca11ac71da792d21bc10a57f7ce768088138a38506595d0afd4
107a3e37d04cd9d89ff84a6b514efc04124ea1a0ae8959e7dc2c9ac480412287
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1156b25823dd4b7f0b70f5b7baee791031fede0c0ed27f08223d9934a4ea49c8
123b4b340c6fa59f9c9989d070ba079ab6763a90083d6011f23a36c0eb02e13f
1269362cb375ff87a6835bad373f85b62b6af67f315794b088b3cc3288780445
143d852e3e4fb6a5b1c5fdb199fe04c9bed6c13f9763d059bd28461cb63b3789
14d2ca5c5def0eeccbe232efc9bb49f064ba13cc947724ac58a2ec2f6e5a4c0b
14e7381df688ad86c87e05e455f74c13487efe2498879f557e59d29669cc04be
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16216d2d481225790ac4f9f63deb73317c5e1769149350ec3d0765e31864fefe
18554ca0ef3c73f629c8fb27b8b184372cc5f1be432a2e64e0999380eaf4725d
18b70dfd8aba9949c84f3274ba0023b3099ffa633936f982bd2a9fdce502b9b1
18da4d91d26026ec2d2f54ed8a19a97bd785d774a5c3c4e3e0836c964c5220ce
1cf2796dd206ee43fea5446ebb2c292d7df3aad607d6e42fd1d8cb724a3164c2
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e93b530a651320569bb9a1e5afdefa40ef6a77f7d1887a27cb4f5cc049b57a3
1f24b5a731326be79343e88ca5889dafbb15cd79b8bb5ddebd9e215ffea5b0e9
2256796d55a1ca7ec47b8c9ae669c2cfe60544b62b6bc112f59fbefc787f6190
22d85403f5752c49439053ae117baa993ec8f3541dce3b9170d41759478ec9b8
232d32b3423eb11661c458b37d563f2dc789e27a50363bac93ca217e4385ed42
23c8e4cf7e80d9e773b5306c27e4d1b2962e92b78fdd08effcf6130336286317
2696c197f37ec469675c783368b2f9cd94a017b70dd183d6be00d28a2e7dbb2c
275cb9d8b09e73b4ba990445e79082a4bb345496dc632ec315bbd7fb2cbe1070
2782a9729071e9bf07bc1c8901604e0575efa5417d0f0ef387bc72233add1267
27c186362b4748382af220d0620dc2683387fd5b8e879fa9fff9b1a54bca70bd
28cda897217473aee9bbd190750cf50e44a900612617ba4f784a6fcad275d71a
29568049c9af5ffe7d9d5c7561b9403e6eb2c5be4269b4f89432fe2c0fc77712
29a14dc7599de5484006c7223a6272cc6bc8822bebf999bdaa2cf2aef7425d65
2b7ada062e30243d491881ee2bf712c10962fa2141c8a98b7b380470fcf735c3
2d22abd2f58b583f200e455877ab7534a9bbce09637f52a06fbe5ae5faf3b42e
2e6380ed131f9778c8f8a92195b71aa3ad0a2a8a10639b8bc862b43488c348e9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
346245eefa11b9b840f819980044b176a50fe8c341cff099bc0928a5ee61bd10
34ef44ca5b56c778f52c14eb45621e74e706df8a1a86f09de0fb935cef87d5ba
361782169dabcae9c33cb5d2c1633e867a438a15f1a9f9ea3f33725a7799e202
36937fb71bcc955dee583edf948acb3c67d362ca6da9a20dbf5a53f42dfba3bc
37565ba17276fccd6884ebad2170149dd38ebcfb96152f4216503b652fea5cb5
3c37cad2a67d4feb6c0adf0a055d0c4730d5f5135f7d56e2df3616baa0d198d9
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e1dbdf6650d99b8551306de08382a3c2aec7f6362eeeed7270184be940c86f8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ee8186ccb2ae54218750ad095acb56efae9097773d9995614a12c03bce8f81d
3f03c4e6df1caeb3b0f4a8a3b7489a35fe849f971fdc8d2da85f4cfebb06b72c
3fcad31fc799b6116ec39fd5414820d200bedafa31a9bc8d7bcdf38f200432cc
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
41eb27c98af122ef4f99ecf852b12a3b242e3f1d24b51a882b80ce9a97eff244
43bc5dd20184cd4936522688ea3f2f575bfdb1e824208aabd25b57173b021538
4401bea79eb66abf71d551275f8929db9bc19103192783620b5c5bae01f0d17f
449693c548a52829666000defe81d2045a95856bba01b7358bf252b5ff5aa7d0
44990a4cec1b4b6ab6044f05f2e4946f8a552f7ef15a245892591231ce2f8165
46dcd955191441bd16d9d8f7aa1c293c087f794be8e44699b44a9d741ecbb856
48c06ff706f206ff67adf1a566c0e3588548c0af9ce773dfe52adfed4fc855be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6af973b9ea670ac79c24c681f0e6cf4b6b680e32159d5ff04d1972f1f4b47e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0f23c33c5b7959c1dfbb0bef797848de32a8b6a1c5655740ecdcdc1c71b50a
4f38d8054fba5769eb340b02187563f0e4f98349ffec38e16c95e8276a6d5d64
5020526d3a402ada372cb9669f6e192f643ba30bde678afc640e388ef095b945
52fedf43ad0f253ebc69df6627c86ebe2ec95c170dbf4f5147bbd37177691aaa
545ee27b24d865638c41dd42bd51dea6531ce96877491c1e9937fb48928b1eea
557df66808182be0b02863fd8832183b72eff2d1b686ff1167e7fbaa6d057920
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57acdc98e0107bf93e6eb45828af624f15e41720c3d084ec25782666d1761a13
59014bc8fc186f85e55f479a65c303932f6251d17682e68c1c42befb862c5a55
59e0e88ca1c03fa77d780528f4b2cea4bdb38b3580f32f935c2b7aa7106f7c75
5b1281aa48b18b9e236ebf32ba59987ccafb72f885a79609ea15a10358bb5108
5cadbf63a08dee7280aefdf1ad4dfea5db604591c443ce0e9a9c18b04d21d4e7
5daa8ade5d465d442e91dbea61ac28ce84c3bdab5b85260ee43e78231e17d3a6
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60fc885e47b0633783b17eaa008a1e5316b8718dcab9fb42940363e386c68c05
61e00a0ad719d05543831e0bf0aa1adaaf52c6717cc618ade465dbdb55d36940
6266403194475020f9781081d7091e31c63310e15409a5e224219e70bfc406b3
63ee660e64dca730c5d8ac3872ef86d1331abd706826c70fdc3a960f2927fd16
660459946fc4a5a471e102cc527af368daf8ca417a2b88a7552541874c6e237d
668eb7aaab69ebb75ef8eb6eb5591ba202f14cbc11999b197bd35170b037c7a9
6ab464d03d1de4fc9df7142654844408f767c68dd5f68dde635069a177bd174c
75398b4622ef105163e84694870cccb9f617ae8e06867442d366b88f833b3726
75ade42c26455e59825877538af1bc5dc8fc7c6d9890e4a2633f2092b12226ee
766bc1f8be1ed8b6010ffc8a597620a514e57716ad60dc00f166ad9c22b4b165
767613d310cb9be2aee602ccf5a4e33c07bbe76aacbc07d0ee804f86f1a9a231
76d29fd2226e50e1499c0ab50e6cbf90756dda1edec1bc4391b18e4630cc9be8
77211b2e98b06e01565e08bcb05f556923345f5f5cfc5a132de87b5084997a24
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
773320fabeee0f1678a36b01b2da70490e05358c5f68165d1489b2e3711c0663
77bcac2c69b192dd36b94d57c2881c0429d840f0ccc97374b79728c922fafb5c
7910c9b395bcc4144511a5d5b7cc5d976cb4a9b9cdb42127df18fd48f69b51d8
795fe3ba1504168073e05cc423e36fb791a4eb458f2b396d84f6aae90e9f1dde
79d8f0a51733f6965fe732c925ab19b7a19d89f1720fbf831df63c2bf7db3d28
7aca2cb481aa824b0d8f7d2131a1d5e3ccaa16aef807e7abe63fcf9a7b1a9b46
7cf6c891a0f1da250e9064b3e65550cd644fc674609ad52d3845ac8b9d634023
7fa6d6ec9adbacabd7d5bbf6bb74e7e11944b860647a497b2cc733a088179cbc
8187840fc5a6c27689812bba0ec6c174524981edb339682f967e7d80fc0e12d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849c98bcf02648a5c2be9992cd1f8bf03146c5cafdec75bd77bdefeacaebb467
85bd82fd0d5faee687f38bbc671681ec496f8972442f367d42a986791126ae5c
89e5aa7b5df24d8a49a2f7505602ccc7fedaba7c981668c86bcbee18234143f6
8b9678bd9d99c3fc20507a882f90deb667c4f5263a5d7a54e43ff9563286cfe0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d89a56943965f77c2712bad06fc0fe8e8e6ac99e26b31f51ab0deba786b25be
8ec87fdc53c5606802a33e019f4ff8f40d931ea4e9e4dbfdd4de2979218d6269
906e71f52631575bbc2e2454a0db08cc2d50f509ec8d2a4263103148a8b25683
913b07c530a0b63413fdf78ab734a741264a8bcc6ba454cc3ad4e9c30ab0ac7f
920bd844ad96201e27c5fc6e77b2d429e36a261c988403ef03efb89d3371ff60
924f460d7d9064f84b9de164b6ebeb2d424a825a228779d70323a42922449681
92dc50b8a0397e57418624d220f321d2fb95d41c49a3fbdfc3e59c34a2c48f03
9302ddecd9b9089975d9d46d95152a5e8747b8db3bd170816783d79a48b6e298
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93b080a159f6062300b70010d1dde2b053196b6739af9cffa1cdf727a2a18b4c
958c40cbfd5b98a23766c15c294ac1f5c650f64f1ee17e235978851017fef65e
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
9f0a6c1b7751055b352a6fc70158bfa43d4587621b5e2b30a269bd036ded2880
9fe0a14026852753cbc7ecab44b4a530f1ce43c51f8c86cf746f81cfdd0b7e7d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a8a1fdfd53d2aa2eeb6bc6420bea93714f1fa4219f154712f581b95b71438abb
a974b154af0c7cd942a9a6e359705c15ac5c17c7f6f056400b2c40269fdf95c9
abcaf0db0845629877cd4a1a2278bfbd29992e0b90c179710a73bdba07a2809a
ac5d45efc86258df1746c39f11dd677f5b16b306c2fd3f51a40558ab96b22679
ad7c3825da970bbc50bb3672b8afd4726c10a5e9119f67f7a710f73e43013cb3
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b139dd93f7c1f9e816dd6e25182efe6efc19c7f031325081c1e47ba6cab0c257
b2b2ad1d953b1341442dca10555ebf44343c74fa9755492be52bf521f61dab11
b400dd5fcb38c85929561997154146554b2150314a0a9c2f4cb54215cd44fd13
b6223161949802808850b0de56c327469dc6578ca8df050049dd86ca30b210d7
b80bc30222d12c1cecbdf3836745a1cb363fe36e2f101fb27dc3964c41c202b6
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bb1a0967e43d7d6099eccb7b896931e3dee2dfbdf6a38ef9a8e143413ca5ca10
bb548e3aa3c3b942b8313c29796e15ef8006363bb1e62778fd78f6bff87a1d5a
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
c2640f6bca9daab56ec6a3b01bb5dc3f5156dc9dbb690867567222ecbc82c71c
c449906c16f92078852667f919734283b10ea677abe1855403a195a9604cea72
c600e273ddf59009e671cd55646f57605a10b33264cec665498a272d8451106f
c621771674ba60113a3608656537d88c18316105ff78902a3fbb6b66ea52783f
c865aa768ae5088e878d3f8d1132f89193ef0d8b4b3eeb9cd8ce7b3c0fbfc049
cd789cf988c5a008ef8e79e994513ebb7d5c68360844378dd39e4060b2eb18f9
cd802ada5483975c7fbe5a83a76728935be929d249d9815aeadbe05a6a723d3c
cf1e1e7b3e64f09203c702f451827ada9a4557bac5973e6368098e257b3dd73f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf6ec5ae0cfa97d28dcc66069843c1fcce4c08d1c4275a5c216ba326b43790e4
d4a35b74db1bc2543055525dac91f0267abb696798892eab74f949f198f60fde
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d7f3a550a9946103f8ec640689863b6b989bc874fbf4a5d77db7e2b6231125b7
d9dc67d21b0889b829dabe88fdcaa804ec5a15431ba4150c4c942a47a9a3dd6e
d9e53e72dd5b08e61f15b9bab370c87e422559ca17d1b7b581d9dd8d541c6054
dbef2a6bf0d72426b50072142f13ec23e3b178b4bec416691ef7ceda2bb8ac5e
e0f429e7060a206c88a5284688cd831b72db896b8cb5897fcbeb8a6381071e87
e276166164378740d82e6c1c46ad80716cc9a79fad29c78db077a387b6b90493
e36c3ef709b7e26a13d6ddd9da10fd5174ab72a809460d3c1265e8b927594fb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d67cb96cc7855cdd72966b02123e4ffdb47e8ab98e51bd822edea0ffb3f77a
e3d853b1ab87213617005d381e7aa3c6d26bc44ed04c78e6f2dce8d5145e9972
e3dbe736ee3b0157cea51379631c5bbc31c58925a75028619d7ef9c161d7e2ea
e4444f0ec2ddd0aa024154b22470afa5d065650e9c07cd4593ba3047c1480f1f
e49776be07243e2df2b62df2edd0125264b841bffba2d4affa9ec3ce1120644d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec93c422af4743a93e71d87ab851f22b6af6b1fe9f3c4c9b278918a2ce326da8
eca930c8da6be0645f990507be73423312922017792ee0feb1202a02dee324c0
ed98acadca2bcaa151ef47ebee2475cb789df2d05eab6500ee8dfccd38c80e31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f12ad07c1de11b68a813c4b8ae3e3c48b9522ace6b276993302fa325540ee517
f1fdc31e36acb744e3d5379c01ce0e2369406c93cd25e8d856d38f1eacb18458
f22202d5d46efe1f1a3ec66734e0866e3af063dcc41490c5ae55d34984c2c3e6
f582d213e3668de85436bc63703b309e517be4e128ac37b71d66e85ac13690e3
f5fa9902987ef01793df21333d090f5894b619670d69568faccce1ba032ea330
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc8dd555e5c63c2d4c63dcc5a1378785b6bcdef461944eb391d8a190523b9d11
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

www.valottery.com Open in urlscan Pro 52.168.86.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

219 Requests

99 %HTTPS

0 %IPv6

44 Domains

62 Subdomains

49 IPs

6 Countries

4400 kBTransfer

11990 kBSize

53 Cookies

7 Outgoing links

Page URL History

Redirected requests

219 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.valottery.com Open in urlscan Pro
52.168.86.34 Public Scan

Screenshot
Live screenshot

Full Image

219
Requests

99 %
HTTPS

0 %
IPv6

44
Domains

62
Subdomains

49
IPs

6
Countries

4400 kB
Transfer

11990 kB
Size

53
Cookies

219 HTTP transactions
0 data transactions