mailer.cl.tripod.com Open in urlscan Pro
209.202.252.66 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://mailer.cl.tripod.com/update/index2.htm/
Submission Tags: phishing malicious Search All
Submission: On February 24 via api (February 24th 2022, 6:48:34 pm UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 13 domains to perform 91 HTTP transactions. The main IP is 209.202.252.66, located in United States and belongs to LYCOS, US. The main domain is mailer.cl.tripod.com.

This is the only time mailer.cl.tripod.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayPal (Financial)

Domain & IP information

	IP Address	AS Autonomous System
3	209.202.252.66 209.202.252.66	6354 (LYCOS) (LYCOS)
16	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
6	209.202.254.12 209.202.254.12	6354 (LYCOS) (LYCOS)
2 5	104.92.91.221 104.92.91.221	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
26	192.254.236.192 192.254.236.192	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	209.202.254.90 209.202.254.90	6354 (LYCOS) (LYCOS)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	54.196.16.164 54.196.16.164	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:205... 2600:9000:2057:ea00:13:374f:b080:93a1	16509 (AMAZON-02) (AMAZON-02)
91	17

3 209.202.252.66 (United States)

ASN6354 (LYCOS, US)
PTR: tri-members.bo3.tripod.com

mailer.cl.tripod.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 209.202.254.12 (United States)

ASN6354 (LYCOS, US)
PTR: origin.scripts.lycos.com

scripts.lycos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.92.91.221 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-91-221.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 192.254.236.192 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-236-192.unifiedlayer.com

associates.lottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.202.254.90 (United States)

ASN6354 (LYCOS, US)
PTR: www.lycos.co.nz

sp-log.lycos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.196.16.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-16-164.compute-1.amazonaws.com

api.lottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:ea00:13:374f:b080:93a1 (United States)

ASN16509 (AMAZON-02, US)

games.api.lottery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	lottery.com associates.lottery.com — Cisco Umbrella Rank: 372749 api.lottery.com — Cisco Umbrella Rank: 448020 games.api.lottery.com — Cisco Umbrella Rank: 527905	814 KB
16	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 1536	27 KB
9	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 610 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2202	144 KB
7	lycos.com scripts.lycos.com — Cisco Umbrella Rank: 275861 sp-log.lycos.com — Cisco Umbrella Rank: 409407	9 KB
5	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 789	15 KB
4	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	367 KB
3	gstatic.com fonts.gstatic.com	47 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	22 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	243 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	82 KB
3	tripod.com mailer.cl.tripod.com	11 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	17 KB
91	13

	Domain	Requested by
26	associates.lottery.com	mailer.cl.tripod.com associates.lottery.com
16	www.paypalobjects.com	mailer.cl.tripod.com www.paypalobjects.com
6	stackpath.bootstrapcdn.com	associates.lottery.com
6	scripts.lycos.com	mailer.cl.tripod.com scripts.lycos.com
5	px.owneriq.net	2 redirects mailer.cl.tripod.com px.owneriq.net
4	securepubads.g.doubleclick.net	www.googletagservices.com
3	games.api.lottery.com	associates.lottery.com
3	api.lottery.com	associates.lottery.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	associates.lottery.com
3	cdnjs.cloudflare.com	associates.lottery.com
3	code.jquery.com	associates.lottery.com
3	maxcdn.bootstrapcdn.com	associates.lottery.com
3	www.googletagservices.com	mailer.cl.tripod.com
3	mailer.cl.tripod.com	mailer.cl.tripod.com
2	www.google-analytics.com	mailer.cl.tripod.com
1	sp-log.lycos.com	mailer.cl.tripod.com
91	17

This site contains links to these domains. Also see Links.

Domain
track.lottery.com
www.paypal.com
www.ebay.com

Subject Issuer	Validity	Valid
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-08` - `2023-01-10`	a year	crt.sh
*.owneriq.net GeoTrust RSA CA 2018	`2021-12-05` - `2022-12-06`	a year	crt.sh
associates.lottery.com R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.lycos.com R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-29` - `2023-01-29`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
api.lottery.com R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
games.api.lottery.com Amazon	`2021-09-10` - `2022-10-09`	a year	crt.sh

This page contains 7 frames:

Primary Page: http://mailer.cl.tripod.com/update/index2.htm/
Frame ID: BDF1337206FC0DB70F9C30F6517C9907
Requests: 27 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=text%2Fhtml
Frame ID: 75CE447AB1FAA3423A8264A9183D8DD6
Requests: 1 HTTP requests in this frame

Frame: https://associates.lottery.com/Lottery_Banner/banner2.html
Frame ID: D1E5673B85880F7879AC8C7CB1EF3363
Requests: 17 HTTP requests in this frame

Frame: http://mailer.cl.tripod.com/adm/ad/footerAd.iframe.html
Frame ID: 5B49ABD432E9BF59D2585A350AB11C45
Requests: 5 HTTP requests in this frame

Frame: http://mailer.cl.tripod.com/adm/ad/injectAd.iframe.html
Frame ID: F3E9F041166B161DB10C8ED5E0A246E1
Requests: 5 HTTP requests in this frame

Frame: https://associates.lottery.com/Lottery_Banner/banner2.html
Frame ID: 2004E7A1057760924911E28FE1F6D282
Requests: 17 HTTP requests in this frame

Frame: https://associates.lottery.com/Lottery_Banner/banner8.html
Frame ID: A30EA780C15DC93381BA1F5EFF20882D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayPal - Login

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

91
Requests

82 %
HTTPS

53 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1800 kB
Transfer

4105 kB
Size

8
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://track.lottery.com/visit/?bta=35111&nci=5440

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_registration-run
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_help-ext&source_page=_login-submit
Title: Help

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_home

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/ema/index-outside

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/req/index-outside

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_merchant-outside

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_auction-outside

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_email-recovery
Title: Forget your email address?

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_forgot-password
Title: Forget your password?

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_registration-run&first_name=&last_name=&address1=&address2=&city=&state=&zip=&day_phone_a=&day_phone_b=&day_phone_c=&night_phone_a=&night_phone_b=&night_phone_c=&email=&retype_email=
Title: sign up here

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_forgot-password
Title: forget your password

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/gen/about-outside
Title: About

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/general/PayPalAccountTypes-outside
Title: Accounts

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_display-fees-outside
Title: Fees

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/gen/ua/policy_privacy-outside
Title: Privacy

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_security-center-outside
Title: Security Center

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_contact_us
Title: Contact Us

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/gen/ua/ua-outside
Title: User Agreement

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/pdn/intro-outside
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=p/gen/jobs-outside
Title: Jobs

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_bc-signup
Title: Buyer Credit

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_web-referrals-mrb-outside
Title: Referrals

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=_shop-ext
Title: Shops

Search URL Search Domain Scan URL

URL: https://www.paypal.com/us/cgi-bin/webscr?cmd=_batch-payment-overview-outside
Title: Mass Pay

Search URL Search Domain Scan URL

URL: http://www.ebay.com/
Title: PayPal, an eBay company

Search URL Search Domain Scan URL

URL: http://www.paypal.com/us/cgi-bin/webscr?cmd=p/gen/fdic-outside
Title: Information about FDIC pass-through insurance

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 18

https://px.owneriq.net/eps?pt=lycosn&pid=682&uid=Q6990149081443387438J&l=true HTTP 302
https://px.owneriq.net/noop?ct=text%2Fhtml

Request Chain 19

https://px.owneriq.net/j/?ref=http://mailer.cl.tripod.com/update/index2.htm/&pt=lycosn&t=m%7C%22Lycos%22,d%7C%22Internet%2520%253E%2520Websites%22&s=Intend HTTP 302
https://px.owneriq.net/noop?ct=application%2Fx-javascript

Request Chain 20

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PayPal%20-%20Login&utmhid=947919467&utmr=-&utmp=%2Fupdate%2Findex2.htm%2F&utmht=1645728508768&utmac=UA-21402695-19&utmcc=__utma%3D31113466.1308180417.1645728509.1645728509.1645728509.1%3B%2B__utmz%3D31113466.1645728509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1487705942&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PayPal%20-%20Login&utmhid=947919467&utmr=-&utmp=%2Fupdate%2Findex2.htm%2F&utmht=1645728508768&utmac=UA-21402695-19&utmcc=__utma%3D31113466.1308180417.1645728509.1645728509.1645728509.1%3B%2B__utmz%3D31113466.1645728509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1487705942&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mailer.cl.tripod.com/update/index2.htm/ 24 KB
7 KB 1141ms
578ms Document
text/html 209.202.252.66
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL

http://mailer.cl.tripod.com/update/index2.htm/

Protocol

HTTP/1.1

Server

209.202.252.66 , United States, ASN6354 (LYCOS, US),

Reverse DNS

tri-members.bo3.tripod.com

Software

Squeegit/1.2.5 (3_sir) /

Resource Hash

65f4259d61ee943a02e09dc33137030fa4c35dd770979a90c28563d7bc6eb5a1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 24 Feb 2022 18:48:28 GMT
Server: Squeegit/1.2.5 (3_sir)
Vary: *
X-Server-IP: 209.202.244.211
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
X-Frame-Options: SAMEORIGIN
Connection: close
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 6919

GET
H2 200 xpt.css
www.paypalobjects.com/css/ 56 KB
10 KB 99ms
13ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/css/xpt.css

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F2C) /

Resource Hash

cd5a6a18083698c74db9d1644f53d10303e981cc29caa115dc19cafc2e1a207d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: b4de9365902e2
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9877
last-modified: Thu, 30 Jul 2020 23:04:55 GMT
server: ECAcc (frc/8F2C)
etag: W/"5f235217-de16"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 xptInvoice.css
www.paypalobjects.com/css/ 1 KB
697 B 95ms
9ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/css/xptInvoice.css

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F14) /

Resource Hash

2a8e6a8742ec1caac701bad4c6458fd905a694d9c21e746adca2d4c1b4a7f18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: c6b9002c42328
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 386
last-modified: Thu, 30 Jul 2020 23:04:55 GMT
server: ECAcc (frc/8F14)
etag: W/"5f235217-495"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 xptObsolete.css
www.paypalobjects.com/css/ 2 KB
761 B 95ms
10ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/css/xptObsolete.css

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FC0) /

Resource Hash

ee3d88c6d37622aee16048802349e042ed533344273360a69b8d96303d2c63a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 153590c8ab613
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 680
last-modified: Thu, 30 Jul 2020 23:04:55 GMT
server: ECAcc (frc/8FC0)
etag: W/"5f235217-892"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 xptlive.css
www.paypalobjects.com/css/ 69 B
145 B 98ms
13ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/css/xptlive.css

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F54) /

Resource Hash

fc9698b26e3f3c85518fc670a6237b3182aa302a788ae0a32971d2a7c9c17b8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 23:04:55 GMT
server: ECAcc (frc/8F54)
etag: "5f235217-45"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: text/css
paypal-debug-id: e7190d03f44bc
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 69
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 pp_main.js Show response
www.paypalobjects.com/js/ 35 KB
9 KB 95ms
10ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/js/pp_main.js

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E98) /

Resource Hash

e31d5c7948fd43e290e71096a765f65a19537575e07f43a2db8f61ad2cb5e9b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: 46da6afe6c2ae
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 9530
last-modified: Thu, 30 Jul 2020 23:05:10 GMT
server: ECAcc (frc/8E98)
etag: W/"5f235226-8c8a"
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
access-control-allow-headers: x-csrf-token
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H/1.1 200
OK init.js Show response
scripts.lycos.com/catman/ 2 KB
1 KB 302ms
93ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman/init.js
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Oct 2017 14:29:11 GMT
Server: Apache
ETag: "9c0-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=100
Content-Length: 927
Expires: Fri, 25 Feb 2022 00:48:28 GMT

GET
H2 200 paypal_logo.gif
www.paypalobjects.com/en_US/i/logo/ 2 KB
2 KB 21ms
18ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/logo/paypal_logo.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FFA) /

Resource Hash

5c048fbf9c37503ddfbc3131ff91818d3f26cb2f1e308d576aae6b5ddb8bffb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8FFA)
etag: "5d5637bd-932"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: e2ad4a739aa48
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 2354
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 P_off_welcome.gif
www.paypalobjects.com/en_US/i/nav/ 231 B
306 B 21ms
19ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/P_off_welcome.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F1B) /

Resource Hash

52eb6da4e4eb355ecee7f996ebc8dddd530725ebfacc864eb91d90ef881c0a5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8F1B)
etag: "5d5637bd-e7"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 6989268cfc0ca
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 231
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 43 B
150 B 14ms
12ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F24) /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:34 GMT
server: ECAcc (frc/8F24)
etag: "5d5637be-2b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 81b5359302d60
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 43
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 P_off_send_money.gif
www.paypalobjects.com/en_US/i/nav/ 257 B
357 B 14ms
12ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/P_off_send_money.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E92) /

Resource Hash

fa4b14f94e3f19ed6eefbeaa3963e5fb840a0e056b7f303b5b6b274612c6d34e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8E92)
etag: "5d5637bd-101"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 7e46979cdcc2a
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 257
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 P_off_request_money.gif
www.paypalobjects.com/en_US/i/nav/ 288 B
366 B 21ms
19ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/P_off_request_money.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8FEE) /

Resource Hash

c3d109198414e5f8b1e696625aabc186d2bf2d2ab822190275958153117293fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8FEE)
etag: "5d5637bd-120"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 71b2102e1d207
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 288
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 P_off_merchant_tools.gif
www.paypalobjects.com/en_US/i/nav/ 293 B
371 B 21ms
19ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/P_off_merchant_tools.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F4D) /

Resource Hash

843b3deff8372b87b925cda2a856280d35e0f19740ffda14b8b700c8030fa818

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8F4D)
etag: "5d5637bd-125"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 7592ca0faaa4
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 293
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 P_off_auction_tools.gif
www.paypalobjects.com/en_US/i/nav/ 267 B
344 B 15ms
13ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/P_off_auction_tools.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8E91) /

Resource Hash

317c0606fffd463d47047c60abbb7105bf582f37077c55f1fafbfb35170d7341

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8E91)
etag: "5d5637bd-10b"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 7205ba0e3a94
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 267
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 icon_error_40x40.gif
www.paypalobjects.com/en_US/i/icon/ 407 B
486 B 15ms
13ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/icon/icon_error_40x40.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F8E) /

Resource Hash

447b35f201753bb1d6836b36ec64e8ee2fe7838a303961ff129aa31c1e38f93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8F8E)
etag: "5d5637bd-197"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: 59075af7a7e23
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 407
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 secure_lock_2.gif
www.paypalobjects.com/en_US/i/icon/ 243 B
320 B 15ms
13ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/icon/secure_lock_2.gif

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F28) /

Resource Hash

c86bfae33486f088cc7e1481948d3328126a1ca553248e48ab4a4bef4bfcf481

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8F28)
etag: "5d5637bd-f3"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: c809bdda46371
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 243
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H2 200 start.css
www.paypalobjects.com/css/ 530 B
414 B 8ms
8ms Stylesheet
text/css 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypalobjects.com/css/start.css

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/css/xpt.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F47) /

Resource Hash

144efd9427c7ed86c41e0f27c66e1093efd1d199a3d4e714e5df81de2e143e1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/css/xpt.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cache: HIT
paypal-debug-id: a98920894490e
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 333
last-modified: Thu, 30 Jul 2020 23:04:55 GMT
server: ECAcc (frc/8F47)
etag: W/"5f235217-212"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: text/css
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
expires: Thu, 24 Feb 2022 19:48:28 GMT

GET
H/1.1 200
OK lycosn.js Show response
px.owneriq.net/stas/s/ 14 KB
14 KB 34ms
10ms Script
text/javascript 104.92.91.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://px.owneriq.net/stas/s/lycosn.js
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Server: 104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-91-221.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2c2aa73dfd778546a2466f06a2b5e722e5a1d504c43bd6586aef406c5f5388ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:28 GMT
Server: Apache/2.2.15 (CentOS)
Connection: keep-alive
Content-Type: text/javascript
X-Powered-By: PHP/5.3.3
Content-Length: 14461
Expires: Thu, 24 Feb 2022 18:48:28 GMT

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

36ms
10ms

Script
text/javascript

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2737
date: Thu, 24 Feb 2022 18:02:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Thu, 24 Feb 2022 20:02:51 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/ Frame 75CE
Redirect Chain

https://px.owneriq.net/eps?pt=lycosn&pid=682&uid=Q6990149081443387438J&l=true
https://px.owneriq.net/noop?ct=text%2Fhtml

0
355 B

8ms
7ms

Document
text/html

104.92.91.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=text%2Fhtml
Requested by: Host: px.owneriq.net
URL: http://px.owneriq.net/stas/s/lycosn.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-91-221.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 24 Feb 2022 18:48:28 GMT
Content-Length: 20
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://px.owneriq.net/noop?ct=text%2Fhtml
Date: Thu, 24 Feb 2022 18:48:28 GMT
Connection: keep-alive

GET
H/1.1

200
OK

noop Show response
px.owneriq.net/
Redirect Chain

https://px.owneriq.net/j/?ref=http://mailer.cl.tripod.com/update/index2.htm/&pt=lycosn&t=m%7C%22Lycos%22,d%7C%22Internet%2520%253E%2520Websites%22&s=Intend
https://px.owneriq.net/noop?ct=application%2Fx-javascript

0
370 B

7ms
7ms

Script
application/x-javascript

104.92.91.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Server: 104.92.91.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-91-221.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:28 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 20

Redirect headers

Location: https://px.owneriq.net/noop?ct=application%2Fx-javascript
Date: Thu, 24 Feb 2022 18:48:28 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2

200

__utm.gif
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utm...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&ut...

35 B
197 B

15ms
14ms

Image
image/gif

2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PayPal%20-%20Login&utmhid=947919467&utmr=-&utmp=%2Fupdate%2Findex2.htm%2F&utmht=1645728508768&utmac=UA-21402695-19&utmcc=__utma%3D31113466.1308180417.1645728509.1645728509.1645728509.1%3B%2B__utmz%3D31113466.1645728509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1487705942&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Feb 2022 18:48:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=766620571&utmhn=mailer.cl.tripod.com&utme=8(member_name)9(mailer.cl)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=PayPal%20-%20Login&utmhid=947919467&utmr=-&utmp=%2Fupdate%2Findex2.htm%2F&utmht=1645728508768&utmac=UA-21402695-19&utmcc=__utma%3D31113466.1308180417.1645728509.1645728509.1645728509.1%3B%2B__utmz%3D31113466.1645728509.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1487705942&utmredir=1&utmu=qRAAAAAAAAAAAAAAAAAAAAAE~
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK memberembedded.js Show response
scripts.lycos.com/catman3/code/tripod.lycos.com/ 3 KB
2 KB 93ms
93ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
Requested by: Host: scripts.lycos.com
URL: http://scripts.lycos.com/catman/init.js
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: 433adebf45e5476b798f0a001e138f08a1e0add64d19976ff6a903a8b8fe0ed1

Request headers

Referer: http://mailer.cl.tripod.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 24 Feb 2022 18:48:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 11:04:56 GMT
Server: Apache
ETag: "dac-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=99
Content-Length: 1173
Expires: Fri, 25 Feb 2022 00:48:28 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 37ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4edc2771e39377761ee27274647e8a9aa6caddf1c726b86c4ad468dfe5f45300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:29 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1141 / 732 of 1000 / last-modified: 1645704594"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27393
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 24 Feb 2022 18:48:29 GMT

GET
H2 200 banner2.html Show response
associates.lottery.com/Lottery_Banner/ Frame D1E5 6 KB
2 KB 493ms
174ms Document
text/html 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 979e53c8768538ba78b5d18ffb1f983813e918194ba5fabf2a2d093d3bd2902e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
server: Apache
content-type: text/html
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
accept-ranges: none
cache-control: max-age=300
expires: Thu, 24 Feb 2022 18:53:29 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-server-cache: false
content-length: 1706

GET
H/1.1 200
OK tp_cm.gif
sp-log.lycos.com/ 45 B
312 B 531ms
108ms Image
image/gif 209.202.254.90
LYCOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-log.lycos.com/tp_cm.gif
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 209.202.254.90 , United States, ASN6354 (LYCOS, US),
Reverse DNS: www.lycos.co.nz
Software: Apache /
Resource Hash: e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:29 GMT
Last-Modified: Mon, 06 Aug 2018 18:05:44 GMT
Server: Apache
ETag: "2d-572c8204a63ec"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 45

GET
H2 200 bg.gif
www.paypalobjects.com/en_US/i/nav/ 250 B
372 B 8ms
8ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/nav/bg.gif

Requested by

Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/css/xpt.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/8F64) /

Resource Hash

1ded8a10124637949be89cd44baf531313a6b5f401151323c855018a85d5ae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.paypalobjects.com/css/xpt.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
x-content-type-options: nosniff
last-modified: Fri, 16 Aug 2019 04:57:33 GMT
server: ECAcc (frc/8F64)
etag: "5d5637bd-fa"
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: HIT
content-type: image/gif
paypal-debug-id: debe89b390c40
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
dc: ccg11-origin-www-1.paypal.com
content-length: 250
expires: Thu, 24 Feb 2022 19:48:29 GMT

GET
H2 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ 363 KB
122 KB 87ms
7ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 17:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5818
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 17:11:31 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 138 B
741 B 96ms
18ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mailer.cl.tripod.com

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

30168641002304f783a3cb9976ec04fbd002f114510754cc343c8d20e47964ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105
x-xss-protection: 0
expires: Thu, 24 Feb 2022 18:48:29 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame D1E5 30 KB
7 KB 109ms
65ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 26592091
cdn-cachedat: 2021-04-23 02:06:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: f07a6a1e3a2be9775bad960520140228
cf-ray: 6e2ade50ad700e26-MXP
cdn-requestcountrycode: IT
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame D1E5 152 KB
24 KB 86ms
38ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 16415224
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9d44ff5a9049963265486d18895810ca
cf-ray: 6e2ade50af1e8397-MXP
cdn-requestcountrycode: EG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ Frame D1E5 274 KB
81 KB 62ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4472c"
vary: Accept-Encoding
x-hw: 1645728509.dop027.ml1.t,1645728509.cds203.ml1.hn,1645728509.cds033.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82889

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame D1E5 21 KB
7 KB 84ms
43ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 659959
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mceSHaHhApmxcRnuqdHnGOOIwh0TA2T%2Bhli0ki%2FMONLl8q%2F2ZAlKp3U3Bpnn0cDCeKrCZtIRODzTpEMeOF5fhPDlnkQFWVGD8UVBZKshlSwSjiO1vaAToDBqOdepzBwpumC09bUuP%2BUEkJlyLgDydpQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e2ade50ac0f59d7-MXP
expires: Tue, 14 Feb 2023 18:48:29 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame D1E5 57 KB
16 KB 80ms
32ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 26576785
cdn-cachedat: 2021-04-23 05:56:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 399d0c06fcd301b29038e3721b5460a7
cf-ray: 6e2ade50af228397-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 style.css
associates.lottery.com/Lottery_Banner/css/ Frame D1E5 35 KB
9 KB 166ms
166ms Stylesheet
text/css 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 78e3d4543230602591774aab8c44970b68a292c73006295d9b6a67d0553703c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 21:56:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: none
content-length: 9560
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 WhiteLogo.svg
associates.lottery.com/Lottery_Banner/img/ Frame D1E5 9 KB
9 KB 188ms
188ms Image
image/svg+xml 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/WhiteLogo.svg
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 256aa1db110ea3836cf239fd32f26b1818e35ff615ac03eb0182d517dc26f48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9493
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 phone1.png
associates.lottery.com/Lottery_Banner/img/ Frame D1E5 30 KB
31 KB 189ms
189ms Image
image/png 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/phone1.png
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 2cffa7995129d63129f470887052624c5ab533f4ec40bde545d49026ea8bda45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 31063
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 main.js Show response
associates.lottery.com/Lottery_Banner/js/ Frame D1E5 4 KB
2 KB 202ms
202ms Script
application/javascript 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/js/main.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: afd0d09a9b3ca6a97c11aa5f454484e7e7617c18758035bf8e661034b66988ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 14:14:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: none
content-length: 1751
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D1E5 4 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:48:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 18:48:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 18:48:29 GMT

GET
H2 200 GothamMedium.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame D1E5 126 KB
127 KB 286ms
286ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamMedium.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 128768
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 GothamBlack.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame D1E5 30 KB
30 KB 438ms
437ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBlack.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 30608
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 GothamBold.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame D1E5 45 KB
45 KB 437ms
437ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBold.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 4a6424d914dfd54c1c21d848f8831e94c2f91b2d17119b3d4533e8f8425311d9

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 45812
expires: Fri, 25 Feb 2022 18:48:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D1E5 15 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 172120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

GET
H/1.1 200
OK latest Show response
api.lottery.com/api/v1.6/lotteries/powerball/draws/ Frame D1E5 652 B
1 KB 342ms
109ms XHR
application/json 54.196.16.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lottery.com/api/v1.6/lotteries/powerball/draws/latest

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.196.16.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-16-164.compute-1.amazonaws.com

Software

Cowboy / Lottery.com

Resource Hash

7ccb838bc088e43ac62ad0697890444ed90e6646b0d319259a54e198cd6300b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Response-Time: 1.421ms
Date: Thu, 24 Feb 2022 18:48:30 GMT
Via: kong/0.11.0, 1.1 vegur
Server: Cowboy
X-Powered-By: Lottery.com
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://associates.lottery.com
X-Kong-Upstream-Latency: 9
Access-Control-Expose-Headers: X-Auth-Token
Access-Control-Allow-Credentials: true
X-Kong-Proxy-Latency: 0
Connection: keep-alive
Content-Length: 652
X-Xss-Protection: 1; mode=block

GET
H2 200 results Show response
games.api.lottery.com/api/v2.0/ Frame D1E5 4 KB
1 KB 98ms
17ms XHR
application/json 2600:9000:2057:ea00:13:374f:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://games.api.lottery.com/api/v2.0/results?shortName=powerball

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ea00:13:374f:b080:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy / Lottery.com

Resource Hash

03309cb47d887266ed8f80329fa44ac1bade2bb9da12b37173e19c4535ad0c1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
via: kong/0.11.0, 1.1 vegur, 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-powered-by: Lottery.com
x-cache: Hit from cloudfront
x-kong-proxy-latency: 0
x-kong-upstream-latency: 37
content-encoding: gzip
x-xss-protection: 1; mode=block
server: Cowboy
etag: W/"f4c-yY9PoKYIQsyNunmd5sT+AopiU3M"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://associates.lottery.com
access-control-expose-headers: X-Auth-Token
access-control-allow-credentials: true
x-amz-cf-id: EhLZ-tb7AkyAX5YvgqHJ7CLw8uYZoR5ObAPop621BxOmzL8qVt0Kiw==

GET
H/1.1 200
OK footerAd.iframe.html Show response
mailer.cl.tripod.com/adm/ad/ Frame 5B49 3 KB
2 KB 104ms
104ms Document
text/html 209.202.252.66
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://mailer.cl.tripod.com/adm/ad/footerAd.iframe.html
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Server: 209.202.252.66 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tri-members.bo3.tripod.com
Software: Squeegit/1.2.5 (3_sir) /
Resource Hash: f928d70db10e9bb7378c335bbb4eb1c105b1f89671b60065f63a10c7dd07e8ec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/update/index2.htm/

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Server: Squeegit/1.2.5 (3_sir)
Vary: *
X-Server-IP: 209.202.244.204
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Connection: close
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 1316

GET
H/1.1 200
OK injectAd.iframe.html Show response
mailer.cl.tripod.com/adm/ad/ Frame F3E9 3 KB
2 KB 208ms
105ms Document
text/html 209.202.252.66
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://mailer.cl.tripod.com/adm/ad/injectAd.iframe.html
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/update/index2.htm/
Protocol: HTTP/1.1
Server: 209.202.252.66 , United States, ASN6354 (LYCOS, US),
Reverse DNS: tri-members.bo3.tripod.com
Software: Squeegit/1.2.5 (3_sir) /
Resource Hash: 4f1a06ae1af92d1cd0f02f72c4337423af668846363e64f53b1eee1ee3afad53

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/update/index2.htm/

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Server: Squeegit/1.2.5 (3_sir)
Vary: *
X-Server-IP: 209.202.244.210
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="IDC DSP COR CURa ADMa DEVa CUSa PSAa IVAa CONo OUR IND UNI STA"
Connection: close
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 1259

GET
H/1.1 200
OK init.js Show response
scripts.lycos.com/catman/ Frame 5B49 2 KB
1 KB 94ms
94ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman/init.js
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/footerAd.iframe.html
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Oct 2017 14:29:11 GMT
Server: Apache
ETag: "9c0-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=98
Content-Length: 927
Expires: Fri, 25 Feb 2022 00:48:30 GMT

GET
H/1.1 200
OK memberembedded.js Show response
scripts.lycos.com/catman3/code/tripod.lycos.com/ Frame 5B49 3 KB
2 KB 94ms
94ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
Requested by: Host: scripts.lycos.com
URL: http://scripts.lycos.com/catman/init.js
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: 433adebf45e5476b798f0a001e138f08a1e0add64d19976ff6a903a8b8fe0ed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 11:04:56 GMT
Server: Apache
ETag: "dac-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=97
Content-Length: 1173
Expires: Fri, 25 Feb 2022 00:48:30 GMT

GET
H/1.1 200
OK init.js Show response
scripts.lycos.com/catman/ Frame F3E9 2 KB
1 KB 177ms
93ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman/init.js
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/injectAd.iframe.html
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
Last-Modified: Mon, 30 Oct 2017 14:29:11 GMT
Server: Apache
ETag: "9c0-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=96
Content-Length: 927
Expires: Fri, 25 Feb 2022 00:48:30 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5B49 80 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/footerAd.iframe.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65e4474c0db66c656a09486c3a8526e19e68e6be38bfe11a2fb8bbc568bf96a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1141 / 147 of 1000 / last-modified: 1645704768"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27404
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 24 Feb 2022 18:48:30 GMT

GET
H2 200 banner2.html Show response
associates.lottery.com/Lottery_Banner/ Frame 2004 6 KB
2 KB 199ms
199ms Document
text/html 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/footerAd.iframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 979e53c8768538ba78b5d18ffb1f983813e918194ba5fabf2a2d093d3bd2902e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
server: Apache
content-type: text/html
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
accept-ranges: none
cache-control: max-age=300
expires: Thu, 24 Feb 2022 18:53:30 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-server-cache: false
content-length: 1706

GET
H3 200 pubads_impl_2022022201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5B49 364 KB
122 KB 26ms
10ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022022201.js?cb=31065270

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 09:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31948
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125154
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 09:34:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 09:56:02 GMT

GET
H/1.1 200
OK memberembedded.js Show response
scripts.lycos.com/catman3/code/tripod.lycos.com/ Frame F3E9 3 KB
2 KB 94ms
94ms Script
application/javascript 209.202.254.12
LYCOS

General

Check archive.org

Show headers Download Go to

Full URL: http://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js
Requested by: Host: scripts.lycos.com
URL: http://scripts.lycos.com/catman/init.js
Protocol: HTTP/1.1
Server: 209.202.254.12 , United States, ASN6354 (LYCOS, US),
Reverse DNS: origin.scripts.lycos.com
Software: Apache /
Resource Hash: 433adebf45e5476b798f0a001e138f08a1e0add64d19976ff6a903a8b8fe0ed1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 11:04:56 GMT
Server: Apache
ETag: "dac-gzip"
Vary: Accept-Encoding,User-Agent
P3P: policyref="http://www.lycos.com/w3c/p3p.xml", CP="CAO DSP CUR ADM DEV PSA CONo TAI OUR IND DEM PRE PUR NAV UNI"
Cache-Control: max-age=21600
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Keep-Alive: timeout=5, max=95
Content-Length: 1173
Expires: Fri, 25 Feb 2022 00:48:30 GMT

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame F3E9 80 KB
27 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/injectAd.iframe.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4edc2771e39377761ee27274647e8a9aa6caddf1c726b86c4ad468dfe5f45300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 24 Feb 2022 18:48:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1141 / 543 of 1000 / last-modified: 1645704594"
Vary: Accept-Encoding
Report-To: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Length: 27393
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-gpt-scs"
Expires: Thu, 24 Feb 2022 18:48:30 GMT

GET
H2 200 banner8.html Show response
associates.lottery.com/Lottery_Banner/ Frame A30E 3 KB
1 KB 205ms
204ms Document
text/html 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Requested by: Host: mailer.cl.tripod.com
URL: http://mailer.cl.tripod.com/adm/ad/injectAd.iframe.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 7b9da195004304d29270b41b4d62ea453cebc7b0da7e3b13b5666ada379a40cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
server: Apache
content-type: text/html
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
accept-ranges: none
cache-control: max-age=300
expires: Thu, 24 Feb 2022 18:53:30 GMT
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-server-cache: false
content-length: 1106

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 2004 30 KB
7 KB 64ms
34ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 26577895
cdn-cachedat: 2021-04-23 04:15:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2c2f4ee12c680b28653bf96b6a97db1b
cf-ray: 6e2ade58cdb35a31-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame 2004 152 KB
24 KB 78ms
51ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 16415225
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9d44ff5a9049963265486d18895810ca
cf-ray: 6e2ade58ca9e83a6-MXP
cdn-requestcountrycode: EG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ Frame 2004 274 KB
81 KB 27ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4472c"
vary: Accept-Encoding
x-hw: 1645728510.dop027.ml1.t,1645728510.cds203.ml1.hn,1645728510.cds033.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82889

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 2004 21 KB
7 KB 56ms
29ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 659960
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKjzH8HJK8WvlOQ5crfmtOV4fMQ%2F8PU4XzQfjNrFI6eWbp%2FsusHE1mryDxqtaFGFJJYIPfY2vL7qp2KH8JX7O3%2FUWqLk%2BpVT8vWrgLfUNoap1Kzleb0vtBUy4C6rU8Gq1eJo8PzzrdEvdnWHwInbTZrZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e2ade58ca4583ac-MXP
expires: Tue, 14 Feb 2023 18:48:30 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame 2004 57 KB
16 KB 54ms
27ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 26576786
cdn-cachedat: 2021-04-23 05:56:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 399d0c06fcd301b29038e3721b5460a7
cf-ray: 6e2ade58ca9a83a6-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 style.css
associates.lottery.com/Lottery_Banner/css/ Frame 2004 35 KB
9 KB 179ms
178ms Stylesheet
text/css 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 78e3d4543230602591774aab8c44970b68a292c73006295d9b6a67d0553703c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 21:56:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: none
content-length: 9560
expires: Fri, 25 Feb 2022 18:48:30 GMT

GET
H2 200 WhiteLogo.svg
associates.lottery.com/Lottery_Banner/img/ Frame 2004 9 KB
9 KB 156ms
156ms Image
image/svg+xml 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/WhiteLogo.svg
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 256aa1db110ea3836cf239fd32f26b1818e35ff615ac03eb0182d517dc26f48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9493
expires: Fri, 25 Feb 2022 18:48:30 GMT

GET
H2 200 phone1.png
associates.lottery.com/Lottery_Banner/img/ Frame 2004 30 KB
31 KB 153ms
153ms Image
image/png 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/phone1.png
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 2cffa7995129d63129f470887052624c5ab533f4ec40bde545d49026ea8bda45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 31063
expires: Fri, 25 Feb 2022 18:48:30 GMT

GET
H2 200 main.js Show response
associates.lottery.com/Lottery_Banner/js/ Frame 2004 4 KB
2 KB 151ms
151ms Script
application/javascript 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/js/main.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner2.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: afd0d09a9b3ca6a97c11aa5f454484e7e7617c18758035bf8e661034b66988ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:30 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 14:14:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: none
content-length: 1751
expires: Fri, 25 Feb 2022 18:48:30 GMT

GET
H3 200 pubads_impl_2022021701.js Show response
securepubads.g.doubleclick.net/gpt/ Frame F3E9 363 KB
122 KB 6ms
6ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://mailer.cl.tripod.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 17:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5819
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124510
x-xss-protection: 0
last-modified: Thu, 17 Feb 2022 09:34:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Feb 2023 17:11:31 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2004 4 KB
633 B 34ms
18ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:05:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 18:48:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 18:48:31 GMT

GET
H3 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame A30E 30 KB
7 KB 32ms
32ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 26577896
cdn-cachedat: 2021-04-23 04:15:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2c2f4ee12c680b28653bf96b6a97db1b
cf-ray: 6e2ade59d8bb5a31-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ Frame A30E 152 KB
24 KB 33ms
32ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 16415226
cdn-cachedat: 08/11/2021 05:41:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9d44ff5a9049963265486d18895810ca
cf-ray: 6e2ade59dda783a6-MXP
cdn-requestcountrycode: EG
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.4.1.js Show response
code.jquery.com/ Frame A30E 274 KB
81 KB 19ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.4.1.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-4472c"
vary: Accept-Encoding
x-hw: 1645728511.dop027.ml1.t,1645728511.cds203.ml1.hn,1645728511.cds033.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 82889

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame A30E 21 KB
7 KB 46ms
45ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 659961
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFYxBq99TMCVqZIR7v4CsbbYZgJJlbf%2BtwboihS3iY8W3QjBMY00yc0DBjaTudDJ4HldJMeQABZ7g8jn1eABNecoFaXw%2FnyRi3Z3iyfQyTf%2FY4K7%2FlS8BMIszNtZOsZB2srHv7B4vF25lIUsYwXB6K%2BQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e2ade59ed7c83ac-MXP
expires: Tue, 14 Feb 2023 18:48:31 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ Frame A30E 57 KB
16 KB 34ms
34ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://associates.lottery.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 26576787
cdn-cachedat: 2021-04-23 05:56:27
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 399d0c06fcd301b29038e3721b5460a7
cf-ray: 6e2ade59edaa83a6-MXP
cdn-requestcountrycode: EG
cdn-requestpullsuccess: True

GET
H2 200 style.css
associates.lottery.com/Lottery_Banner/css/ Frame A30E 35 KB
9 KB 154ms
153ms Stylesheet
text/css 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 78e3d4543230602591774aab8c44970b68a292c73006295d9b6a67d0553703c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 21:56:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=86400
accept-ranges: none
content-length: 9560
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 biggerpopup.svg
associates.lottery.com/Lottery_Banner/img/ Frame A30E 16 KB
16 KB 163ms
162ms Image
image/svg+xml 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/biggerpopup.svg
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 4f2ef997c6e23053a2b46ab45baac10186f80a45affa7151c8d2a5ad29bffb66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 16469
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 WhiteLogo.svg
associates.lottery.com/Lottery_Banner/img/ Frame A30E 9 KB
9 KB 174ms
174ms Image
image/svg+xml 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/WhiteLogo.svg
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 256aa1db110ea3836cf239fd32f26b1818e35ff615ac03eb0182d517dc26f48f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 9493
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 resulticon.svg
associates.lottery.com/Lottery_Banner/img/ Frame A30E 16 KB
16 KB 162ms
162ms Image
image/svg+xml 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/resulticon.svg
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 13b9af4f026d5c254965619486f68e6e7f2b249418da875e40da8d8c588b491e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/svg+xml
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15952
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 banner7.png
associates.lottery.com/Lottery_Banner/img/ Frame A30E 42 KB
42 KB 163ms
162ms Image
image/png 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://associates.lottery.com/Lottery_Banner/img/banner7.png
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 6fbe1f8664635be450773b0f4fcb7658d838cb52b4682849f1c071b86e5ae758

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 43134
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 main.js Show response
associates.lottery.com/Lottery_Banner/js/ Frame A30E 4 KB
2 KB 168ms
168ms Script
application/javascript 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/js/main.js
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/banner8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: afd0d09a9b3ca6a97c11aa5f454484e7e7617c18758035bf8e661034b66988ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/Lottery_Banner/banner8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
content-encoding: gzip
last-modified: Sun, 12 Jul 2020 14:14:24 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: none
content-length: 1751
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 GothamMedium.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame 2004 126 KB
127 KB 207ms
207ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamMedium.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 128768
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 GothamBlack.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame 2004 30 KB
30 KB 340ms
339ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBlack.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 30608
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 GothamBold.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame 2004 45 KB
45 KB 194ms
194ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBold.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 4a6424d914dfd54c1c21d848f8831e94c2f91b2d17119b3d4533e8f8425311d9

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 45812
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2004 15 KB
15 KB 23ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 172122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

GET
H/1.1 200
OK latest Show response
api.lottery.com/api/v1.6/lotteries/powerball/draws/ Frame 2004 652 B
1 KB 108ms
107ms XHR
application/json 54.196.16.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lottery.com/api/v1.6/lotteries/powerball/draws/latest

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.196.16.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-16-164.compute-1.amazonaws.com

Software

Cowboy / Lottery.com

Resource Hash

7ccb838bc088e43ac62ad0697890444ed90e6646b0d319259a54e198cd6300b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Response-Time: 1.826ms
Date: Thu, 24 Feb 2022 18:48:31 GMT
Via: kong/0.11.0, 1.1 vegur
Server: Cowboy
X-Powered-By: Lottery.com
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://associates.lottery.com
X-Kong-Upstream-Latency: 9
Access-Control-Expose-Headers: X-Auth-Token
Access-Control-Allow-Credentials: true
X-Kong-Proxy-Latency: 0
Connection: keep-alive
Content-Length: 652
X-Xss-Protection: 1; mode=block

GET
H2 200 results Show response
games.api.lottery.com/api/v2.0/ Frame 2004 4 KB
1 KB 6ms
6ms XHR
application/json 2600:9000:2057:ea00:13:374f:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://games.api.lottery.com/api/v2.0/results?shortName=powerball

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ea00:13:374f:b080:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy / Lottery.com

Resource Hash

03309cb47d887266ed8f80329fa44ac1bade2bb9da12b37173e19c4535ad0c1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
via: kong/0.11.0, 1.1 vegur, 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
age: 2
x-powered-by: Lottery.com
x-cache: Hit from cloudfront
x-kong-proxy-latency: 0
x-kong-upstream-latency: 37
content-encoding: gzip
x-xss-protection: 1; mode=block
server: Cowboy
etag: W/"f4c-yY9PoKYIQsyNunmd5sT+AopiU3M"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://associates.lottery.com
access-control-expose-headers: X-Auth-Token
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: E_tYnbAZVU9JkAbT7IOY__DSbkQOXGCo4apCvJ5cG_dIhOkAQMZSCw==

GET
H3 200 css
fonts.googleapis.com/ Frame A30E 4 KB
633 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 18:48:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Feb 2022 18:48:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Feb 2022 18:48:31 GMT

GET
H2 200 GothamMedium.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame A30E 126 KB
127 KB 197ms
197ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamMedium.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 128768
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 GothamBlack.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame A30E 30 KB
30 KB 190ms
189ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBlack.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:52 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 30608
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H2 200 GothamBold.otf
associates.lottery.com/Lottery_Banner/fonts/ Frame A30E 45 KB
45 KB 190ms
189ms Font
font/otf 192.254.236.192
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://associates.lottery.com/Lottery_Banner/fonts/GothamBold.otf
Requested by: Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.254.236.192 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-236-192.unifiedlayer.com
Software: Apache /
Resource Hash: 4a6424d914dfd54c1c21d848f8831e94c2f91b2d17119b3d4533e8f8425311d9

Request headers

Referer: https://associates.lottery.com/Lottery_Banner/css/style.css
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:31 GMT
last-modified: Fri, 03 Apr 2020 19:13:53 GMT
server: Apache
x-server-cache: false
x-endurance-cache-level: 2
content-type: font/otf
cache-control: max-age=86400
accept-ranges: bytes
content-length: 45812
expires: Fri, 25 Feb 2022 18:48:31 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A30E 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://associates.lottery.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 172122
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Feb 2023 18:59:49 GMT

GET
H/1.1 200
OK latest Show response
api.lottery.com/api/v1.6/lotteries/powerball/draws/ Frame A30E 652 B
1 KB 114ms
114ms XHR
application/json 54.196.16.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lottery.com/api/v1.6/lotteries/powerball/draws/latest

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.196.16.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-196-16-164.compute-1.amazonaws.com

Software

Cowboy / Lottery.com

Resource Hash

7ccb838bc088e43ac62ad0697890444ed90e6646b0d319259a54e198cd6300b4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-Response-Time: 1.556ms
Date: Thu, 24 Feb 2022 18:48:31 GMT
Via: kong/0.11.0, 1.1 vegur
Server: Cowboy
X-Powered-By: Lottery.com
Vary: Origin, Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://associates.lottery.com
X-Kong-Upstream-Latency: 9
Access-Control-Expose-Headers: X-Auth-Token
Access-Control-Allow-Credentials: true
X-Kong-Proxy-Latency: 0
Connection: keep-alive
Content-Length: 652
X-Xss-Protection: 1; mode=block

GET
H2 200 results Show response
games.api.lottery.com/api/v2.0/ Frame A30E 4 KB
1 KB 6ms
6ms XHR
application/json 2600:9000:2057:ea00:13:374f:b080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://games.api.lottery.com/api/v2.0/results?shortName=powerball

Requested by

Host: associates.lottery.com
URL: https://associates.lottery.com/Lottery_Banner/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:ea00:13:374f:b080:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cowboy / Lottery.com

Resource Hash

03309cb47d887266ed8f80329fa44ac1bade2bb9da12b37173e19c4535ad0c1b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://associates.lottery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 24 Feb 2022 18:48:29 GMT
via: kong/0.11.0, 1.1 vegur, 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront)
age: 2
x-powered-by: Lottery.com
x-cache: Hit from cloudfront
x-kong-proxy-latency: 0
x-kong-upstream-latency: 37
content-encoding: gzip
x-xss-protection: 1; mode=block
server: Cowboy
etag: W/"f4c-yY9PoKYIQsyNunmd5sT+AopiU3M"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://associates.lottery.com
access-control-expose-headers: X-Auth-Token
access-control-allow-credentials: true
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: CQM7TymqTqi_oYRhX_ZHiuHcJi6BTE6f4TUbdTNJPzO-nw5GpkrqUA==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayPal (Financial)

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tripod.com/	1970-01-20 09:54:24	Name: CookieStatus Value: COOKIE_OK
.tripod.com/	1969-12-31 23:59:59	Name: MEMBER_PAGE Value: mailer.cl/update/index2.htm/
.tripod.com/	1969-12-31 23:59:59	Name: REFERRER Value: (null)
.tripod.com/	1970-01-20 18:40:00	Name: __utma Value: 31113466.1308180417.1645728509.1645728509.1645728509.1
.tripod.com/	1969-12-31 23:59:59	Name: __utmc Value: 31113466
.tripod.com/	1970-01-20 05:31:36	Name: __utmz Value: 31113466.1645728509.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.tripod.com/	1970-01-20 01:08:49	Name: __utmt Value: 1
.tripod.com/	1970-01-20 01:08:50	Name: __utmb Value: 31113466.1.10.1645728509

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://scripts.lycos.com/catman/init.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://scripts.lycos.com/catman/init.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://scripts.lycos.com/catman3/code/tripod.lycos.com/memberembedded.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.lottery.com
associates.lottery.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
games.api.lottery.com
mailer.cl.tripod.com
maxcdn.bootstrapcdn.com
px.owneriq.net
scripts.lycos.com
securepubads.g.doubleclick.net
sp-log.lycos.com
stackpath.bootstrapcdn.com
www.google-analytics.com
www.googletagservices.com
www.paypalobjects.com
104.92.91.221
142.250.186.34
192.229.221.25
192.254.236.192
2001:4de0:ac18::1:a:1b
209.202.252.66
209.202.254.12
209.202.254.90
2600:9000:2057:ea00:13:374f:b080:93a1
2606:4700::6810:125e
2606:4700::6812:acf
2606:4700::6812:bcf
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200a
2a00:1450:4001:830::200e
54.196.16.164
03309cb47d887266ed8f80329fa44ac1bade2bb9da12b37173e19c4535ad0c1b
0826047154e04ac9b85a0369e2654594aa3211ad757f604ac848071da8069786
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13b9af4f026d5c254965619486f68e6e7f2b249418da875e40da8d8c588b491e
144efd9427c7ed86c41e0f27c66e1093efd1d199a3d4e714e5df81de2e143e1d
1ded8a10124637949be89cd44baf531313a6b5f401151323c855018a85d5ae6e
256aa1db110ea3836cf239fd32f26b1818e35ff615ac03eb0182d517dc26f48f
2a8e6a8742ec1caac701bad4c6458fd905a694d9c21e746adca2d4c1b4a7f18f
2b533fe5c53324b1ed9a449bbd2d899930396f3b03b05b4c06ee83dd98879074
2c2aa73dfd778546a2466f06a2b5e722e5a1d504c43bd6586aef406c5f5388ac
2cffa7995129d63129f470887052624c5ab533f4ec40bde545d49026ea8bda45
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30168641002304f783a3cb9976ec04fbd002f114510754cc343c8d20e47964ed
317c0606fffd463d47047c60abbb7105bf582f37077c55f1fafbfb35170d7341
433adebf45e5476b798f0a001e138f08a1e0add64d19976ff6a903a8b8fe0ed1
447b35f201753bb1d6836b36ec64e8ee2fe7838a303961ff129aa31c1e38f93e
4a6424d914dfd54c1c21d848f8831e94c2f91b2d17119b3d4533e8f8425311d9
4edc2771e39377761ee27274647e8a9aa6caddf1c726b86c4ad468dfe5f45300
4f1a06ae1af92d1cd0f02f72c4337423af668846363e64f53b1eee1ee3afad53
4f2ef997c6e23053a2b46ab45baac10186f80a45affa7151c8d2a5ad29bffb66
52eb6da4e4eb355ecee7f996ebc8dddd530725ebfacc864eb91d90ef881c0a5f
5a93a88493aa32aab228bf4571c01207d3b42b0002409a454d404b4d8395bd55
5c048fbf9c37503ddfbc3131ff91818d3f26cb2f1e308d576aae6b5ddb8bffb4
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65e4474c0db66c656a09486c3a8526e19e68e6be38bfe11a2fb8bbc568bf96a0
65f4259d61ee943a02e09dc33137030fa4c35dd770979a90c28563d7bc6eb5a1
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68caa4b24ba360d11a24204fa9888792cf475760633ee4b2c88046004d4b13c3
6fbe1f8664635be450773b0f4fcb7658d838cb52b4682849f1c071b86e5ae758
78e3d4543230602591774aab8c44970b68a292c73006295d9b6a67d0553703c1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b9da195004304d29270b41b4d62ea453cebc7b0da7e3b13b5666ada379a40cd
7ccb838bc088e43ac62ad0697890444ed90e6646b0d319259a54e198cd6300b4
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843b3deff8372b87b925cda2a856280d35e0f19740ffda14b8b700c8030fa818
979e53c8768538ba78b5d18ffb1f983813e918194ba5fabf2a2d093d3bd2902e
afd0d09a9b3ca6a97c11aa5f454484e7e7617c18758035bf8e661034b66988ca
b1d4a753cf3cc25720fc2883a3e6c6be8c43637041c34aa376cf7428f7672520
c3d109198414e5f8b1e696625aabc186d2bf2d2ab822190275958153117293fb
c86bfae33486f088cc7e1481948d3328126a1ca553248e48ab4a4bef4bfcf481
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd5a6a18083698c74db9d1644f53d10303e981cc29caa115dc19cafc2e1a207d
e0f8dceb516151e70891cb4ed02aac4b5800b37c13d8328a35919472efe0f93e
e31d5c7948fd43e290e71096a765f65a19537575e07f43a2db8f61ad2cb5e9b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
ee3d88c6d37622aee16048802349e042ed533344273360a69b8d96303d2c63a8
f928d70db10e9bb7378c335bbb4eb1c105b1f89671b60065f63a10c7dd07e8ec
fa4b14f94e3f19ed6eefbeaa3963e5fb840a0e056b7f303b5b6b274612c6d34e
fc9698b26e3f3c85518fc670a6237b3182aa302a788ae0a32971d2a7c9c17b8b

mailer.cl.tripod.com Open in urlscan Pro 209.202.252.66 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

91 Requests

82 %HTTPS

53 %IPv6

13 Domains

17 Subdomains

17 IPs

3 Countries

1800 kBTransfer

4105 kBSize

8 Cookies

28 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mailer.cl.tripod.com Open in urlscan Pro
209.202.252.66 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

82 %
HTTPS

53 %
IPv6

13
Domains

17
Subdomains

17
IPs

3
Countries

1800 kB
Transfer

4105 kB
Size

8
Cookies

91 HTTP transactions
0 data transactions