urlscan.io logo urlscan.io
SecurityTrails logo

www.lotterypost.com Open in urlscan Pro
2606:4700::6812:12ad  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.lotterypost.app/
Effective URL: https://www.lotterypost.com/
Submission: On October 05 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 8 countries across 54 domains to perform 301 HTTP transactions. The main IP is 2606:4700::6812:12ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lotterypost.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time www.lotterypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
29 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
4 52.222.210.175 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 5 216.52.2.30 30282 (AS-INAPCD...)
1 34.107.148.139 15169 (GOOGLE)
2 5 2.21.141.232 16625 (AKAMAI-AS)
1 3 185.33.220.240 29990 (ASN-APPNEX)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 52.51.154.99 16509 (AMAZON-02)
5 142.250.181.226 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2620:116:800d... 16509 (AMAZON-02)
1 18.66.97.14 16509 (AMAZON-02)
1 18.66.112.116 16509 (AMAZON-02)
1 54.68.102.112 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
34 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:1901:0:7... 15169 (GOOGLE)
12 2606:4700:20:... 13335 (CLOUDFLAR...)
26 2a00:1450:400... 15169 (GOOGLE)
10 39 142.250.185.66 15169 (GOOGLE)
5 7 35.244.159.8 15169 (GOOGLE)
4 104.111.242.245 16625 (AKAMAI-AS)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 151.101.130.49 54113 (FASTLY)
3 66.155.71.25 13768 (COGECO-PEER1)
1 34.96.105.8 15169 (GOOGLE)
3 3 185.64.189.115 62713 (AS-PUBMATIC)
1 46.4.10.49 24940 (HETZNER-AS)
1 4 138.201.63.149 24940 (HETZNER-AS)
6 151.101.2.133 54113 (FASTLY)
6 142.250.186.162 15169 (GOOGLE)
1 1 185.29.134.244 30419 (MEDIAMATH...)
2 2 169.50.137.190 36351 (SOFTLAYER)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 1 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 37.157.2.239 198622 (ADFORM)
3 3 13.248.245.213 16509 (AMAZON-02)
1 1 18.156.0.31 16509 (AMAZON-02)
1 1 63.32.201.39 16509 (AMAZON-02)
1 2 193.0.160.128 54312 (ROCKETFUEL)
2 76.223.111.131 16509 (AMAZON-02)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
3 3 3.127.179.79 16509 (AMAZON-02)
2 2 99.80.151.46 16509 (AMAZON-02)
2 2 213.155.156.180 1299 (TWELVE99 ...)
8 63.33.113.238 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
3 5 142.250.185.230 15169 (GOOGLE)
3 151.101.194.133 54113 (FASTLY)
2 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 85.114.131.233 24961 (MYLOC-AS ...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 3 104.111.239.217 16625 (AKAMAI-AS)
1 148.251.139.77 24940 (HETZNER-AS)
301 56
1    2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.lotterypost.app
2    2606:4700::6812:12ad (United States)

ASN13335 (CLOUDFLARENET, US)
www.lotterypost.com
2    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
29    2606:4700:3035::6815:c5a (United States)

ASN13335 (CLOUDFLARENET, US)
lp.vg
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
43    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
pagead2.googlesyndication.com
4    52.222.210.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-210-175.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
5    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
5    2.21.141.232 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
3    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    52.51.154.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-154-99.eu-west-1.compute.amazonaws.com
c.deployads.com
5    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
19    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    18.66.97.14 (United States)

ASN16509 (AMAZON-02, US)
certify-js.alexametrics.com
1    18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)
certify.alexametrics.com
1    54.68.102.112 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-102-112.us-west-2.compute.amazonaws.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2600:9000:223c:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
2    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
34    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
12    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
26    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
39    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
7    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    46.4.10.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.49.10.4.46.clients.your-server.de
hal9000.redintelligence.net
4    138.201.63.149 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de
hal90009.redintelligence.net
6    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
6    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
googleads4.g.doubleclick.net
1    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    2a05:d018:24:b001:6cd5:9d52:6dd6:6c58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
1    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    63.32.201.39 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
a.rfihub.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
3    3.127.179.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-179-79.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    99.80.151.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-151-46.eu-west-1.compute.amazonaws.com
r.scoota.co
2    213.155.156.180 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-180.teliacarrier-cust.com
d5p.de17a.com
8    63.33.113.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
5    142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net
5994599.fls.doubleclick.net
ad.doubleclick.net
3    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    2a02:26f0:f7::5c7b:e033 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    85.114.131.233 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21037.dus4.fastwebserver.de
cdn.contentspread.net
2    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
3    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
Apex Domain
Subdomains		 Transfer
76 googlesyndication.com
pagead2.googlesyndication.com
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
tpc.googlesyndication.com
608 KB
75 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
5994599.fls.doubleclick.net
ad.doubleclick.net
309 KB
29 lp.vg
lp.vg
537 KB
26 2mdn.net
s0.2mdn.net
823 KB
17 krxd.net
cdn.krxd.net
beacon.krxd.net
consumer.krxd.net
263 KB
14 ad4m.at
as.ad4m.at
ad4m.at
assets.ad4m.at
250 KB
7 openx.net
us-u.openx.net
1 KB
7 googletagservices.com
www.googletagservices.com
248 KB
6 google.com
adservice.google.com
www.google.com
2 KB
5 redintelligence.net
hal9000.redintelligence.net
hal90009.redintelligence.net
10 KB
5 casalemedia.com
as-sec.casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 lijit.com
ap.lijit.com
3 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 teads.tv
sync.teads.tv
688 B
4 pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
4 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
40 KB
3 awin1.com
www.awin1.com
2 KB
3 bidswitch.net
x.bidswitch.net
2 KB
3 3lift.com
eb2.3lift.com
1 KB
3 sitescout.com
pixel-sync.sitescout.com
573 B
3 yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
2 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
35 KB
3 adnxs.com
ib.adnxs.com
8 KB
3 cloudflareinsights.com
static.cloudflareinsights.com
cloudflareinsights.com
5 KB
3 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
37 KB
2 createjs.com
code.createjs.com
125 KB
2 de17a.com
d5p.de17a.com
718 B
2 scoota.co
r.scoota.co
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 rfihub.com
p.rfihub.com
a.rfihub.com
2 KB
2 adform.net
c1.adform.net
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 tidaltv.com
sync.tidaltv.com
828 B
2 simpli.fi
um.simpli.fi
1 KB
2 everesttech.net
sync-tm.everesttech.net
pixel.everesttech.net
911 B
2 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 lotterypost.com
www.lotterypost.com
21 KB
1 congstar.de
banner.congstar.de
518 B
1 contentspread.net
cdn.contentspread.net
52 KB
1 adition.com
dsp.adfarm1.adition.com
583 B
1 mathtag.com
sync.mathtag.com
829 B
1 blismedia.com
tr.blismedia.com
141 B
1 quantcount.com
rules.quantcount.com
462 B
1 google.de
adservice.google.de
853 B
1 googleadservices.com
partner.googleadservices.com
412 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 deployads.com
c.deployads.com
256 B
1 media.net
prebid.media.net
453 B
1 googletagmanager.com
www.googletagmanager.com
33 KB
1 lotterypost.app
www.lotterypost.app
132 B
0 netmng.com Failed
google2waycm.netmng.com Failed
301 54
Domain Requested by
39 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
www.lotterypost.com
36 pagead2.googlesyndication.com www.lotterypost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
34 tpc.googlesyndication.com googleads.g.doubleclick.net
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
29 lp.vg www.lotterypost.com
lp.vg
ajax.googleapis.com
26 s0.2mdn.net www.lotterypost.com
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
s0.2mdn.net
19 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
www.lotterypost.com
8 beacon.krxd.net aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
cdn.krxd.net
7 us-u.openx.net 5 redirects googleads.g.doubleclick.net
7 www.googletagservices.com www.lotterypost.com
googleads.g.doubleclick.net
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
6 assets.ad4m.at as.ad4m.at
6 googleads4.g.doubleclick.net www.lotterypost.com
6 cdn.krxd.net s0.2mdn.net
cdn.krxd.net
6 aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 ap.lijit.com 4 redirects lp.vg
4 hal90009.redintelligence.net 1 redirects aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
hal90009.redintelligence.net
4 ad4m.at as.ad4m.at
ad4m.at
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 as.ad4m.at aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
4 www.google.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.lotterypost.com
4 c.amazon-adsystem.com www.lotterypost.com
c.amazon-adsystem.com
3 www.awin1.com 1 redirects as.ad4m.at
3 ad.doubleclick.net 2 redirects
3 consumer.krxd.net cdn.krxd.net
3 x.bidswitch.net 3 redirects
3 eb2.3lift.com 3 redirects
3 image6.pubmatic.com 3 redirects
3 pixel-sync.sitescout.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
3 ib.adnxs.com 1 redirects lp.vg
googleads.g.doubleclick.net
2 cloudflareinsights.com static.cloudflareinsights.com
2 code.createjs.com s0.2mdn.net
2 5994599.fls.doubleclick.net 1 redirects www.lotterypost.com
2 d5p.de17a.com 2 redirects
2 r.scoota.co 2 redirects
2 tracking.m6r.eu 2 redirects
2 match.adsrvr.org aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
2 c1.adform.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 um.simpli.fi 2 redirects
2 www.gstatic.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
5994599.fls.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.lotterypost.com
2 ajax.googleapis.com www.lotterypost.com
s0.2mdn.net
2 www.lotterypost.com www.lotterypost.com
1 banner.congstar.de as.ad4m.at
1 cdn.contentspread.net hal90009.redintelligence.net
1 static-de.ad4mat.net as.ad4m.at
1 a.rfihub.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
1 p.rfihub.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cms.quantserve.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
1 r.turn.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 sync.mathtag.com 1 redirects
1 hal9000.redintelligence.net aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
1 tr.blismedia.com aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
1 sync-tm.everesttech.net 1 redirects
1 ads.yahoo.com googleads.g.doubleclick.net
1 prod-rtb.ad4mat.net www.lotterypost.com
1 pixel.quantserve.com www.lotterypost.com
1 rules.quantcount.com secure.quantserve.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com www.lotterypost.com
1 certify.alexametrics.com www.lotterypost.com
1 certify-js.alexametrics.com www.lotterypost.com
1 secure.quantserve.com www.lotterypost.com
1 fonts.gstatic.com fonts.googleapis.com
1 c.deployads.com lp.vg
1 hbopenbid.pubmatic.com lp.vg
1 as-sec.casalemedia.com lp.vg
1 prebid.media.net lp.vg
1 static.cloudflareinsights.com www.lotterypost.com
1 www.googletagmanager.com www.lotterypost.com
1 fonts.googleapis.com www.lotterypost.com
1 www.lotterypost.app 1 redirects
0 google2waycm.netmng.com Failed aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
301 82
Subject Issuer Validity Valid
lotterypost.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
lp.vg
Cloudflare Inc ECC CA-3		 2021-06-10 -
2022-06-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.deployads.com
Amazon		 2021-06-04 -
2022-07-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
certify.alexametrics.com
Amazon		 2021-06-14 -
2022-07-13		 a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon		 2020-10-08 -
2021-11-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2021-08-24 -
2021-11-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
tr.blismedia.com
GTS CA 1D4		 2021-08-26 -
2021-11-24		 3 months crt.sh
redintelligence.net
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.rfihub.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2022-06-18		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
contentspread.net
R3		 2021-10-04 -
2022-01-02		 3 months crt.sh
www.awin1.com
DigiCert SHA2 Secure Server CA		 2021-06-11 -
2022-06-16		 a year crt.sh
*.congstar.de
TeleSec ServerPass Class 2 CA		 2021-05-18 -
2022-05-23		 a year crt.sh

This page contains 35 frames:

Primary Page: https://www.lotterypost.com/
Frame ID: BE4DF1BBDFCAB49D91F7E639AC4BB8EE
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Frame ID: E007EA26301FF5F213996D3D3BEB205D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Frame ID: 27AB6EBFF56095A1DD45AAF2938D1E67
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633476573&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573032&bpp=1&bdt=838&idt=201&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2278199595510&frm=20&pv=1&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
Frame ID: B9A082DF5A42D1C12EAEDF2F0BFB721E
Requests: 1 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F9DC880A22E3AF49D7DD45D347C800BB
Requests: 1 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1F9C08F44819E49F1C0D40F8644495F5
Requests: 21 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3E4BFB61A339D1DD869D48C9D806A9A6
Requests: 20 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A3B62D4B022CF3AC1ECC5332A277E784
Requests: 21 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 92433B8DAB039B07BE622EF2944C24B0
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: E1726F67B4B2BF681E68A4624720F553
Requests: 1 HTTP requests in this frame

Frame: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 46C8334BEF452A5107FB56092C87D4FF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Frame ID: 2EDBCFA83E12170A67A7544497C7D8D8
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
Frame ID: 98FF5685AB59B8EA539C02A2E9B088E9
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 720F74DAE41AF11B581DA08422A0D7F1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Frame ID: B8A46BCAA03336A18EA4779DD4B92AF2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Frame ID: 2B445F041AD94C38E78602C84DECEA2D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
Frame ID: 1115EB6A3675340FEFBA1FDD87E17A11
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B630B99603E8D33EFE936D39C1E8A0C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 57F415DA923B16843DA35BBE662F05AF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C4A8A2EE72CF0FDF6C8ABDA19DB4EBFF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 02993038657A6A73C4E77E8BB6137F9E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E3864AB367BF89F00E88C3C4133A0551
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/2173885051601150/index.html
Frame ID: 9E5884CB1BFB2A0390E8D31A80BC62AB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 30520676268A4C95266EAAF487B088E9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
Frame ID: EFDD3A9B50734C6F2CFC43580EEF191F
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/4528516/2128478866615035/index.html
Frame ID: D67A9D29192E48E6C4A543F3CB5FD5E5
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A7A68B5782107D2614006C593CFF4E81
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4639CE4A06032771C587A1E8A8EE0C85
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405
Frame ID: A923522C7698B301E3F4EFC313A514BC
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=40882900005550600710616011739009&a=045ac46e
Frame ID: 0264A3E8D6B2C986D0FB26E2D41B169E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7E31E8369F1FC69FA29C0B4BB3710830
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 26D86F68E5F713D6634EDECE7E496BB9
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Frame ID: 2732957BC4A5F139022F1DEE99FB12C0
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3F8A18D4B0E8CEC53D4CBEF2EF4EBD50
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 048696F0CEAFAC89E38147727AC1228E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lottery Post

Page URL History Show full URLs

  1. https://www.lotterypost.app/ HTTP 301
    https://www.lotterypost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

301
Requests

99 %
HTTPS

41 %
IPv6

54
Domains

82
Subdomains

56
IPs

8
Countries

3431 kB
Transfer

7284 kB
Size

66
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lotterypost.app/ HTTP 301
    https://www.lotterypost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1
Request Chain 139
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVzf3h5ZxTc3lBCD-T.NiQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1&google_hm=2
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIjFK8m_sssKUugCkidfZUQ&google_cver=1
Request Chain 141
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjQ2NTE2Nzc3NzAzNTE3Mw%3D%3D
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
Request Chain 152
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
Request Chain 153
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
Request Chain 156
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
Request Chain 157
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
Request Chain 159
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1&__user_check__=1&sync_id=195c615e-2634-11ec-999f-141922060206
Request Chain 160
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=195c6605-2634-11ec-8ff6-19bfd3920406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk1YzYwZTYtMjYzNC0xMWVjLTk5OWYtMTQxOTIyMDYwMjA2
Request Chain 162
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEOlTK-xdffgPZJ8Ac4tjkb8&google_cver=1&google_push=AYg5qPLh659IylRzDn0IpKRVi0fvkV5zgKQlcc-JPky8zhMpRr-QT8EdKGPrAM1qXxImxfnhiP9KhfJTK-CHBkIG46QBnq3fw4mt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOlTK-xdffgPZJ8Ac4tjkb8&google_push=AYg5qPLh659IylRzDn0IpKRVi0fvkV5zgKQlcc-JPky8zhMpRr-QT8EdKGPrAM1qXxImxfnhiP9KhfJTK-CHBkIG46QBnq3fw4mt
Request Chain 165
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYSiUlldyDdkHrMDjla8RQ&google_cver=1&google_push=AYg5qPJhhdRsykxwbN6p5aVL3uXecA-EGALxmxkeANWs4zRD1_Dm8X1OsUO0R3T8ChD4xzOLXIiQBI0sRXoQEVny0yN-B3T9Na_z HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYSiUlldyDdkHrMDjla8RQ&google_cver=1&google_push=AYg5qPJhhdRsykxwbN6p5aVL3uXecA-EGALxmxkeANWs4zRD1_Dm8X1OsUO0R3T8ChD4xzOLXIiQBI0sRXoQEVny0yN-B3T9Na_z&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhhdRsykxwbN6p5aVL3uXecA-EGALxmxkeANWs4zRD1_Dm8X1OsUO0R3T8ChD4xzOLXIiQBI0sRXoQEVny0yN-B3T9Na_z
Request Chain 166
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8
Request Chain 167
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM&google_hm=ba575aaba583875d62572e5f
Request Chain 183
  • https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=916283846821&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=916283846821&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 196
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtIXsv3FtsoDX213Zaer0U&google_cver=1&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq-wz1UAXRD4M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq-wz1UAXRD4M
Request Chain 197
  • https://um.simpli.fi/gp_match?google_gid=CAESEJRwEveIol3h2wUKwT8vYWM&google_cver=1&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpCowfOzhLM7uA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpCowfOzhLM7uA
Request Chain 198
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENPi2XEqS-dChSPCS1XjsBs&google_cver=1&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j33dqHGsnfgQA4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTcyODQ2NDEyMDA1MTg1Mw%3D%3D&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j33dqHGsnfgQA4
Request Chain 199
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEGkrQ5EuwbyoxX7GBKQEz3w&google_cver=1&google_push=AYg5qPLquH3d7BEwYsIYg4UIfAUS_C-mY0aWgvGdNE3Ds_qL4r3DbUnK9i3wgrDR3QV0sxeOLiOk0QtODUk8nC5JrKP8DQjKv3M HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEGkrQ5EuwbyoxX7GBKQEz3w&google_cver=1&google_push=AYg5qPLquH3d7BEwYsIYg4UIfAUS_C-mY0aWgvGdNE3Ds_qL4r3DbUnK9i3wgrDR3QV0sxeOLiOk0QtODUk8nC5JrKP8DQjKv3M&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=HyeSEVtcTvShkhKkBC7g2g&gdpr=1&gdpr_consent=
Request Chain 201
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8TPf00XVjB_A HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8TPf00XVjB_A&google_hm=ba575aaba583875d62572e5f
Request Chain 206
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1&google_push=AYg5qPLVofQRQbnPNzhblfyM57zof2qpH0IjsgZ7iFsoczyBgBbkquY3zNaUAquAWgJtmVwJwuf_vn965R0RQZZJxD3Pdr7Sik9E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5MzA1NDkxMDg3NTQxMDM5MQ== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1
Request Chain 209
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBHnIT4LW9FXUIbh0Xuzx3E&google_cver=1&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ19qbM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ19qbM&google_hm=NzQ2ODUwODY4MzI0NTUzMjY0Nw%3D%3D
Request Chain 210
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKvYnorT3DkZE97M_rBypRU&google_cver=1&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QFqM-PqgmmM19d-PWl5Jf HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKvYnorT3DkZE97M_rBypRU&google_cver=1&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QFqM-PqgmmM19d-PWl5Jf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEyNTM0NTg2MDAxMzg1MTU&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QFqM-PqgmmM19d-PWl5Jf
Request Chain 211
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO5Xb5yqUUQz0jwK5c44iPk&google_cver=1&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY&google_gid=CAESEO5Xb5yqUUQz0jwK5c44iPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY
Request Chain 212
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOTGdUfzJkKBuxjU3JREzH4&google_cver=1&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7Y1XVqN5hkVGBnjiUzFMAXJZB_0mx0ISxAstLAMj_N4XIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TREk4VnZSRTJ1R013andXSXpsRGgxbDdrMU1NdDdWa35B&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7Y1XVqN5hkVGBnjiUzFMAXJZB_0mx0ISxAstLAMj_N4XIQ
Request Chain 216
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYonF5H05gi09PhZfl6iXUNZgMTwZhy71G8YAVVWrCYdMSOv8gpgaqdH3BE&google_gid=CAESEG90yKqCfOXLSC9DGLYvm_A&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZ6ZjNnQUFBZDVzZUFBUg&google_push=AYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYonF5H05gi09PhZfl6iXUNZgMTwZhy71G8YAVVWrCYdMSOv8gpgaqdH3BE
Request Chain 217
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESELQhXAUnIUB_MkwKzxobap8&google_cver=1&google_push=AYg5qPLRW6ZeKti0By8tKD4wfs0xOGz63aVQJJSkZYFyd_EOdPZQkKDNZrRAFm1uAeYjaTG9l_rvTz9EIj2DplztKjzPRql3m8c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLRW6ZeKti0By8tKD4wfs0xOGz63aVQJJSkZYFyd_EOdPZQkKDNZrRAFm1uAeYjaTG9l_rvTz9EIj2DplztKjzPRql3m8c&google_hm=ODA5Njg5NTYyNjM1NDYwNTgxOA== HTTP 302
  • https://a.rfihub.com/cm?pub=445&google_error=5
Request Chain 219
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDS3sHY8_QznVlo_Scgq5N0&google_cver=1&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyiF8CHrwn1o_ziSNJJ1M HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDS3sHY8_QznVlo_Scgq5N0&google_cver=1&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyiF8CHrwn1o_ziSNJJ1M&checkcookies=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7sqmdEZGiP_1pBVGbWaMOA&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyiF8CHrwn1o_ziSNJJ1M
Request Chain 220
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOG9ihjTAhwqU56OWp9RK3g&google_cver=1&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOG9ihjTAhwqU56OWp9RK3g&google_cver=1&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4 HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=2bef3edc-e927-4a69-adfa-fdd02be914b7&ssp=google HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4&google_hm=IoPJAMBwRcKWrRg8oWsFkQ==
Request Chain 221
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN-xEygWtS7wr5jHzvJ3eGQ&google_cver=1&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN-xEygWtS7wr5jHzvJ3eGQ&google_cver=1&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg
Request Chain 222
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYSiUlldyDdkHrMDjla8RQ&google_cver=1&google_push=AYg5qPIpzDrtpvzMBJZAWEq3HLZ4tC4IZloc-4RS4myqvrfxxug0xz4l2I7wukonWCoMOSa4L-bZcp8IzilWwGKvJlvcOsvEhQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpzDrtpvzMBJZAWEq3HLZ4tC4IZloc-4RS4myqvrfxxug0xz4l2I7wukonWCoMOSa4L-bZcp8IzilWwGKvJlvcOsvEhQ
Request Chain 232
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405
Request Chain 251
  • https://um.simpli.fi/gp_match?google_gid=CAESEJRwEveIol3h2wUKwT8vYWM&google_cver=1&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UVNwcI4YOp7jqpw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UVNwcI4YOp7jqpw
Request Chain 254
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEwT0fyMRbYHuN HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEwT0fyMRbYHuN&google_hm=ba575aaba583875d62572e5f
Request Chain 255
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO5Xb5yqUUQz0jwK5c44iPk&google_cver=1&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bswvdov-PbryqvcBqt_mFgWqgPV_WHonu2A8nsUPY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bswvdov-PbryqvcBqt_mFgWqgPV_WHonu2A8nsUPY
Request Chain 304
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNe6vLi2tPMCFSXnuwgdu8AE2A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633476576_1a3616b0-2634-11ec-bef8-692d023ad792

301 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lotterypost.com/
Redirect Chain
  • https://www.lotterypost.app/
  • https://www.lotterypost.com/
78 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3566195744a438e72a483075dd46ea4ba6c7f069c854024f1f3cfca75eca10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.lotterypost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-type
text/html; Charset=utf-8
content-length
20132
cache-control
no-cache,no-transform
content-encoding
gzip
vary
Accept-Encoding
set-cookie
g=a=44474.8121764815&b=44474.8260653704&c=%2f&d=; expires=Wed, 05-Oct-2022 23:29:32 GMT; path=/; secure; HttpOnly f=a=44474.8121764815; domain=lotterypost.com; expires=Wed, 05-Oct-2022 23:29:32 GMT; path=/; secure; HttpOnly tz=1; expires=Thu, 06-Oct-2022 00:29:00 GMT; path=/; secure; HttpOnly ASP_Session=QWRQQBSB/BCDGKLACAGAGNCGMGIMEANJI; secure; path=/; HttpOnly g=a=44474.8121764815&b=44474.8260653704&c=%2f&d=; expires=Wed, 05-Oct-2022 23:29:32 GMT; path=/; secure; HttpOnly f=a=44474.8121764815; domain=lotterypost.com; expires=Wed, 05-Oct-2022 23:29:32 GMT; path=/; secure; HttpOnly __cf_bm=E15v1Cwm6fhT5VEpfpanng_NLFf3HyUhJxD7.4b_dgA-1633476572-0-AQlwpa1CBaof8mstmBRALmr/RtZ2wNdIi0TIdji1svIuJhPMfsduIhBTiCQEwG6yZf8QfQgdQZ7Pm8AMGNWaBO4=; path=/; expires=Tue, 05-Oct-21 23:59:32 GMT; domain=.lotterypost.com; HttpOnly; Secure; SameSite=None
x-lp-member-status
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
699a6ebefffc59bf-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

location
https://www.lotterypost.com/
date
Tue, 05 Oct 2021 23:29:31 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
225
x-xss-protection
0
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 13:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 05 Oct 2022 13:18:29 GMT
asp
lp.vg/js/fs10828.0/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/fs10828.0/asp
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
24905
last-modified
Tue, 12 Jan 2021 20:27:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktwlU%2BPU83NOcYzv9vO%2BER8Rhgna8FbZND4keRRQiVBA712P4Gz4qCd795gIgan2nmPw5KcRxvO9R1Pg9YpZf6gC74oW8Uuypfo4LMVsiURKlxmsG3cbEKwEqd5y7GsC5%2BkH1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000,no-transform
accept-ranges
bytes
cf-ray
699a6ec0cd2f0e2a-MXP
expires
Wed, 05 Oct 2022 23:29:32 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 22:38:03 GMT
server
ESF
date
Tue, 05 Oct 2021 23:29:32 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 23:29:32 GMT
asp,asp-main.css,news.css
lp.vg/css/fs10828.0/ 		63 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13978
last-modified
Fri, 30 Apr 2021 16:51:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jlaLpGLL1cJ8kd95tprQ2EdPcTO%2BQet5UOvhHgsD%2Fan0mBsUE6vgWskutaqDcD2TS1oY4r44IwdYiHjQTFoAl8JbpD2bnvBFDEvVogUsLHXDXjTrxwmjAbhKg1LO8ycadPWdug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000,no-transform
accept-ranges
bytes
cf-ray
699a6ec0cd2e0e2a-MXP
expires
Wed, 05 Oct 2022 23:29:32 GMT
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc6401178db74899e2cb62ea5015681932488b766b2166df077b315f01c87057
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1007 / 397 of 1000 / last-modified: 1633471763"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25819
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Oct 2021 23:29:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
content-encoding
gzip
etag
3900a2c2d757386fb762bfd86288f882
age
230
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1WVAFDX7DSNC0V5NT06Y
date
Tue, 05 Oct 2021 23:25:42 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P3
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vEE8mIWHt6j4JnQ8ZGawgqXWhRLUOZUEyDDdHs4RCct0wffPdjyNfQ==
pb3.21.0.js
lp.vg/js/f1/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/f1/pb3.21.0.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
62878
last-modified
Wed, 03 Jun 2020 14:37:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auQvPyu8GC9K81BfEFNHiYRmbp8n8HHRkuRFSfXU88sz0lC%2FHeb1DVrByluPl9AwqoU88UzB8VajyPiBQuwd%2FpPpNTcc6UN7me6euoVzKogBUznHMfIGQc%2BRMVrEOO8EV7rHSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000,no-transform
accept-ranges
bytes
cf-ray
699a6ec3aee80e2a-MXP
expires
Tue, 04 Oct 2022 18:42:23 GMT
gtm.js
www.googletagmanager.com/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf08f3419c0eec2558b52cde89a8998a56ab802ca33810be7f01437b0164a8cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33588
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 22:01:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 05 Oct 2021 23:29:32 GMT
lp_logo.png
lp.vg/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/lp_logo.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20811
last-modified
Tue, 21 Feb 2017 21:49:07 GMT
server
cloudflare
etag
"614390538c8cd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YIMGiu%2FwByS2SoIUpk9STzjGhGXJ9yRGxDss%2Fu9bRT%2BHzjyoeH7X%2FDpAFnj7pWoYtwjTmJezRxMyr0WFzcTbYqqRP39Ml8u2%2FNibv12mEwYEZjVneNmfYPfHdYvzj9Cu4b2jqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeea0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
b.gif
www.lotterypost.com/ 		43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lotterypost.com/b.gif
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:path
/b.gif
pragma
no-cache
cookie
g=a=44474.8121764815&b=44474.8260653704&c=%2f&d=; f=a=44474.8121764815; tz=1; ASP_Session=QWRQQBSB/BCDGKLACAGAGNCGMGIMEANJI; __cf_bm=E15v1Cwm6fhT5VEpfpanng_NLFf3HyUhJxD7.4b_dgA-1633476572-0-AQlwpa1CBaof8mstmBRALmr/RtZ2wNdIi0TIdji1svIuJhPMfsduIhBTiCQEwG6yZf8QfQgdQZ7Pm8AMGNWaBO4=
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.lotterypost.com
referer
https://www.lotterypost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
private,no-transform
strict-transport-security
max-age=15552000
accept-ranges
bytes
cf-ray
699a6ec3be1759bf-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
usa-mega-button-2.png
lp.vg/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/usa-mega-button-2.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
17960
last-modified
Fri, 18 Dec 2020 16:20:19 GMT
server
cloudflare
etag
"ecbb9ad59d5d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79D6i%2FOptHzIpbT6gRzBf5QqoYWsX3uv8EFasR6vY7CE71QN1Q1abJ10X9UsIpE%2F8VEYm%2BXjdHx6p2FB%2FUL8%2BZaOrhd4ZK%2FjFi%2Fr4WWvp8%2Bhgu1G%2FigscqxLJmab1yqbLca9Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeeb0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
LotteryPlaces_140x375.jpg
lp.vg/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/LotteryPlaces_140x375.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19025
last-modified
Tue, 21 Aug 2018 20:38:45 GMT
server
cloudflare
etag
"4f827df48e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BccJmzHx5uyztVzmLpaQPiqT3x%2FkPBYlQGB%2Fhe%2FwGsbdHT2tCb9G1TM9LB1KTJSPVl3OIGKmIK5p937BP%2Bebd0OG6032%2FcNWnFCxa4yQxMRRLiBU5dUPHs1%2FE5EggI1B65LBsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeec0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
Results2012-US-FrontCover-57x72.jpg
lp.vg/images/amazon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/amazon/Results2012-US-FrontCover-57x72.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1818
last-modified
Tue, 21 Aug 2018 20:35:02 GMT
server
cloudflare
etag
"1f7ea56f8e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAndxpHgUFLX%2FgjK58ZqTwIdmkVNqjf0Tk%2FrF9HAqMmgMtZKRmgjNMZKcgOwsYdDTDACfr1Zxn6zAg3pmUbnTb%2FdW%2BGweQOIuZbRX7uiEgrSbUzsUE0ZKZT5KyT5MGG700Ky2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeed0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook-share.png
lp.vg/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/facebook-share.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3387
last-modified
Tue, 25 Sep 2018 17:12:37 GMT
server
cloudflare
etag
"fae128f5f254d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jf0ibGjMLznucRtau5gHS%2FMirgMQshS76TrbSKyip9Qik%2FsWYhMC6xWjkxmJYSz1DSuAIlKW9NoEhn9TEl2GM1jqcf0Vvl4ZdbKGNc4PDuK88u5Nywkh0z8fy48P9BFAXs4aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeee0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_powerball.jpg
lp.vg/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_powerball.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88e4806e083246e88e8bcaaf24a32bb4a5d12825a45696537a64d8758880538

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13153
last-modified
Tue, 21 Aug 2018 21:01:50 GMT
server
cloudflare
etag
"c6a64d2e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yyRrCECQqEJe6TzPS7r5pXobt7o9%2BlgQKg8R%2BoYySugNmWTrgjfIb0xkPLY8VZK1ci4gdBeRZ2Zw4dmziqBMlH8vzoh%2FzTelOhuNdUkbs7dv1yEtLNvUmKrhUCWvnGAycj3XWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aeef0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_ialottery.jpg
lp.vg/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_ialottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
14138
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"46b6362d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oadaCmHorAJFf8UUggYNz5SSuB9vRMOtQSXZ0gbySJnM0UhLEIHicRhsncNZNbCBR%2BAhb42IQLBFC3%2Fcheu30g2a0aSW1LLpBBqIessKfkViprw8Wc%2Fi04Wt1OCK8qQHUGy9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aef00e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_megamillions.jpg
lp.vg/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_megamillions.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18243
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"d9d4d82d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8EbwP0HvBpLCMEiz4Ez%2FvMLU1AayirqX9OTLBWxhBJoEnuFho8lXdOnJhklzeun1RX%2FozKcjiFW9RTRKvjq1tvyo12vkRFfTxei48I4IBdCH1w%2BVYs83Dy%2BYmxaJtHfgJPxTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aef10e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_milottery.jpg
lp.vg/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_milottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
12678
last-modified
Tue, 21 Aug 2018 21:01:49 GMT
server
cloudflare
etag
"89abd12d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrnfdH%2BAeltUHL3IsDd1N9up0qPpZEu4utuX8Cx8Et55N%2FBYw1OqPAUT4%2Bzex5nEexkhtWkpoSvQkElp2r%2FqDeCLNzJILU6EdoUc%2F486XE6gU2z0I2D6inbR8RwjJwI7tsPoRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3aef20e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_txlottery.jpg
lp.vg/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_txlottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b813df1588f1943d275a86850087398f0278bcc4c068088ac77c6c8d312287db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
13110
last-modified
Tue, 21 Aug 2018 21:01:51 GMT
server
cloudflare
etag
"f8f2b82e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBGwcQcawOi7FeS8FtElbE6%2Bkbnv53DDhUM%2FV8747TaFQEP5LDLqiJpel%2BDgDbX8IK7R9Ef%2FFhQ0eKmS6OPqxE9asNSho7z7WUs3GW3kLOBEdtCLkt%2BB7G%2B7lMp7oWpj9vNL0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3beff0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_valottery.jpg
lp.vg/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_valottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08c30d255b6876569786f56c1e5a605ced32a91b468b25ceb07a9aef4366c4b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22410
last-modified
Fri, 24 Sep 2021 22:51:58 GMT
server
cloudflare
etag
"5d5d85c796b1d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qija%2FTDgTHB4sFJa%2FB33L3kM8M7rucL2yAmIFX6ifyK9FkohLqKpZ9TRZjza8boM2xM3AQWwASBpQA6tMZ8BG24spoUWBCCgw8VT49KDLQJRzNHRHyTTEgZB3shhEIphbs5Eyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3bf000e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_video.jpg
lp.vg/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_video.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19468
last-modified
Tue, 22 Jun 2021 20:45:47 GMT
server
cloudflare
etag
"77f34294a767d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueq4X4DVLPPUAoYZwhjNN4WRbVQHNy%2Fem8nty9z3jj8fCGO%2BdqzFpMAU2%2BMUNv33TKRO5%2BvqvzuGjbYMrQ2S69HwwT0r5Wggo41NCZpBqXsPSgFIvx1imV56wCGoTPDZyTkc7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3bf010e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a91020548d67e771f524cd09adb38a3a87a3b9017121546c4a17cc9470dfa4ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51238
x-xss-protection
0
server
cafe
etag
8454071032896553064
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 23:29:32 GMT
advert.js
lp.vg/script/ 		70 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/script/advert.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103629
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 11 Feb 2020 14:29:00 GMT
server
cloudflare
etag
W/"6714389ae7e0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXcW1oxSAjRnS3ygU3XNtwDSdZELHTmsJ4jpa9nX1B9ha33vGe5UVqE6vgX%2B%2BGvS66XYxaX%2BrYdNPcPJEB8Qj3kUb%2Fufjp1IYMmbwsFenqg8OOoYxpwldi%2FBBpGhroChb%2B6yZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec36ecc0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 16:39:17 GMT
server
cloudflare
etag
W/2021.9.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
699a6ec40c60f923-MXP
bgbody1.jpg
lp.vg/images/theme/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bgbody1.jpg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2922
last-modified
Thu, 11 Oct 2012 12:17:36 GMT
server
cloudflare
etag
"e828f165aaa7cd1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nG3w0jQbt3mz2ogt3DeHmdhD8qW%2FMRdNFrWYzxGdg59Sd1dDppHFFREr3jBMMDw8WIOJum5R7Nf5dxvf2yE4opvMjaTYU8Mq6xCriXKhFxL0j%2BKkWqEbwG5AqjufPJS0eC0eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3bf020e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
gold-star.svg
lp.vg/images/svg/ 		1 KB
1022 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/gold-star.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"33c4be19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alOammAp1hlJtN6B0%2BukFr%2BB85l%2FQ7SgYWqqMI6HCtlRNLlOZCDntGQpthvu5u1URmAWmDOAdXC%2B%2BlT5qEreYLwq%2FIkrD%2BNr1V3ab%2F6753e%2FVvukOEz899cgOrJoYitdsxRx6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf030e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
books.svg
lp.vg/images/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/books.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:05 GMT
server
cloudflare
etag
W/"ba6cb7e09023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XPb3wt3Y2o2vV%2FMVaSp31R%2BIUpi%2FiVAOz2zWZdeHywqPjPBdOXlItautUGKXRl%2BE8zcAr5ZehulxTPo7b1vJ9J1A15YNPq3MRd%2FBKON2NF65O4%2BUdMJh1mgOqZRHXPzhm22MtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf080e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
icon-gift-gold-64.png
lp.vg/images/theme/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/icon-gift-gold-64.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6609
last-modified
Mon, 23 Jul 2018 18:37:22 GMT
server
cloudflare
etag
"b5abe231b422d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95A5vK5RrQwKF%2BnIESpX%2F3lIvkude%2BDSEUTvFKErkLzKWteQTaiFVkfJ7kg0FRWNxcq%2FyUG3HAJnqdAo7txeBxpiapZ5iaWMd7XaiBSQ55FuPsuMtIMNZo%2BzgKFtl1ui8JNlhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec3bf090e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook.svg
lp.vg/images/svg/ 		332 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/facebook.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"d37a27e19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ND7yr%2Bcu6KrQBoztPktCFRhzNS3yw96XWVgAKMLrufb0aW1%2F2fb3lHIyHg2ZS7LR6U8K0jcVYOdyR9VVVcu%2B7pbIGnl1dmbyk5hBW66BKxWFtXRC9xgV47WTpX%2FTktdCuB8s1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf0a0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
twitter.svg
lp.vg/images/svg/ 		370 B
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/twitter.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Tue, 24 Jul 2018 20:57:07 GMT
server
cloudflare
etag
W/"eee315e29023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BZ2hhYeQWTc866DP7TFpgOYr2STvzH2%2FJ04QO85uVHOsegWLAYVeFZuGXOZKU%2FXIWL7jjn4YWtoWhm1t2kuaxSwnxswSZRfA6B%2BZo8gtJkE%2BLQGHinXp%2FjarCo%2FBvHT4DQ1wEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf0b0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
instagram.svg
lp.vg/images/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/instagram.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 30 Apr 2021 16:37:56 GMT
server
cloudflare
etag
W/"ceb4d42cdf3dd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTb%2BXu3dP%2BQ8HfKIpj77hOBdvHJ%2Bl8J0BcRRK3ihChur%2BD5J236gruxQx%2BuY3fuQkbFYkei5WmWtst2wTOyL816UVZA7p%2FYHhReYOJkA4vID9U2E2ke2hoGck%2BhnwRB9DztcLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf0d0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
youtube.svg
lp.vg/images/svg/ 		358 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/youtube.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 28 Jul 2019 22:19:01 GMT
server
cloudflare
etag
W/"174bb1759245d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFWgFRWqBv%2FKiR9DuCKLGlJDfG%2FVntd3cOxI0FCHKNsCLnkpyJD64dlBlap61WGBIKIgnxp6JSlPASlMoUs9FkI9IIsPTKSPhGeIpT9fmAMF1fqDRFbAkhMt3vzfvQPax4vZlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec3bf0e0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		46 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
amazon-logo.svg
lp.vg/images/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/amazon-logo.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sun, 17 Nov 2019 17:10:11 GMT
server
cloudflare
etag
W/"341238df699dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kDus1Is8t86E5KF%2B9d9i0KRbhsq1pwRt9d9DXoa%2B29SCZCoSBI%2FQ4eYUYvf4git2PFUBQ1Eg4fo3CAG2nQ77Rz6Cmg8WfNDcuAYp4ziS%2Fc4TZvIS66hcFj9bdu240WofQtbNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
699a6ec40f2c0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
sprite-24-1.png
lp.vg/images/theme/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-24-1.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
52800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
138480
last-modified
Sun, 06 Apr 2014 16:33:55 GMT
server
cloudflare
etag
"f04f9b0b651cf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGgbEPZj4uH2U%2Fc6akSsqLrsz0bIkwIT8ByReD2NZy6k%2BfCJJuhAZmgV4MUFH6%2By0NJhjdwT1dmP8jGn0%2BJfECrhmuBHbqEwpGB0vb7pvcdVIAq48rlVYaG%2FIELhGCO3vWBccQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec40f2d0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
bg-footerContent-2x.png
lp.vg/images/theme/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bg-footerContent-2x.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30167
last-modified
Thu, 19 Jul 2018 18:33:19 GMT
server
cloudflare
etag
"7355ef78e1fd41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Jl4FJ7yvHqC6DTxRpDXdqlyhBCxXrGDDci19b2FATfuiaPgQG%2F6zC1fUsvr7oSlUO%2BKsrvOZk%2Bt5J4zlA8E%2BQfxntEfYM2%2BR%2F7a6BTy2a0TjzrDI66bsvLfqdZGwAn67aC21g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec41f300e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
bid
ap.lijit.com/rtb/ 		93 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.21.0
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
71df2ea76e7bc4e40b7c29a9b6817bc1fcfccb1262c3dfc0bfc6a30b65e9f83d

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 05 Oct 2021 23:29:32 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
prebid
prebid.media.net/rtb/ 		330 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
955989f9323a6bb8a2cae91108aca7193f4f8e8e782e1ccc374430dbd254afe0

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:32 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cygnus
as-sec.casalemedia.com/ 		25 B
578 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=341167&v=7.2&r=%7B%22id%22%3A%2213bf621d8d7e86c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214307ce92edfd2e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341167%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22159b7e8c28c07e1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341166%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22163fcc9f299d5f1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22174c0817d174ad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22183b3b8891fe733%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341162%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lotterypost.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e2612afb04cbcea013499e68efa6aec0c38aeba41cb4d16417692fe1b25f452

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:33 GMT
Content-Encoding
gzip
X-AK-INITIAL-GEO
CC:[DE], RC:[HE], CN:[EU], CIP:[185.232.23.181], XFF:[]
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
X-CS-CLIENT-GEO
12
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
45
X-AK-CLIENT-GEO
12
Expires
Tue, 05 Oct 2021 23:29:33 GMT
prebid
ib.adnxs.com/ut/v3/ 		10 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
7ce58446680ed8f4bae75f61c0dab8875c4271c44d06182e67a8e1c1b1b21c69
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 05 Oct 2021 23:29:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
06b38b82-b4fa-499f-80cf-cc42a421b793
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		4 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c88ba14ddd56ad58b697c9317346ecf29af4f205dc131c982fa18e2894629f4a

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lotterypost.com
date
Tue, 05 Oct 2021 23:29:31 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
auction
c.deployads.com/openrtb2/ 		63 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_3.21.0&host=www.lotterypost.com
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.154.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-154-99.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
7d25315501c2acf3479ba7acf3eb53d947b003a092f895d3f2ad04842bd1b7d6

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:33 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
63
SessionCount.aspx
lp.vg/services/ 		47 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/services/SessionCount.aspx?callback=jQuery224044610666483589423_1633476572793&_=1633476572794
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a933656de5c2ad92d1aed602522c19de5d193b55e2db4deee759e93368fd72f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VOPiwlf7PSGY%2FKxp%2B3S5bygcWNL2x1IkOFW4VPgMVH%2F96XEzzq2bF6MbtpMSgoLNUwEw0i1R17w5HdRKLMnqG1QLphRIgvUfdvqbDZKgjuM59uH8mUI7Uv6H9FlsHzrlYA8Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store,no-transform
cf-ray
699a6ec4cfa80e2a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
70
expires
-1
sprite-16-2.png
lp.vg/images/theme/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-16-2.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:c5a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lp.vg/css/fs10828.0/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103628
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
76265
last-modified
Tue, 13 May 2014 19:03:09 GMT
server
cloudflare
etag
"e0132fbdd6ecf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9caIn4cogCXOz2ycnr8oPFIcxjcJPBPW%2F6WTCeWd4%2BTmv0BmwxOXRYU%2FByWBnK%2F8eyQAspteklB4G0Kkjn6dmb3rYU0%2FyEbFRgoCscI3KgD6TyrZLPxsOxXi4%2Bb2ao3Z92u6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
699a6ec4cfab0e2a-MXP
expires
Sun, 21 Aug 2033 05:00:00 GMT
pubads_impl_2021092301.js
securepubads.g.doubleclick.net/gpt/ 		338 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121150
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 08:34:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 05 Oct 2021 23:29:33 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		75 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.lotterypost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f716ad7f9c7d704196846ea6f7d24eb9a2214e2a5fe4f157291c715c246ef97c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:32 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.lotterypost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
doJ7mS5UE04ZTdEraHU9DKoa2-X1Y760AST2n2dm7oDww49_6H91Wg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pid=D6cx4dQTvDAW5&cb=0&ws=1600x1200&v=7.69.01&t=900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_728x90%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_468x60%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Primary%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Secondary%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_120x600%22%7D%5D&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78cb.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-amz-rid
FRAZGX0X1A758SJGREVR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
k5Z58xZ_ehW-KKSJl9jD8VOESCHqqYcK4XseNsjg9FD2e6k4HAaiFQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.210.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-210-175.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
61088
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Tue, 05 Oct 2021 06:31:26 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 740769d10d5ef217a54d33b1ec64faf4.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
7OR7DkOj6V6jW2JHHyAjkHJrquUIgkzfDykvAqDFfXcDItzYGXQVHw==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/ 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4c1f4ad75aa23200a7b5d63e1994b70f989742dbd44d04429045a0dab617b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97185
x-xss-protection
0
server
cafe
etag
16231236622537800498
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 23:29:33 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/ Frame E007 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211004/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211004/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 15:14:38 GMT
expires
Tue, 19 Oct 2021 15:14:38 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
29695
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.lotterypost.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 04:47:29 GMT
x-content-type-options
nosniff
age
153724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 04:47:29 GMT
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2744
date
Tue, 05 Oct 2021 22:43:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 06 Oct 2021 00:43:49 GMT
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
etag
"XUylRaJiJNdi08iU32oNYQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 12 Oct 2021 23:29:33 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
13929727
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 985c0b2ec44bdebc7f24f26d1e427d31.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P2
X-Amz-Cf-Id
8b3AZcKIe9EvPKNxQBV0_caEQ6Se-VT6wPyl0k_KufSgbZ9pqGdFkg==
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lottery%20Post&time=1633476573154&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.lotterypost.com%2F&random_number=3148000173&sess_cookie=02e52ed017c52ca77e2e91241fb&sess_cookie_flag=1&user_cookie=02e52ed017c52ca77e2e91241fb&user_cookie_flag=1&dynamic=true&domain=lotterypost.com&account=6BUjg1asOv00UI&jsv=20130128&user_lang=en-US
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 03:30:19 GMT
Via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
71954
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA56-P5
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
zt8zDbpkNZDdad9g2rpoxRRz-qOAg3Ke4RyfMcNrQXwK0hO6gMcvCw==
x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.68.102.112 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-102-112.us-west-2.compute.amazonaws.com
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
server
Server
cookie.js
partner.googleadservices.com/gampad/ 		205 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lotterypost.com&callback=_gfp_s_&client=ca-pub-3077964989149008
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d4b5fb772e3f8f9691b73875b99dd696d27adaa169382f30a3a193c8a32a9fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 27AB 		117 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd2bc837d31f27f7b36acba2f2edd4fd34f06768c46c5a14260942a139235758
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 05 Oct 2021 23:29:33 GMT
server
cafe
content-length
27987
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 23:44:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 23:29:33 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame B9A0 		0
180 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633476573&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573032&bpp=1&bdt=838&idt=201&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2278199595510&frm=20&pv=1&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1633476573&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573032&bpp=1&bdt=838&idt=201&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=2278199595510&frm=20&pv=1&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=209
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 23:29:33 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 23:44:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 23:29:33 GMT
cache-control
private
rules-p-7alUP9zu-TfBA.js
rules.quantcount.com/ 		3 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-7alUP9zu-TfBA.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:38:44 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69ff.cloudfront.net (CloudFront)
age
60650
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
content-length
3
last-modified
Sat, 04 Mar 2017 20:09:04 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
yKj4pMDh3ErGIxFj-xw1LyHOc34VoJBvcxi0lHDAdOsOVsYtarTfUQ==
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1976056787&utmhn=www.lotterypost.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lottery%20Post&utmhid=1653475523&utmr=-&utmp=%2F&utmht=1633476573254&utmac=UA-7096458-1&utmgtm=2wg9r0D86W&utmcc=__utma%3D130209170.582819757.1633476573.1633476573.1633476573.1%3B%2B__utmz%3D130209170.1633476573.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=852666107&utmredir=3&utmu=qAAgAAAAAAAAAAAAAgQAAAAE~
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 05 Oct 2021 23:29:33 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3983645627881113&correlator=3399730385042812&output=ldjh&impl=fifs&eid=31061815%2C44742768&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211005&iu_parts=13070090%2CLP_728x90%2CLP_468x60%2CLP_300x250_Primary%2CLP_300x250_Secondary%2CLP_120x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C120x600&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format_appnexus%3Dbanner%26hb_source_appnexus%3Dclient%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.09%26hb_adid_appnexus%3D4000aba0b669996%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D4000aba0b669996%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.02%26hb_adid_pubmatic%3D39c3f8048d754ab%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.02%26hb_adid%3D39c3f8048d754ab%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2&eri=5&cust_params=Device%3DComputer%26Content%3DAll%26Category%3DHome&cookie_enabled=1&bc=31&abxe=1&dt=1633476573308&dlt=1633476572195&idt=974&frm=20&biw=1600&bih=1200&oid=2&adxs=712%2C496%2C1140%2C1140%2C178&adys=10%2C530%2C194%2C1197%2C1309&adks=167273885%2C4006668155%2C1304712773%2C2713855732%2C267450723&ucis=1%7C2%7C3%7C4%7C5&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lotterypost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1300x0%7C804x3303%7C300x3353%7C300x3353%7C157x1991&msz=728x-1%7C468x-1%7C300x-1%7C300x-1%7C120x-1&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=true&fws=4%2C0%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
7bf665ffe31f571f93841c1357cd41852238e36a53d4a83fda73a63e064d695a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31558
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F9DC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel;r=291828469;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-184219623-1633476573330;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=lotte...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=291828469;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-184219623-1633476573330;pbc=;ns=0;ce=1;qjs=1;qv=00a3769c-20210929173447;cm=;gdpr=0;ref=;d=lotterypost.com;je=0;sr=1600x1200x24;dst=0;et=1633476573330;tzo=0;ogl=image.https%3A%2F%2Flp%252Evg%2Fimages%2Flp_icon_310%252Epng%2Cimage%3Awidth.310%2Cimage%3Aheight.310%2Cimage%3Aalt.Lottery%20Post
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame 27AB 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55332
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Mon, 03 Jan 2022 08:07:21 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 27AB 		1 KB
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:04:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
837
x-xss-protection
0
server
cafe
etag
7640065535275194769
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:04:39 GMT
4140bf7ce6fde5aa25bd63c4146c06f7.js
www.gstatic.com/mysidia/ Frame 27AB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4140bf7ce6fde5aa25bd63c4146c06f7.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dee852eb3ae7251e2b4cb91238e21bf99353690b2aa2827912856a460b375f44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 20:30:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
529142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7680
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 20:30:31 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 27AB 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:15:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
865
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7605
x-xss-protection
0
server
cafe
etag
4152153861754824712
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:15:08 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 27AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 27AB 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 27AB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
11727455259813989139
tpc.googlesyndication.com/icore_images/ Frame 27AB 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/11727455259813989139
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3e8c09bb678554529832c6d75a38410fa710832269e40a8ed74773da3393c21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21948
x-xss-protection
0
last-modified
Fri, 24 Aug 2018 03:46:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 23:29:33 GMT
4962161722169720509
tpc.googlesyndication.com/icore_images/ Frame 27AB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/4962161722169720509
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f04ba1e44f375346e3004e8c764b391033c56e2d3297218ba108d50788ffb86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14093
x-xss-protection
0
last-modified
Mon, 05 Mar 2018 03:30:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 23:29:33 GMT
7657924250293599903
tpc.googlesyndication.com/icore_images/ Frame 27AB 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/7657924250293599903
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba856424cbf679cbdd0107d249eb68b7f62012a13dca26ba5fa48dabe04746b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 19:02:27 GMT
x-content-type-options
nosniff
age
448026
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14591
x-xss-protection
0
last-modified
Wed, 23 Jun 2021 01:22:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 30 Sep 2022 19:02:27 GMT
6380814753046758231
tpc.googlesyndication.com/icore_images/ Frame 27AB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/6380814753046758231
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f49691475663af0b6f95af60cec34547603722738c384ce1e67928ba86280c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11620
x-xss-protection
0
last-modified
Tue, 06 Mar 2018 17:53:58 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 23:29:33 GMT
14297784188818278285
tpc.googlesyndication.com/icore_images/ Frame 27AB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/14297784188818278285
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387c96ccbbeb381248c3dbc086b8e34d313ddad0ba99c47795c0199c7e39276e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 19:05:56 GMT
x-content-type-options
nosniff
age
15817
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14114
x-xss-protection
0
last-modified
Mon, 05 Mar 2018 04:21:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 19:05:56 GMT
2032180285484186420
tpc.googlesyndication.com/icore_images/ Frame 27AB 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/2032180285484186420
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed663829f239877ce3e0ed6fe2b2ddb37fd9f8290b53aec8fb06da866bdfb43d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11465
x-xss-protection
0
last-modified
Tue, 24 Aug 2021 20:26:40 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 23:29:33 GMT
11694773957068286302
tpc.googlesyndication.com/icore_images/ Frame 27AB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/11694773957068286302
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20d50a214cfc2d2d34d1bbba769871b1f47d55bb1595a5061041c18c1bd52f31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:33 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14638
x-xss-protection
0
last-modified
Thu, 03 Dec 2020 17:56:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 05 Oct 2022 23:29:33 GMT
4015062679777611412
tpc.googlesyndication.com/icore_images/ Frame 27AB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/4015062679777611412
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3c0c686269883af89dc5eb52e5d97fbe7b7889d1cdb9ebb2ce8a4d7b200259
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 09:29:07 GMT
x-content-type-options
nosniff
age
136826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14869
x-xss-protection
0
last-modified
Sun, 25 Mar 2018 19:50:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 04 Oct 2022 09:29:07 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C4v993d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQASCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCnCTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=hk6_r3PiXxo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEzBv3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQAiCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCnyTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=rln1XgikT2o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CEtfQ3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQAyCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCniTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=dsQK94fS4l0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CVu7U3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQBCCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCmSTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=8S6p0CiEfag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbIFQ3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQBSCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCmCTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=rJNycP8eIjM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1tax3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQBiCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCmyTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=qLcUWA9nMaA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDKsx3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQByCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErCmiTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=SbvdG-H39cU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 27AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Ctr7x3d9cYbKcD4aYgAetzqaoBKXVnbEFjdzCup8Cpp6tjWsQCCCSivACKAhgleKQgqAHyAEBqAMByAPBBKoEjQFP0ErClSTaI9MGlFyiRi6rwasEo-c0zBe2nynA1IiyoT-vM_WteYF4TJiI-eZCPfeBfjE2nrWfItyst_VECaZS482KCx8qRGrG2rsGcSEvez3MVCEJ7TdICARj7IfqCyegFtLvOOeWV68iSPD67vqOPBVzgxorgwRv_bnP-vn7WolgrJ5PtY5bP8R15n_ABKXAy4o0kgUECBoYBKAGRcAGC4AH5ffiNagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHSCAkIgOGAEBABGF-ACgHICwHQFQGAFwGyFxwKGggAEhRwdWItMzA3Nzk2NDk4OTE0OTAwOBgA&sigh=ujVE5-kqTZU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 23:29:33 GMT
truncated
/ Frame 27AB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90ac99434a5c356465fa979e3ac1c9d27ddc5b0796515811bc0c89ba287c5aca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F9C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E4B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A3B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9243 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame E172 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1633476573&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633476573012&bpp=6&bdt=818&idt=191&shv=r20211004&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&correlator=2278199595510&frm=20&pv=2&ga_vid=582819757.1633476573&ga_sid=1633476573&ga_hid=1653475523&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=328&ady=3015&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063019&oid=2&pvsid=3983645627881113&pem=49&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=iD5BRdqKC5&p=https%3A//www.lotterypost.com&dtd=209
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
container.html
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 46C8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 05 Oct 2021 23:29:33 GMT
expires
Wed, 05 Oct 2022 23:29:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2EDB 		624 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 23:29:34 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 1F9C 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMOxC89lmvfk3tkdfgxFr3TBqoQuKc6JWWBlMy4gFpUIa_koXdHBWV8xMr8Nc4kgv7kypV0F8CRSKKVX1iYDfcrPlqLgmEwox1MzOcBCShCBmoa3028kJ3fqXnYi6izinjXJq56bIVBSujadqK0XEI7ohzsg&dbm_d=AKAmf-Dz0IUnrZ7cZETfeSLQ6FKS1wKtxr_uO0uZECDzA5HdiloMElYz8OSRXxPIb_bdNCvZ1fp7n88eqkXaNgVeVDJgW0-1rrXbPig1rgKLuDzGRljNXMUEAkVqU1rXEjZtig7hJFxUlK4KQdfG1X6hLKyZFz8DvaJpCC1PqxWvnDMKN_cE39cKFCzYCsfwkDoyEBCAoij2eJXE23VcUzQEEW6nOBodN7EiHprZ90rZ1gXIKzN1VuQZ0hqecugjJLlD8nxcueITkHkpV7FBK0PNQB0PVsDmRe2XQwJp8TIycSNlgNEzqG307ump5Apsc_8TYYNetQbYTbH1K30dQ-RXrHb1GtClF-PPJ3hy6JU5uauPxQOvz3POi6In2PR4pCdtMEB4JbrJgrClR3Rarqqp8aAQD7nJvfvZSQ1xBQm2WZH8nqFnNPL9KwV6CBMLrhZPOfaGPkWPyBOMuCT8chRFWksFbiN9OIdEB6fPmlNPo5d9mlP0pIUj80wqhLZr4pa4P10EtrS7whqya6_SF5sO17_2brce4b0Vsj6qjmFm9zziUs5YxJw1OyT8YqRM6nuweXDV8dcYWYSmUcpLcggPsEl8Gmg9IjbVs3OrHiCeU1XxsObTASaKyXjaOuzkog4Ev87hczU8Atr-aG7-JzGCQB0I96JureWudcWWTS-pGW7K838DDNenzunR5qVu1qgFvUsVWLC0JYqi99QIvHu0PvF-NWVsL8c_iYRhhTCrxd6gXJipF_sy0o9VKdIWCCn_xwtVtPsgHJFWUtc3Snn9dPGr83V24dRZT1A2Zi1CzsZM-L7GcPC_7G8aRyghV9CRGrWTL2jQ1gVJq2OF8yXrdBgNJ0ydfiuXm1juMtwbw9PDIK4rJbL00S1LMbLwRBefJz1UApSmLsfahE8BCG3hImel1Rnd03FXNfIustL_WVt5louBGsIULa4guFpCErT8_uFR_obTaqjCWSCbWcbvmZdat6FhtR0Ch2skn2DWV8ryMDQmsm_44hMXNfpiAYHhBRSV2uzl7XStRwkmlvCBil-lXLBrlkfmXZbQNbaTaoTnLZz_uTjbzf96gr9rzBBP7o5Ghd_3Ri5X7ii3nepwfgGxRZLPdEO3sZt7jwleT-Xjnak1ijLRmGQS9rY9RoCK1FSUIy3tlrQEmhQ3OGzCAQMwHOqFdsRQwIfR3_IkIih7oGqwInbqMIX3hAo-pENP59uKv8AJiepnbicquNruiTm-mDD44hAGNQvz-HBb71owe2Hi_SjKk91hcmhug9UFkuWWMzDKuiFU5yoOCKIsl-SKnFsT7k8FOclwQccc9-eeQyr5SPig6vW8nIA1wkSfOD-YbbJm8IjwcpHdh2Mp1URF2bMT0__s7EioJjYW1-XREKKLEiOjbs5TnonAuBbhrijsiboEv81d5FVi6T-2baMQLidTcgbVBzQdSoZLbj4JuFiNWZyKGTGcWrPYIz7ASxmbvaTvUio-sHpgnmvlQ5tiNTQPHf_3zPCSomXaiRqBtwsGfYosMvdgdOQglOOLEEB89qr17VKZEQPxBwSmwfM2C-SFwpUqMWVH5wHtyjMdOxLi-HxecHIz2AW3lecHMWqTTvn_R5fC5FFOxyXhxXlb4yFpvDHtc9bTv68Ssozb05eG9qnfo0BT619Y9HZ4suU4-M9hGOrESds1s3TcAOPaR-eDRFZlY5MJM4qc9wIk4AGobqnnkL7NAMlKAk9YMj4upFUFZnB70tZ6iEKmjnH_PKdhNqhBOs3yt-1ixZY8HSGu-EndzUErn_PPDTyb2Ym-LKqLYDNRh8dFl3y8bDxJZKF_Q_ESntLK86RzZysgCFwv8EAhNLOgoKWNjBDpyi9pKoEgdZCpBECJodLCoSIgQifKHdjMOce9w9SJDWz73pA6ejPijTYMBUm8R4PEsL-VJC8iWP40p_MBRRDcyhaHp7GDv5deQ52jO0YYStv9LM4NCZ6_lhIISTZXtDyQbd8JCxlU9HfxyCckbhubP178diKtjqh8WMecygWmX5szTMxCV3pg-CsGxQyk4Rkp7l5QMPuQFSOPLN8fkDlJYP6NYbvZ3jeH5ZRtM9ysvempxqZaUA_oj8HZgcts-4Gd5XdE81-k9TyDCL7-s-QlQW9YTWVGrguWPc6tkl44TEhkV7R6pqX3BztzgzLrFlhhU6H-OloVhzS1CfHAtQZkQdLa3V4ZZe0NvhEuqqtlHXAq53_GAtus0a09Kx6IAr0m4i0B7-6tMqypt8hHdTGi_cNZj5TaklZWaImqlShcffIU_8uKVb-P7axgcYqV7OKXTS8u0iBOjj0_gJkc0ldUPXDhk-XK9qo1CjvIc6NyES37S--xxiJ3aSCSWHD-nOXyVlH0Vc2rxmyZaHqImxrHXPkDLibzXxXTs2PktNBHRylXK7oYh-Q1PqNOX0AYP3xD-TGsdGXsdiMmSKl5QrjRu4r5j03zwXfdbi0d72nGCGSE2oVc7v-xftGEq1o4shJb7QE11eUJxt5ueVGF00z55XWB5ygUXpd7QN42Z5Y-E-RMMYUreB8wA2YPgdFXYKBSBP2iFyObEhaEf9ghGlupzw3p-rJdLg65m_t--HFy9VavzBTjxu3x0Kaohzx1jp5XvnO80kzBkxoNhzayZPT85lO65266gKKWWHPAfsFHflu--4WaMv72mbAUBvFQHu2jY6hlM0mvxvNK6Bo_yO_NlyQQcXogWs66y5TkCxUMC7U0lRkfmH-D6dskJa0XG7qZQoLzdG6SEM_30yOAZfGEhYx_tkpuwc8LZLt4VDyhu_HbnUIoQCqnbenONeGU4k-ZSroeX-teILOOaRU7-wBXo2d9hZIiWlg8737Gsjhb3RSxd5S055pLlqkdiLb8UhCOwWrFnI-k-Oam894xC9HplxzvAsaI1pScQPCBr8I0huQTQzjVkLhSCfuvQRBX8uujKoAWu6xavvFrptr9JI3zZO-QeQVIVT8xZU2w1ItoOMXA_YKT6xrUgFHihPeFGSyvwruoomLgEea8qx5ZvtkdGPZjlN_Uwr2JzMwn1H3PF2B7gPE_8s57n-ULAUteEzlWca7zFu7fkIPm0Gc7-0sZZIFhVV3CQf0Nt4x_fxAqBBQCIISUzh0kowY6szdvYUBhgNfP1bOk&cid=CAASEuRoTlO4YAOFTTkcKhqcBmRWfQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce8aa74dd3fd8050ad82ac308b1643a973a67d4a67d87c9f1c8d1c424e348f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28831
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F9C 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3L-YDDWvn5D0dp2XsowprZgyFZ3FTRCyEpp_YY5liFNt13vhZcgsCQtKb58r00kv0HkAUwYyWes5o2FfuqVq0QqvWfiQDnyVmhV86mXTs-P77kcg
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 1F9C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1F9C 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 1F9C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
l
www.google.com/ads/measurement/ Frame 1F9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSWgDSMXNAsszaCIGh_c311my_HImmKdVnMKo8egBgvWMw-HqYmCEQ4as0O4uPE8vObfyAXhh1dD2tM7whzf8RCbnqgUA
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 46C8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcSMI3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoEzQFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6F4Oq8RqM47TMXcsDkgM-op0f4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTExMjEyMjgzNzk4MzcyODkY2rER&sigh=JFx_dYBC5DE
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 46C8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1gt74vwxr9htxv4dbsz2cx85k2n20nmbxkmwgre5g1wg54hrd6fmdj1qst2ehv1fezehg4p4ep2mrenw61hyafm3v3bvm59q51xcj54mksjj8dtzfq17r5scs3c1v9rj6gpxh263fzjrxx8w4hsx0kb9wfdk6v2ett34r8fxxb5zpnj90zmm9f31kd3vjsjjfzcs6bjq1enyhpjj0kg6ksxk2k74evae8pvk8k9059h8qaf1b2cm2nhrendxk3tfmmgw7m4yv1pdyx4ffekx2c8edagkmnr4z3t8s5945b05mtx4443s6mqsft9exv29my6j9rtdcx10c6619qg4n7n9b9wc2bw8gsjdg2hbk9kmz1dk16ffzhzqcb9p8x84bx5vej992m&b=YVzf3QAFqLIKd6veAARgSjOkcBFgEl7mjxXs9w
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
alt-svc
clear
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 98FF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ad751946c6de307b0879a5b77284f993253c01c2e53aae57c34914303c399b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699a6ecdecd759e3-MXP
content-encoding
br
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 46C8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 720F 		1 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 21:06:15 GMT
expires
Wed, 06 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8599
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 46C8 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 46C8 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 46C8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 07:56:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Oct 2022 07:56:47 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8A4 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 23:29:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9243 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIgYhh5gy7fVUDKeInVh29-sd_ehEzkTIVjGFAa9Te8O3pyMs8iRyTfkrWF25in4Sg_xX4GxNSJ434dV_pvo0AHp8ZSlDune_5kNaEPsO5clqRXmUkspLo-rcN0B2kfHxcB9_zZ9elgPvY3K3Eg4LJxFhXow&cry=1&dbm_d=AKAmf-CbryaB0-2BAR3FhX_0LYF9dj-9qva0WHke0UFqrf8fdR2--p4nJaTELt-UYesJSKTaxx77yuNNVEzLL8iwAbWbJ1uMpHBlPeVmu8orNC9usuB8ad33Au4cH3wbWYE5tfq6S5Wl21hycm3mUwh81jEr9OG89kUcxCSZPoL85AMdDIhFBKaAcOoGxJeqRNVCXOmBdZqfX778AROLJJwvUW5G73DcKPIiRJcI7hPUAlBB33lrz-bxI5UpHHocbT05NXGbhgajFKtjmWLGs1zMyHiWt_AxAnm2DBgK-GvNNHNSFYWxaR1daZvLHJdgpCx5dUJX1Xk-vJvCzyLecczyKmTbbJacisFUzZcBgVG5K5ftMyDYFtctSwGUe-r9byEDZZD-YooXknTcge0BFNgbsWzWQTLcvFhH7498_Isc6UkmR02VahJQ_YdwMgZyC7D7ALPtvci6cNGhjylOYPg6xZlaVhwPxYxflGdexUnib64PHTmjhswY2nACtou3-UNJ62GoKFw5wNvsj3tBcpcak4bg6N1sRrUN_n4j0wrdG1BTgfMQyc3D_OL2RqNku-8hS0ypZXC51H5LsCn4QpciCm0wivp-rOQr_iSLy4gUhvAtuoayxbDWEzlfWw8NegpGXNX2rHX2ST-o6tXrg3sB1oUnZFwoGVLMxc1Pyeis3o358fOfTzpRuaRIRQz1wycF4Odkcu46PFApLFnR7a1ubxKwPd0f8xal4Y-fBEcqoDz_-Xpahuks_Ss8kcwLrusE7pNxCYvAk65YkdGoxf5PR5KgDKVA7vhjWFQVxuZLFhTceoOtAow-ehfjEFm4nMD0VNckjBPYcE8xfbcTr4qVKqRaxkIk46lufhkqOyv9mZyDi5oPyk3f6Vxd5mjkBMHOU-p1StfJJc0w07e1dv_BronkK_zvUoOSCLT9L2LerkbOl9ZCSNTxQVuER7G6frCiBuXI6qwcfZTwY3YeW_rgar65EDASmSvn-XokWOUQ-ttnxMyeDDoj7djLCgOiOX98KjOqoyxiQMGS-CZzgOmQUx7Hq43xjzrIpNXzKQkSvnaK-UlcJ6IVWQZ1mzuN1deb8qW4tpqFMzHSxAElMno2UJ4d9avXEMwW4Z2_se6VhKDnZ6eu_-FrKZ8pSnDbqlD4RW4Nq8eaC7LjkIFXUUspDDvjEH4v6bMyO2tY3DwDGKi9topqvk-vX_5FRBLs2ExgKY2j_eugMc2hxo9cXzWiGgqEs6qY_E9rmfEgQzMVSLkoIa-tvgAL7fXJoQ6Unz7cR16tqHTnZPaXjfyhGOasMtU9DCibsi9yeP1RdpFbM8xF_jjY7CmUPllteHbmxhlKN2bbGblBXQfT6Le7HIPFNg4DzF0inxPdXnSGudCkUBg2EjxVSTOuWIye3l7c6qVPsNPzU5DQD6lA2X4ltuvDhGCxXldzOMBYq6sExpPqmwDp1b64wwSiD8_qPp_UcC6_xw-9Dv3T2lD7B3RVRl08Z6YNnfbbRHcpWt5KIb-Wg8nuCzI4MmQc_gNJQlULeuLyS8pWBrXm7syh_F_Co8T-EtsIusAGxK6IKTIQbghlNn-kAcKticEO_lnw-svwAPTbZAmSfsJU4m8IpQT79ufvVyNGkFgyz6KlqqGODAyzio96slTag40ekhfO02oGl2SAk9bBO867ZgSdYId2E6_-kOM-xLmPR3Cm0G8VaM4XpDq-yV7_fStjATBEMAT1PTdlxluF5vE5NzOiy7Khuva0A3tbkP6QqhzSttaik-L-tiUpW2M17J2PC5EnITqCLFM0hzic-ehln-KGJIRizJv0KCg-Z6lHp_oKBFU6tILprK_p7XoENCR6fQAMDuv6Y5nXoGyjwF0ISDb-ZsIHwCU8OfHTUHcA6g5MmKOfo_EbchZNFrKCd-xHJYdkK3sjYfUD_WHsXzls4ajRnklSa74a38U3i1vq5xmaTBe2_UvHt4fVvAN5PckqtK8vVejZm_w7GwEJy9U4AD32uh0TLv6yvR7Sl2EfmxEbcfQ2woSIcyuvK3xKazGLiEBOglZo6eMXwsS2-zW3vBXX8R-_ny60yRa09LAv0Tjrxq8r5pq4kv-BG_o2RYZGjRmqSpWj75tNxuBha8yVlNr9zy0RJVbLtLpnka5Fbp2iN2mV794tltvOuNzTtmNy9QHIs-YK09z5zN5W7wIRlFeauxjnMDfNx-57Ib8wTuy3nZ4m8trV3Xf-JNmIB7D1mHteRcn9TDZke3CYOhdN7m4NfGu4GIi-UMICxKyeShpVY6folcXO_WjdFVp5VS2B714KOSCNUQ5U7dGL0p8FS691jRQpH1GTZMA2Ejrsbih4CKUSmA2_KRlU5__UN6AubO0ns7sLWWvbNNh49wFstiWil_1w8b5ATexA_KJ5jquRjyASiaaGSVaP_aH4RB_D9CRftevxg7w3A0dIT6fWWFOZG42-9_rf7hnHDxbtNqOM7SbF7zN8U_GH1zxNmjR0CJ37xfRUaoBHuqlTR-Ekc7JEAa2t8BCVXcQfuJLPp_JniMwq4ylAtEseTnRHeU5vdZ2f3ukLpSuUzMOo2zHngSgZ3K90YIfPDuFfycShBsthkekeSjEZsVHyWk8za2rz8WmZ8DfdmmUfRd1Bquos60C3aQhg5DSLj7-6dmPdRUIgjAWxPSJzNnLRqQbPymKVbCgsZJQyd7nDdj9t6KWddSwWY0tsbrN6IDCkAm2lPygXdbqfFRtnrHM5gDutDEEKk5NvPioRdQGWJzBJDlZij4zVktU5g53lQcZjpn3gKxHvEA7F3zlACDfPYH306ALMpDgmgnyjWbv-6mhc-vWTGQGTEIFiuMAQheFfwP3H2tCRxduO2zpLWpuNiH0eG3CMa2BzEQ7wAh4RUSNIJRlGnIiVbZc9cbPptSaY-B8D5CL6UBoHzDinlTCc0rDLaUqxtoXTSwGwrCjm6Oqfhn7QFY28KOo4zf0twzvQybYx5eam0K9eZzoPnGjnIIhYIG7a2PmmhaDNqcOvf12VwsO0E07RrBlQvlxZOwV9wAIT-QtowAuzH5nqPH60R8cmtMxjbPXUmOX8VSGMJO_tqSV3hyPPFUr_atC5lT1XNHnSy7jBK4UjcriUe9bkjRuEryynXDwuRTrrP4w0jUYut9o_L5X8wyXS4zua2g1wgEKr3Q4qUQYUmQbyB5QGapl2YXMqAUSXoOzOc-KbGYtUZKaABU_ErLDVuMIARX4C-3GeAg&cid=CAASEuRosBzxDnaYy-CWkWz8SMW4yg&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a228eb3dc55d38329b4733cf9e742c2854218b7a1ab4444147608e530b7d222
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9243 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BxJkdlF6ORozRZLupJ8pl_bxo5mc3GXlFHBwtG6K6GVs9GNjTPqLm2HW7SYwYzR6FKjQJxk4TDixbN-8sqU6w6CRSGJNz79BMyjHpQt7-KsxO1VH8
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 9243 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9243 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 9243 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
l
www.google.com/ads/measurement/ Frame 9243 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8f6U-xkCljgQ0yv9qmJAV9nCIV1fEmEu0Mxm6ktZiSGiIKeaVwGs3pG6T5_Qj65dwDP1f7acDGNv0zP0klHiTd--mAQ
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2B44 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 23:29:34 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A3B6 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyR2eoMjScdFKTf5RKtqHjfvN4Ie1AWFl4St0HsolMsT-hl-I-yv3zRizm09s5LiJKke4MwKyYt09-MKCHp2yfOl-NN63nsjA6gNwBlRNxGqKHrXs0JTK6cKjzhSEPZYVarJl0cWimPSkfNh1xkEVNxYXG8g&dbm_d=AKAmf-DX7Q8VkELGjV5Uex5jXY9J9shFPx1Z0XnA5ZvUwg7nSS8Qc9n_y0_jfqlF1clPyUZFclqulPtwLcJ28REdN9X11fKHGwaF5s6IiDRRio7DcyQA3w5ZOWxTCksdF4e-vMwD2ZblgZZUJ1uXhSyYdr4NZNHPd0yiokI6v5_y80ZjRRBZAYY__a-E3qBxc8Nz8XpaeQN-uTM4oF9iU08v68E9jMBY1W0j08PUwGkj44V4yl23DaipyRcyCTSv378droYoOU0T5_txvcUa3Kk1i1moUo2NH0qVYP6XAXxXLaNH7Fb-HXP4c0Q-oGQcsmmQVSWjjoN-Dl9rKstx7_bzeCPT7KgVHPuS2r1Png3ldgier7E9Yhn0WuIL2VNMl-1ULJENMTSZEKuhkGDKR-eF4DwJQsk9v3sUoS_p07xk9ZD7Xc28QQWzNzdfyWSg-Mrj_S-SE-wtWyt5z9cm0Fpw9sfqiQxhd69VLTDZhLGPmv0rLH6M7fp2yurnvRuJC6HV2dkwCiqk3zEvX4AjGtliYNUdiKbK8UDmKiDJbjcLQatS4wEx6OhmIEU3-fNTozrWyDiaPEpbQUuMbn2qq-nT9m3zYVFvPO_uAS-0VnachASX1Ybm3uRh26bkhCCqJ4NFuGP1UWd9YaGOKVDqe626U_E5kOlL1ZI056fzgePTraMYg5m1NdetOKJ8Q-1_Pah1ZsnU_oqjD-JWGt0ZaNZ74FHNVploCTdtoa2FVhrRYjB29nd2YImFO4YvVifzY07upWrxR7btlw4Kqmm4xJ9uzusSIEc9IwtoBOkluYFVV2zsvCxaOyaFsI3CRL4RHZMjtT_r6sdjjMN0kt9SsI8AOJHRTxuFcTKzJfvneb-BAsdgujDnSY4624jX7H4Ath2mVPOrSJTnvb9sKTH0gZFG5VhF03_LegX8kteOtwe_SQWB0YjQAj8pJgpFgNhd3SjyMSgfTCQLOvLsyohaxEhmd0o1vbB1RQw_XyOqck_caah8GzulNg1G3not08UctW83LEQwry6w_aTEoX94DvhTfj1R3PDBtBXpkhvmTFvTNrVfrcuDQS7edJ8dEEaKPgUbiiGKBM13JeCzf1xggF7NxYVIUhsEDS7u5I3f76oPlsyqMGW5bwa6ucaZWDUwmaMP_TFOdHBpwkn41qqT9GRecEMLJCKuNxFQJvypYXQSFx9UQU0EP1gkoOL_7yDMcbXWkYB61UDPcK_FUqlUxZI2r9Znpkskx-Mt52jMuINL4wlqSnzUuofwjsJGNPoo6pHwQ_jNK4GXX2OVL6FfIypv34ie2DNJn_X2YlpSlYKRtorXMRwXSvt24cwh2TF4BtpE3FfjE-cv9zvFkpwtiJ2Zd176q6NxoRCZODymKpvfVX71v9bQMbOU1bhKCwuPNBquvPacWIecX2wkxFCfdeGMKn7ZaUObAJL6i0HUQAcWknDFvAHsxU4F_ifYkaEXYISIYYeamDtzi8uIH66-gkjGp_EkRsuyeWxRW04C1-J333CeiQFvm5-oFu5HmOJI7qf9tf5b6M8XIntZrobxdZiZ17HKBqMZTB21mPM_iKjrCbRUVRErfED450ewbHVA8tBN6DywKBS4f1N9vf2rwHEqP6_AMtQXmwQGO3SB7tnjQ7itXPu4fNbaffoyEqlCLq2oTL-BE90aMGz4DqNrhJePBEiw8QBrBgEIKEAxOARGeTRB-7teuZqcU_nOn4YD4rmYcTtFz7actVeisTZccUJH674zfyp6AMAstI-7AW7aGuYo9fD3oKbd2TGRiBKhMs9XOwmr8wmk37JafLNCGl9-_C_iFB9C7FWSt_2W-zfO36wdUBdKJYva0v40s93Y2vK2WFI-Atf5ryAfgqwJhqt2CquQThfwv7ULkKagpKuqnEaSRuuh0nFQaAIu50EfE9soNahcxIoumIjyOvhl6n2MEusscdnt6qfKFTG0nmMVAqlb23Rmjf3PHmeqCoo1Ya2FHzVvpyKBSEwws_RaayJ8AW7794lC7FPxc8HsDh6_hY5cPHlEW8yIxeK3IB1L9UH49Uj3l1UKo6oC7UgUMTVqn5-LYQkOkDEGYIi2-m8wqlknK2P-65JgEjWxM6SwLgbXWeLSBPYVVo_KsrfQ6YUxofXngH_108vCLkNIRgRvzA1Xo6zOXHunoAjdkbb0UbpHRaBTyjsXRhz1J_ZnscDs_8HMiju820HCGphlavc-AcMkaaN9_n8dZQGfgs6QTsDNveq2jD7O2Gj4HKguos64BWBnoYyUaUjxRBjxPvTgwywiJ-5rp6MPjqi0zjTrNcOmE6BfeKiiWzWa__oc1qWFk0zkHaGnaf-vwCehv_VV0diS6mz8IGKRMs3Yz07c5TXEp4jmbsPyLnOAJenNtRU-hxKfLG0-cj7KrF74J6uDDlB2o_usjdFnGb0Q6sqFe5Yp71bfZGAdDWJ9kdQxHAUrOB_NmLCgNvJWbCbDCDzmwM2HIC3gtxhWznETQPzyllxPHf75BlyVuVJkZu4tvqBogb2xtmbRJH7b1Tc-azgicT63XauI_ZWFKK_rO-N85f3NuJiyX9ypw8C-ODYnb_Yed6LnRflhMalRrw3PDMamP6kpuQkL6SbmdolSgLplr9bNoYXnkmlC1DFD_z3GVt2K8_J2v9etNipATM0ylAMeceqNH3a8G-gGngTpxHOp8XDTX3txuEFlNiV4JTAbA0_gpMQ_jGlDFLF2LV_s95U9w7wgBB9cOpEduE6ndG4JmTGc2hG0yKcLEJnusmhGGffVKHC6mIz1ixmBns90PQ7kWJ9Y-z1Ji9NVhJhePkcJK2xpuFSdOdiEOksvd6g5i-Be2Hgnx0dyxwJqpY-r4wxEAHMPArPRYix_c4ZmSW5vVdtE_FYGytKn-vN4DuA8Vb-OW18N7Dvoo1nPfmsIDNPBvPKmqLTLsgAnDGdiAh4zphea5rZUeFNm2gzDNRw00TJQzt5GVUgaikI6YxYpQ_f_la98_Doy8Jt-cc_kZw_9-1IKqE0d_nfjzbs0MWoAH8G7IvipLZeevT8fXXHxdyaS-HoY_LcJvjDp3GXx-T4C63scv2AfW_8aDJZ8f0fT3wcKMW8i7UEtGGGtIcv-JUwDox4r41qFDpE&cid=CAASEuRoCPse9GsY0wxyRLTDqktikQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6e546240e38467a569aab6d5ef52d2acbe5ea9861a53ced210b6d3de7ed6a74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29606
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A3B6 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9vftjQhnB7VaOXxknWOKWGjPhQfsFo0m6SBqB5LEu9ZDesVCS4oNV-iLPNbBVPpUAMkA4ctvzHkxq6WcEvzRwGkzR0Jhbvp1kk0yPB9zvYBb8FYA
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame A3B6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A3B6 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame A3B6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
l
www.google.com/ads/measurement/ Frame A3B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmSHn7QMh3FbUQ2NWD88IhwGHXgzWT2CNPSoIjiqccq5Z7fecwqFa0iIFnu4KWZLmjUL7MWhlsrL1MFvVoYvIedSbImw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 1115 		499 B
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 23:29:34 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 3E4B 		71 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUboV1sDEfjb2HuWpazrlDqR7wCiUIe30f-QwAklyqDwqCVij1grmL-TlLjEgDv1Yz0LkyiK3orUkZnK4a0-YAwdI6RnMb-DNV4-Oy-D-10B88i2G47Q2i8zh-JZPrzqnqgsnH5x5H1yjnMcwrtB56c-8Myg&dbm_d=AKAmf-BZZCDncK96nCRLqBwGQyJWPP-f2cYf7GgKb1VC805AIcr2NxHXj5ALMCpIL_8LOb0OccZ1l0FvELdPKXC-Y85bO7gKAWF8ecQW-IoPAmOvbOZiAAw1uC7UdEz-jHzR_Y-0loraAHlIu-H8olmliBRP4NRdyN4oL5cO8RhtXBvWxCcKu92a6KKgmbABGal8-4zUbN32MdUB64yjhxi4P0SH6Gctfpam64lt4SdvTCWR3O27fmKcj9WhVk1kGslGHnCd0bt-JAJ8Z_tyYU0BMdTJ2I3cBimH28XraqINnVcS2JQqk27PKnmB1Pje0DzW8HZIAhYuDW34IjsSxZsXCuJWsvR9HZTUgP6F4p4_HQlY816rnetc3S9njnjMg82_rBAMSHllY33vJ8B3gU8MNME3Dy16udYGdCx30jhbEjGf4A81XCDDRDGrL19yJb91ciZfVScM0xCrcbM51YTAoVTKgClfRXCjHf6eCU4sQ6jcz-k2nSdRFrvIOSP-FmMqsNMNrrGkE53KHC7Wm8A7VkpJAhxCwUTQLlwZvf2Bp_cyvUxoL_7ihdapNpn2grCTTWJIO-ZkZSXnyjSYFORmmzZLFe0c84V17Kuf0L995-xgGPOfhP01QO5UR5OxI4fUT7cj8qP8pHxaC5PffQSgkHnm6JpEO0p_8LyS7oMFFPDfMQqyIgAHj5t7kULbuHk04U-7o8fCOq6pKVNjHUEwwjuldI--SxPNL6UWoSI6aHNG_lxFcHXRZxr67lSyhH5GeX8evDFHwrZO6GrheGl8QMqBUu7gEv-1Ld2Nt-fzYUFvoY_uy6WZ5leRMrg9GRkiQgcEisp6QrpaAZGMQEN0XjV76kdqjsLnqPrPgjDP_s2NkCwxHHU32H0ATnL363KGiR-gPwt0mWcUg2TnJCka1qYAP7HcyzUAGodUz9Odt1hUu6Off51B2f_BVsHlmxRpHx_LCnVdi75Wz55vAPlQjJaCf7A963ygm3f0TbsmTc3o0lFsSV1vmTTtjnhdQ0TAzu_lAWjg5EaLEomJQboTXwr-9nAmDRn807LYkjYNiXEl0JgwHFrAI2CyKjQ1SLt1mKEaXwkz8bXaJQeZmVdV5S0c5G8H-4AXf6ONwJAR1QniOjzY6wYqAGVdJkZFEiQu1bK2Wbatqb075JpSMX5c3KBAQ7Qvfq_bkxFCYvLxyURcblrdPdZwLoZKeLLPY3ktjBySr6TSSRb2taSzhnPciGWiphCT5dkxJ51UTKgiqz-HjWLmki3AYQ-MB1mjMCcKlk70UHKSqpiQ9qY9QoNZxR7Lilc-YSCAvE8v0bdXC8eDMhbIQjdTbnpsoza3EJmnEID1nXtKYAekI4gTcsDApzeWnDJ-pYi9URfR5JxjpWnu-VPXe5dKg1vzZP9QjUVQi9R2n51Kc5mXpnDtWjnOr47vBt4-EsnG4j7C78Ywfr7GK3R9tXzflftInWS5onZQgV7sIW5MK0DZJALCiFLVYpGHup4-ngAq_Bqnj6UgGMzzmmqHZGEk7fW7BD_emVNYNUPqljcszyMFvpWOtpN7PGwQ7Kbnoh2luJI6ePfXbPykLlGCwC1eO5ciWaI45Lvcntkx8l3yTY0wZxU7ZnFoQ_nb4Sg_mSILuzgeLHBGaAYakbPu7DDTkGJC5b-D55Iw2ZL4C4qN5pnKc3yeqpH_R_hLku6JaIUQXP_Lha2jmoNbOI4nGau6aW0hxu-Zv18V4q-deMIUDgqvHUGv8D0WQKFvm8Cfjdt6AAMB7MMjt3zYFb_4wpIJiPc8FyfbarblfMBDahqsHt7xVD01HVTPs3BhFCoVJn6-Kbznu9rfcfThSOyzz_wPWTtqyGXMGKu_dGNbKAKSdPdjONagLsQdOOFICpW8mKscMTxpZrOKMwiZediTPBJ1azZDayRcp9AMI0u3mR2AXzlupmJYeET7dZixX2jaT_sMuBzQwKqEjyhgc0dNrfRwF5OsQFA5IePTJcs16kU9q1fXB_jAE9Wb_I7LECctFiuywto1bKeR9rSwIm9aDWDKeNdZG7cwO07FPlyMgMR8bWNfxkcz_FJnLhkYSLLhCHC6Tx_e32Fv8RpHTfBjQPXzGfOr06o5YtWlB0xhAM6eKnovsOW-trUioBMDdnJmr1YeMGU1SEMS7QRU2MFkSYYh9Bl1DuytNcNVzmEC5H6pEbfwDJQcQMZs3hozqhf_PG_effhpBq_zCe02Gz4f81ox_YTE3sCR2BW0xZ-aQEKeG82TMB6JRAIuRPv3b-o_5nY16e_quSHcyEPBB3O2yW8b9GOAIyiZcu1f23yrPb-HzIw1TPHGrUiAUZTeaMNiAAtbSFnWsBKzbKpuVyQ92I5Njyu_2ZSvz00r3H4PTLgRhzdLW6hUfXLvYsQ37tzSyOUFa1T3UPX5cIIrv_6r5iA85pBPfyW4Dm3IbveM6E6Jd9HiHGM6ZdQcmQ3S36UJALoKAIBCMMI8rO6zzqxLp3yxP32rL84DfGWML7iKOkqaAsKiXqJ2m3k6livfXAsDLYxyMVQPQdsBsN-fJqCVoD_caFem1-1jtxojQlG5y9IjXSYj7sDCy3cgIxGUXvc8Ok10yO-exN5IzUvYkSF8In7BFBlcjtDNHMu4gDAdatVlBLnm26bE8XXB4RreiCmbHYgH7kSOkrsIIOD6gFgw_JqcBMYLDwGWbAy_08NkWo8Yv17xMdkXheJ4CsTgLR6PtUJtdTmKHaWFIbQFZL3-hwknZOJ0J36mWmQxDBBPLOKHmmeBIPvPwA4JRuqfRILFfcxW1g2i06lI6Le_ZXLKRSQCGNLuDDJNLqfhcRNV5tIpuowSRsI5GabfLc_z3W_D5mIyA_hwsbRV3SpVRvK69LZfeUXlzCVw9OwU9Im8k6btrz71hm9V4tPc_Od1SFxmEA8KI0gzvmQyKF1YqfKRscMY8HZH9fimNoNCrua1E8Q7-swVhiRA5kgnEixfJYSUzGLv7gxC31d3bZi_2IWL06Bv8GWAKuLjgFt9lxpg3xzorE1tPYcmDekOMriJX1PgA1stlG6628rgpnA2WTUREjqDanAcVrjm55xDQfqdWoCbw4CtEw8A7XITGgQrBqNUN1G6oiU94iWnrH3gFEiaUtY&cid=CAASEuRoAu4sP8MPqJHgKu-txjYVBA&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e330c45c6ef0232cd32f61eab2611bcfd885163c682db8d9b5cf0c6569f24b7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28836
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E4B 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVx4FLqg926NLePfXN0NbzlGfrBa2dNkcO9LPbc7oDh2EWQRTWxWaChmyOjCHlg1Zkatp7hST7dd71DJmOebAitT6XnXM9kI5tdH90Cb8SPiblvSI
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 3E4B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/window_focus_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:23:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:23:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E4B 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:29:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/ Frame 3E4B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211004/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6206
x-xss-protection
0
server
cafe
etag
15755272758842173338
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:27:10 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 1F9C 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Origin
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 10:44:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/ Frame 1F9C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMOxC89lmvfk3tkdfgxFr3TBqoQuKc6JWWBlMy4gFpUIa_koXdHBWV8xMr8Nc4kgv7kypV0F8CRSKKVX1iYDfcrPlqLgmEwox1MzOcBCShCBmoa3028kJ3fqXnYi6izinjXJq56bIVBSujadqK0XEI7ohzsg&dbm_d=AKAmf-Dz0IUnrZ7cZETfeSLQ6FKS1wKtxr_uO0uZECDzA5HdiloMElYz8OSRXxPIb_bdNCvZ1fp7n88eqkXaNgVeVDJgW0-1rrXbPig1rgKLuDzGRljNXMUEAkVqU1rXEjZtig7hJFxUlK4KQdfG1X6hLKyZFz8DvaJpCC1PqxWvnDMKN_cE39cKFCzYCsfwkDoyEBCAoij2eJXE23VcUzQEEW6nOBodN7EiHprZ90rZ1gXIKzN1VuQZ0hqecugjJLlD8nxcueITkHkpV7FBK0PNQB0PVsDmRe2XQwJp8TIycSNlgNEzqG307ump5Apsc_8TYYNetQbYTbH1K30dQ-RXrHb1GtClF-PPJ3hy6JU5uauPxQOvz3POi6In2PR4pCdtMEB4JbrJgrClR3Rarqqp8aAQD7nJvfvZSQ1xBQm2WZH8nqFnNPL9KwV6CBMLrhZPOfaGPkWPyBOMuCT8chRFWksFbiN9OIdEB6fPmlNPo5d9mlP0pIUj80wqhLZr4pa4P10EtrS7whqya6_SF5sO17_2brce4b0Vsj6qjmFm9zziUs5YxJw1OyT8YqRM6nuweXDV8dcYWYSmUcpLcggPsEl8Gmg9IjbVs3OrHiCeU1XxsObTASaKyXjaOuzkog4Ev87hczU8Atr-aG7-JzGCQB0I96JureWudcWWTS-pGW7K838DDNenzunR5qVu1qgFvUsVWLC0JYqi99QIvHu0PvF-NWVsL8c_iYRhhTCrxd6gXJipF_sy0o9VKdIWCCn_xwtVtPsgHJFWUtc3Snn9dPGr83V24dRZT1A2Zi1CzsZM-L7GcPC_7G8aRyghV9CRGrWTL2jQ1gVJq2OF8yXrdBgNJ0ydfiuXm1juMtwbw9PDIK4rJbL00S1LMbLwRBefJz1UApSmLsfahE8BCG3hImel1Rnd03FXNfIustL_WVt5louBGsIULa4guFpCErT8_uFR_obTaqjCWSCbWcbvmZdat6FhtR0Ch2skn2DWV8ryMDQmsm_44hMXNfpiAYHhBRSV2uzl7XStRwkmlvCBil-lXLBrlkfmXZbQNbaTaoTnLZz_uTjbzf96gr9rzBBP7o5Ghd_3Ri5X7ii3nepwfgGxRZLPdEO3sZt7jwleT-Xjnak1ijLRmGQS9rY9RoCK1FSUIy3tlrQEmhQ3OGzCAQMwHOqFdsRQwIfR3_IkIih7oGqwInbqMIX3hAo-pENP59uKv8AJiepnbicquNruiTm-mDD44hAGNQvz-HBb71owe2Hi_SjKk91hcmhug9UFkuWWMzDKuiFU5yoOCKIsl-SKnFsT7k8FOclwQccc9-eeQyr5SPig6vW8nIA1wkSfOD-YbbJm8IjwcpHdh2Mp1URF2bMT0__s7EioJjYW1-XREKKLEiOjbs5TnonAuBbhrijsiboEv81d5FVi6T-2baMQLidTcgbVBzQdSoZLbj4JuFiNWZyKGTGcWrPYIz7ASxmbvaTvUio-sHpgnmvlQ5tiNTQPHf_3zPCSomXaiRqBtwsGfYosMvdgdOQglOOLEEB89qr17VKZEQPxBwSmwfM2C-SFwpUqMWVH5wHtyjMdOxLi-HxecHIz2AW3lecHMWqTTvn_R5fC5FFOxyXhxXlb4yFpvDHtc9bTv68Ssozb05eG9qnfo0BT619Y9HZ4suU4-M9hGOrESds1s3TcAOPaR-eDRFZlY5MJM4qc9wIk4AGobqnnkL7NAMlKAk9YMj4upFUFZnB70tZ6iEKmjnH_PKdhNqhBOs3yt-1ixZY8HSGu-EndzUErn_PPDTyb2Ym-LKqLYDNRh8dFl3y8bDxJZKF_Q_ESntLK86RzZysgCFwv8EAhNLOgoKWNjBDpyi9pKoEgdZCpBECJodLCoSIgQifKHdjMOce9w9SJDWz73pA6ejPijTYMBUm8R4PEsL-VJC8iWP40p_MBRRDcyhaHp7GDv5deQ52jO0YYStv9LM4NCZ6_lhIISTZXtDyQbd8JCxlU9HfxyCckbhubP178diKtjqh8WMecygWmX5szTMxCV3pg-CsGxQyk4Rkp7l5QMPuQFSOPLN8fkDlJYP6NYbvZ3jeH5ZRtM9ysvempxqZaUA_oj8HZgcts-4Gd5XdE81-k9TyDCL7-s-QlQW9YTWVGrguWPc6tkl44TEhkV7R6pqX3BztzgzLrFlhhU6H-OloVhzS1CfHAtQZkQdLa3V4ZZe0NvhEuqqtlHXAq53_GAtus0a09Kx6IAr0m4i0B7-6tMqypt8hHdTGi_cNZj5TaklZWaImqlShcffIU_8uKVb-P7axgcYqV7OKXTS8u0iBOjj0_gJkc0ldUPXDhk-XK9qo1CjvIc6NyES37S--xxiJ3aSCSWHD-nOXyVlH0Vc2rxmyZaHqImxrHXPkDLibzXxXTs2PktNBHRylXK7oYh-Q1PqNOX0AYP3xD-TGsdGXsdiMmSKl5QrjRu4r5j03zwXfdbi0d72nGCGSE2oVc7v-xftGEq1o4shJb7QE11eUJxt5ueVGF00z55XWB5ygUXpd7QN42Z5Y-E-RMMYUreB8wA2YPgdFXYKBSBP2iFyObEhaEf9ghGlupzw3p-rJdLg65m_t--HFy9VavzBTjxu3x0Kaohzx1jp5XvnO80kzBkxoNhzayZPT85lO65266gKKWWHPAfsFHflu--4WaMv72mbAUBvFQHu2jY6hlM0mvxvNK6Bo_yO_NlyQQcXogWs66y5TkCxUMC7U0lRkfmH-D6dskJa0XG7qZQoLzdG6SEM_30yOAZfGEhYx_tkpuwc8LZLt4VDyhu_HbnUIoQCqnbenONeGU4k-ZSroeX-teILOOaRU7-wBXo2d9hZIiWlg8737Gsjhb3RSxd5S055pLlqkdiLb8UhCOwWrFnI-k-Oam894xC9HplxzvAsaI1pScQPCBr8I0huQTQzjVkLhSCfuvQRBX8uujKoAWu6xavvFrptr9JI3zZO-QeQVIVT8xZU2w1ItoOMXA_YKT6xrUgFHihPeFGSyvwruoomLgEea8qx5ZvtkdGPZjlN_Uwr2JzMwn1H3PF2B7gPE_8s57n-ULAUteEzlWca7zFu7fkIPm0Gc7-0sZZIFhVV3CQf0Nt4x_fxAqBBQCIISUzh0kowY6szdvYUBhgNfP1bOk&cid=CAASEuRoTlO4YAOFTTkcKhqcBmRWfQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 22:46:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 1F9C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BMOxC89lmvfk3tkdfgxFr3TBqoQuKc6JWWBlMy4gFpUIa_koXdHBWV8xMr8Nc4kgv7kypV0F8CRSKKVX1iYDfcrPlqLgmEwox1MzOcBCShCBmoa3028kJ3fqXnYi6izinjXJq56bIVBSujadqK0XEI7ohzsg&dbm_d=AKAmf-Dz0IUnrZ7cZETfeSLQ6FKS1wKtxr_uO0uZECDzA5HdiloMElYz8OSRXxPIb_bdNCvZ1fp7n88eqkXaNgVeVDJgW0-1rrXbPig1rgKLuDzGRljNXMUEAkVqU1rXEjZtig7hJFxUlK4KQdfG1X6hLKyZFz8DvaJpCC1PqxWvnDMKN_cE39cKFCzYCsfwkDoyEBCAoij2eJXE23VcUzQEEW6nOBodN7EiHprZ90rZ1gXIKzN1VuQZ0hqecugjJLlD8nxcueITkHkpV7FBK0PNQB0PVsDmRe2XQwJp8TIycSNlgNEzqG307ump5Apsc_8TYYNetQbYTbH1K30dQ-RXrHb1GtClF-PPJ3hy6JU5uauPxQOvz3POi6In2PR4pCdtMEB4JbrJgrClR3Rarqqp8aAQD7nJvfvZSQ1xBQm2WZH8nqFnNPL9KwV6CBMLrhZPOfaGPkWPyBOMuCT8chRFWksFbiN9OIdEB6fPmlNPo5d9mlP0pIUj80wqhLZr4pa4P10EtrS7whqya6_SF5sO17_2brce4b0Vsj6qjmFm9zziUs5YxJw1OyT8YqRM6nuweXDV8dcYWYSmUcpLcggPsEl8Gmg9IjbVs3OrHiCeU1XxsObTASaKyXjaOuzkog4Ev87hczU8Atr-aG7-JzGCQB0I96JureWudcWWTS-pGW7K838DDNenzunR5qVu1qgFvUsVWLC0JYqi99QIvHu0PvF-NWVsL8c_iYRhhTCrxd6gXJipF_sy0o9VKdIWCCn_xwtVtPsgHJFWUtc3Snn9dPGr83V24dRZT1A2Zi1CzsZM-L7GcPC_7G8aRyghV9CRGrWTL2jQ1gVJq2OF8yXrdBgNJ0ydfiuXm1juMtwbw9PDIK4rJbL00S1LMbLwRBefJz1UApSmLsfahE8BCG3hImel1Rnd03FXNfIustL_WVt5louBGsIULa4guFpCErT8_uFR_obTaqjCWSCbWcbvmZdat6FhtR0Ch2skn2DWV8ryMDQmsm_44hMXNfpiAYHhBRSV2uzl7XStRwkmlvCBil-lXLBrlkfmXZbQNbaTaoTnLZz_uTjbzf96gr9rzBBP7o5Ghd_3Ri5X7ii3nepwfgGxRZLPdEO3sZt7jwleT-Xjnak1ijLRmGQS9rY9RoCK1FSUIy3tlrQEmhQ3OGzCAQMwHOqFdsRQwIfR3_IkIih7oGqwInbqMIX3hAo-pENP59uKv8AJiepnbicquNruiTm-mDD44hAGNQvz-HBb71owe2Hi_SjKk91hcmhug9UFkuWWMzDKuiFU5yoOCKIsl-SKnFsT7k8FOclwQccc9-eeQyr5SPig6vW8nIA1wkSfOD-YbbJm8IjwcpHdh2Mp1URF2bMT0__s7EioJjYW1-XREKKLEiOjbs5TnonAuBbhrijsiboEv81d5FVi6T-2baMQLidTcgbVBzQdSoZLbj4JuFiNWZyKGTGcWrPYIz7ASxmbvaTvUio-sHpgnmvlQ5tiNTQPHf_3zPCSomXaiRqBtwsGfYosMvdgdOQglOOLEEB89qr17VKZEQPxBwSmwfM2C-SFwpUqMWVH5wHtyjMdOxLi-HxecHIz2AW3lecHMWqTTvn_R5fC5FFOxyXhxXlb4yFpvDHtc9bTv68Ssozb05eG9qnfo0BT619Y9HZ4suU4-M9hGOrESds1s3TcAOPaR-eDRFZlY5MJM4qc9wIk4AGobqnnkL7NAMlKAk9YMj4upFUFZnB70tZ6iEKmjnH_PKdhNqhBOs3yt-1ixZY8HSGu-EndzUErn_PPDTyb2Ym-LKqLYDNRh8dFl3y8bDxJZKF_Q_ESntLK86RzZysgCFwv8EAhNLOgoKWNjBDpyi9pKoEgdZCpBECJodLCoSIgQifKHdjMOce9w9SJDWz73pA6ejPijTYMBUm8R4PEsL-VJC8iWP40p_MBRRDcyhaHp7GDv5deQ52jO0YYStv9LM4NCZ6_lhIISTZXtDyQbd8JCxlU9HfxyCckbhubP178diKtjqh8WMecygWmX5szTMxCV3pg-CsGxQyk4Rkp7l5QMPuQFSOPLN8fkDlJYP6NYbvZ3jeH5ZRtM9ysvempxqZaUA_oj8HZgcts-4Gd5XdE81-k9TyDCL7-s-QlQW9YTWVGrguWPc6tkl44TEhkV7R6pqX3BztzgzLrFlhhU6H-OloVhzS1CfHAtQZkQdLa3V4ZZe0NvhEuqqtlHXAq53_GAtus0a09Kx6IAr0m4i0B7-6tMqypt8hHdTGi_cNZj5TaklZWaImqlShcffIU_8uKVb-P7axgcYqV7OKXTS8u0iBOjj0_gJkc0ldUPXDhk-XK9qo1CjvIc6NyES37S--xxiJ3aSCSWHD-nOXyVlH0Vc2rxmyZaHqImxrHXPkDLibzXxXTs2PktNBHRylXK7oYh-Q1PqNOX0AYP3xD-TGsdGXsdiMmSKl5QrjRu4r5j03zwXfdbi0d72nGCGSE2oVc7v-xftGEq1o4shJb7QE11eUJxt5ueVGF00z55XWB5ygUXpd7QN42Z5Y-E-RMMYUreB8wA2YPgdFXYKBSBP2iFyObEhaEf9ghGlupzw3p-rJdLg65m_t--HFy9VavzBTjxu3x0Kaohzx1jp5XvnO80kzBkxoNhzayZPT85lO65266gKKWWHPAfsFHflu--4WaMv72mbAUBvFQHu2jY6hlM0mvxvNK6Bo_yO_NlyQQcXogWs66y5TkCxUMC7U0lRkfmH-D6dskJa0XG7qZQoLzdG6SEM_30yOAZfGEhYx_tkpuwc8LZLt4VDyhu_HbnUIoQCqnbenONeGU4k-ZSroeX-teILOOaRU7-wBXo2d9hZIiWlg8737Gsjhb3RSxd5S055pLlqkdiLb8UhCOwWrFnI-k-Oam894xC9HplxzvAsaI1pScQPCBr8I0huQTQzjVkLhSCfuvQRBX8uujKoAWu6xavvFrptr9JI3zZO-QeQVIVT8xZU2w1ItoOMXA_YKT6xrUgFHihPeFGSyvwruoomLgEea8qx5ZvtkdGPZjlN_Uwr2JzMwn1H3PF2B7gPE_8s57n-ULAUteEzlWca7zFu7fkIPm0Gc7-0sZZIFhVV3CQf0Nt4x_fxAqBBQCIISUzh0kowY6szdvYUBhgNfP1bOk&cid=CAASEuRoTlO4YAOFTTkcKhqcBmRWfQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:26:52 GMT
rum
dsum-sec.casalemedia.com/ Frame 2EDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 05 Oct 2021 23:29:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2EDB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVzf3h5ZxTc3lBCD-T.NiQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-141-232.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 05 Oct 2021 23:29:34 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEQlsnXMPyhAgOwQpYT0g&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 2EDB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIjFK8m_sssKUugCkidfZUQ&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjFK8m_sssKUugCkidfZUQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c6621100-0914-4d5a-be68-5c344e219e51
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIjFK8m_sssKUugCkidfZUQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2EDB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjQ2NTE2Nzc3NzAzNTE3Mw%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjQ2NTE2Nzc3NzAzNTE3Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY7uCEGzAB&v=APEucNXy8YwZj0vE3KdAMnl6gJ_fQOzPGyKxXhjJUaPltx7Ag_u66N9CRqOWJbhcCElk-xzO60IOaZWaO2Y9dCO1LRwKID_szxa0UHp78aKZ0xl5jck02BcE9WO5HXblcmpb66nTVBZpQwiDUpU_jI7gxnHq3JMimY7mkY6D-GGeGfUAs5wJKzY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
X-Proxy-Origin
185.232.23.181; 185.232.23.181; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0ff16486-4aaa-464e-94cb-04373f099abb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUxNjQ2NTE2Nzc3NzAzNTE3Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 9243 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIgYhh5gy7fVUDKeInVh29-sd_ehEzkTIVjGFAa9Te8O3pyMs8iRyTfkrWF25in4Sg_xX4GxNSJ434dV_pvo0AHp8ZSlDune_5kNaEPsO5clqRXmUkspLo-rcN0B2kfHxcB9_zZ9elgPvY3K3Eg4LJxFhXow&cry=1&dbm_d=AKAmf-CbryaB0-2BAR3FhX_0LYF9dj-9qva0WHke0UFqrf8fdR2--p4nJaTELt-UYesJSKTaxx77yuNNVEzLL8iwAbWbJ1uMpHBlPeVmu8orNC9usuB8ad33Au4cH3wbWYE5tfq6S5Wl21hycm3mUwh81jEr9OG89kUcxCSZPoL85AMdDIhFBKaAcOoGxJeqRNVCXOmBdZqfX778AROLJJwvUW5G73DcKPIiRJcI7hPUAlBB33lrz-bxI5UpHHocbT05NXGbhgajFKtjmWLGs1zMyHiWt_AxAnm2DBgK-GvNNHNSFYWxaR1daZvLHJdgpCx5dUJX1Xk-vJvCzyLecczyKmTbbJacisFUzZcBgVG5K5ftMyDYFtctSwGUe-r9byEDZZD-YooXknTcge0BFNgbsWzWQTLcvFhH7498_Isc6UkmR02VahJQ_YdwMgZyC7D7ALPtvci6cNGhjylOYPg6xZlaVhwPxYxflGdexUnib64PHTmjhswY2nACtou3-UNJ62GoKFw5wNvsj3tBcpcak4bg6N1sRrUN_n4j0wrdG1BTgfMQyc3D_OL2RqNku-8hS0ypZXC51H5LsCn4QpciCm0wivp-rOQr_iSLy4gUhvAtuoayxbDWEzlfWw8NegpGXNX2rHX2ST-o6tXrg3sB1oUnZFwoGVLMxc1Pyeis3o358fOfTzpRuaRIRQz1wycF4Odkcu46PFApLFnR7a1ubxKwPd0f8xal4Y-fBEcqoDz_-Xpahuks_Ss8kcwLrusE7pNxCYvAk65YkdGoxf5PR5KgDKVA7vhjWFQVxuZLFhTceoOtAow-ehfjEFm4nMD0VNckjBPYcE8xfbcTr4qVKqRaxkIk46lufhkqOyv9mZyDi5oPyk3f6Vxd5mjkBMHOU-p1StfJJc0w07e1dv_BronkK_zvUoOSCLT9L2LerkbOl9ZCSNTxQVuER7G6frCiBuXI6qwcfZTwY3YeW_rgar65EDASmSvn-XokWOUQ-ttnxMyeDDoj7djLCgOiOX98KjOqoyxiQMGS-CZzgOmQUx7Hq43xjzrIpNXzKQkSvnaK-UlcJ6IVWQZ1mzuN1deb8qW4tpqFMzHSxAElMno2UJ4d9avXEMwW4Z2_se6VhKDnZ6eu_-FrKZ8pSnDbqlD4RW4Nq8eaC7LjkIFXUUspDDvjEH4v6bMyO2tY3DwDGKi9topqvk-vX_5FRBLs2ExgKY2j_eugMc2hxo9cXzWiGgqEs6qY_E9rmfEgQzMVSLkoIa-tvgAL7fXJoQ6Unz7cR16tqHTnZPaXjfyhGOasMtU9DCibsi9yeP1RdpFbM8xF_jjY7CmUPllteHbmxhlKN2bbGblBXQfT6Le7HIPFNg4DzF0inxPdXnSGudCkUBg2EjxVSTOuWIye3l7c6qVPsNPzU5DQD6lA2X4ltuvDhGCxXldzOMBYq6sExpPqmwDp1b64wwSiD8_qPp_UcC6_xw-9Dv3T2lD7B3RVRl08Z6YNnfbbRHcpWt5KIb-Wg8nuCzI4MmQc_gNJQlULeuLyS8pWBrXm7syh_F_Co8T-EtsIusAGxK6IKTIQbghlNn-kAcKticEO_lnw-svwAPTbZAmSfsJU4m8IpQT79ufvVyNGkFgyz6KlqqGODAyzio96slTag40ekhfO02oGl2SAk9bBO867ZgSdYId2E6_-kOM-xLmPR3Cm0G8VaM4XpDq-yV7_fStjATBEMAT1PTdlxluF5vE5NzOiy7Khuva0A3tbkP6QqhzSttaik-L-tiUpW2M17J2PC5EnITqCLFM0hzic-ehln-KGJIRizJv0KCg-Z6lHp_oKBFU6tILprK_p7XoENCR6fQAMDuv6Y5nXoGyjwF0ISDb-ZsIHwCU8OfHTUHcA6g5MmKOfo_EbchZNFrKCd-xHJYdkK3sjYfUD_WHsXzls4ajRnklSa74a38U3i1vq5xmaTBe2_UvHt4fVvAN5PckqtK8vVejZm_w7GwEJy9U4AD32uh0TLv6yvR7Sl2EfmxEbcfQ2woSIcyuvK3xKazGLiEBOglZo6eMXwsS2-zW3vBXX8R-_ny60yRa09LAv0Tjrxq8r5pq4kv-BG_o2RYZGjRmqSpWj75tNxuBha8yVlNr9zy0RJVbLtLpnka5Fbp2iN2mV794tltvOuNzTtmNy9QHIs-YK09z5zN5W7wIRlFeauxjnMDfNx-57Ib8wTuy3nZ4m8trV3Xf-JNmIB7D1mHteRcn9TDZke3CYOhdN7m4NfGu4GIi-UMICxKyeShpVY6folcXO_WjdFVp5VS2B714KOSCNUQ5U7dGL0p8FS691jRQpH1GTZMA2Ejrsbih4CKUSmA2_KRlU5__UN6AubO0ns7sLWWvbNNh49wFstiWil_1w8b5ATexA_KJ5jquRjyASiaaGSVaP_aH4RB_D9CRftevxg7w3A0dIT6fWWFOZG42-9_rf7hnHDxbtNqOM7SbF7zN8U_GH1zxNmjR0CJ37xfRUaoBHuqlTR-Ekc7JEAa2t8BCVXcQfuJLPp_JniMwq4ylAtEseTnRHeU5vdZ2f3ukLpSuUzMOo2zHngSgZ3K90YIfPDuFfycShBsthkekeSjEZsVHyWk8za2rz8WmZ8DfdmmUfRd1Bquos60C3aQhg5DSLj7-6dmPdRUIgjAWxPSJzNnLRqQbPymKVbCgsZJQyd7nDdj9t6KWddSwWY0tsbrN6IDCkAm2lPygXdbqfFRtnrHM5gDutDEEKk5NvPioRdQGWJzBJDlZij4zVktU5g53lQcZjpn3gKxHvEA7F3zlACDfPYH306ALMpDgmgnyjWbv-6mhc-vWTGQGTEIFiuMAQheFfwP3H2tCRxduO2zpLWpuNiH0eG3CMa2BzEQ7wAh4RUSNIJRlGnIiVbZc9cbPptSaY-B8D5CL6UBoHzDinlTCc0rDLaUqxtoXTSwGwrCjm6Oqfhn7QFY28KOo4zf0twzvQybYx5eam0K9eZzoPnGjnIIhYIG7a2PmmhaDNqcOvf12VwsO0E07RrBlQvlxZOwV9wAIT-QtowAuzH5nqPH60R8cmtMxjbPXUmOX8VSGMJO_tqSV3hyPPFUr_atC5lT1XNHnSy7jBK4UjcriUe9bkjRuEryynXDwuRTrrP4w0jUYut9o_L5X8wyXS4zua2g1wgEKr3Q4qUQYUmQbyB5QGapl2YXMqAUSXoOzOc-KbGYtUZKaABU_ErLDVuMIARX4C-3GeAg&cid=CAASEuRosBzxDnaYy-CWkWz8SMW4yg&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:26:52 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9243 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIgYhh5gy7fVUDKeInVh29-sd_ehEzkTIVjGFAa9Te8O3pyMs8iRyTfkrWF25in4Sg_xX4GxNSJ434dV_pvo0AHp8ZSlDune_5kNaEPsO5clqRXmUkspLo-rcN0B2kfHxcB9_zZ9elgPvY3K3Eg4LJxFhXow&cry=1&dbm_d=AKAmf-CbryaB0-2BAR3FhX_0LYF9dj-9qva0WHke0UFqrf8fdR2--p4nJaTELt-UYesJSKTaxx77yuNNVEzLL8iwAbWbJ1uMpHBlPeVmu8orNC9usuB8ad33Au4cH3wbWYE5tfq6S5Wl21hycm3mUwh81jEr9OG89kUcxCSZPoL85AMdDIhFBKaAcOoGxJeqRNVCXOmBdZqfX778AROLJJwvUW5G73DcKPIiRJcI7hPUAlBB33lrz-bxI5UpHHocbT05NXGbhgajFKtjmWLGs1zMyHiWt_AxAnm2DBgK-GvNNHNSFYWxaR1daZvLHJdgpCx5dUJX1Xk-vJvCzyLecczyKmTbbJacisFUzZcBgVG5K5ftMyDYFtctSwGUe-r9byEDZZD-YooXknTcge0BFNgbsWzWQTLcvFhH7498_Isc6UkmR02VahJQ_YdwMgZyC7D7ALPtvci6cNGhjylOYPg6xZlaVhwPxYxflGdexUnib64PHTmjhswY2nACtou3-UNJ62GoKFw5wNvsj3tBcpcak4bg6N1sRrUN_n4j0wrdG1BTgfMQyc3D_OL2RqNku-8hS0ypZXC51H5LsCn4QpciCm0wivp-rOQr_iSLy4gUhvAtuoayxbDWEzlfWw8NegpGXNX2rHX2ST-o6tXrg3sB1oUnZFwoGVLMxc1Pyeis3o358fOfTzpRuaRIRQz1wycF4Odkcu46PFApLFnR7a1ubxKwPd0f8xal4Y-fBEcqoDz_-Xpahuks_Ss8kcwLrusE7pNxCYvAk65YkdGoxf5PR5KgDKVA7vhjWFQVxuZLFhTceoOtAow-ehfjEFm4nMD0VNckjBPYcE8xfbcTr4qVKqRaxkIk46lufhkqOyv9mZyDi5oPyk3f6Vxd5mjkBMHOU-p1StfJJc0w07e1dv_BronkK_zvUoOSCLT9L2LerkbOl9ZCSNTxQVuER7G6frCiBuXI6qwcfZTwY3YeW_rgar65EDASmSvn-XokWOUQ-ttnxMyeDDoj7djLCgOiOX98KjOqoyxiQMGS-CZzgOmQUx7Hq43xjzrIpNXzKQkSvnaK-UlcJ6IVWQZ1mzuN1deb8qW4tpqFMzHSxAElMno2UJ4d9avXEMwW4Z2_se6VhKDnZ6eu_-FrKZ8pSnDbqlD4RW4Nq8eaC7LjkIFXUUspDDvjEH4v6bMyO2tY3DwDGKi9topqvk-vX_5FRBLs2ExgKY2j_eugMc2hxo9cXzWiGgqEs6qY_E9rmfEgQzMVSLkoIa-tvgAL7fXJoQ6Unz7cR16tqHTnZPaXjfyhGOasMtU9DCibsi9yeP1RdpFbM8xF_jjY7CmUPllteHbmxhlKN2bbGblBXQfT6Le7HIPFNg4DzF0inxPdXnSGudCkUBg2EjxVSTOuWIye3l7c6qVPsNPzU5DQD6lA2X4ltuvDhGCxXldzOMBYq6sExpPqmwDp1b64wwSiD8_qPp_UcC6_xw-9Dv3T2lD7B3RVRl08Z6YNnfbbRHcpWt5KIb-Wg8nuCzI4MmQc_gNJQlULeuLyS8pWBrXm7syh_F_Co8T-EtsIusAGxK6IKTIQbghlNn-kAcKticEO_lnw-svwAPTbZAmSfsJU4m8IpQT79ufvVyNGkFgyz6KlqqGODAyzio96slTag40ekhfO02oGl2SAk9bBO867ZgSdYId2E6_-kOM-xLmPR3Cm0G8VaM4XpDq-yV7_fStjATBEMAT1PTdlxluF5vE5NzOiy7Khuva0A3tbkP6QqhzSttaik-L-tiUpW2M17J2PC5EnITqCLFM0hzic-ehln-KGJIRizJv0KCg-Z6lHp_oKBFU6tILprK_p7XoENCR6fQAMDuv6Y5nXoGyjwF0ISDb-ZsIHwCU8OfHTUHcA6g5MmKOfo_EbchZNFrKCd-xHJYdkK3sjYfUD_WHsXzls4ajRnklSa74a38U3i1vq5xmaTBe2_UvHt4fVvAN5PckqtK8vVejZm_w7GwEJy9U4AD32uh0TLv6yvR7Sl2EfmxEbcfQ2woSIcyuvK3xKazGLiEBOglZo6eMXwsS2-zW3vBXX8R-_ny60yRa09LAv0Tjrxq8r5pq4kv-BG_o2RYZGjRmqSpWj75tNxuBha8yVlNr9zy0RJVbLtLpnka5Fbp2iN2mV794tltvOuNzTtmNy9QHIs-YK09z5zN5W7wIRlFeauxjnMDfNx-57Ib8wTuy3nZ4m8trV3Xf-JNmIB7D1mHteRcn9TDZke3CYOhdN7m4NfGu4GIi-UMICxKyeShpVY6folcXO_WjdFVp5VS2B714KOSCNUQ5U7dGL0p8FS691jRQpH1GTZMA2Ejrsbih4CKUSmA2_KRlU5__UN6AubO0ns7sLWWvbNNh49wFstiWil_1w8b5ATexA_KJ5jquRjyASiaaGSVaP_aH4RB_D9CRftevxg7w3A0dIT6fWWFOZG42-9_rf7hnHDxbtNqOM7SbF7zN8U_GH1zxNmjR0CJ37xfRUaoBHuqlTR-Ekc7JEAa2t8BCVXcQfuJLPp_JniMwq4ylAtEseTnRHeU5vdZ2f3ukLpSuUzMOo2zHngSgZ3K90YIfPDuFfycShBsthkekeSjEZsVHyWk8za2rz8WmZ8DfdmmUfRd1Bquos60C3aQhg5DSLj7-6dmPdRUIgjAWxPSJzNnLRqQbPymKVbCgsZJQyd7nDdj9t6KWddSwWY0tsbrN6IDCkAm2lPygXdbqfFRtnrHM5gDutDEEKk5NvPioRdQGWJzBJDlZij4zVktU5g53lQcZjpn3gKxHvEA7F3zlACDfPYH306ALMpDgmgnyjWbv-6mhc-vWTGQGTEIFiuMAQheFfwP3H2tCRxduO2zpLWpuNiH0eG3CMa2BzEQ7wAh4RUSNIJRlGnIiVbZc9cbPptSaY-B8D5CL6UBoHzDinlTCc0rDLaUqxtoXTSwGwrCjm6Oqfhn7QFY28KOo4zf0twzvQybYx5eam0K9eZzoPnGjnIIhYIG7a2PmmhaDNqcOvf12VwsO0E07RrBlQvlxZOwV9wAIT-QtowAuzH5nqPH60R8cmtMxjbPXUmOX8VSGMJO_tqSV3hyPPFUr_atC5lT1XNHnSy7jBK4UjcriUe9bkjRuEryynXDwuRTrrP4w0jUYut9o_L5X8wyXS4zua2g1wgEKr3Q4qUQYUmQbyB5QGapl2YXMqAUSXoOzOc-KbGYtUZKaABU_ErLDVuMIARX4C-3GeAg&cid=CAASEuRosBzxDnaYy-CWkWz8SMW4yg&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 05 Oct 2022 18:13:36 GMT
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame A3B6 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Origin
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 15:17:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29511
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 15:17:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/ Frame A3B6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyR2eoMjScdFKTf5RKtqHjfvN4Ie1AWFl4St0HsolMsT-hl-I-yv3zRizm09s5LiJKke4MwKyYt09-MKCHp2yfOl-NN63nsjA6gNwBlRNxGqKHrXs0JTK6cKjzhSEPZYVarJl0cWimPSkfNh1xkEVNxYXG8g&dbm_d=AKAmf-DX7Q8VkELGjV5Uex5jXY9J9shFPx1Z0XnA5ZvUwg7nSS8Qc9n_y0_jfqlF1clPyUZFclqulPtwLcJ28REdN9X11fKHGwaF5s6IiDRRio7DcyQA3w5ZOWxTCksdF4e-vMwD2ZblgZZUJ1uXhSyYdr4NZNHPd0yiokI6v5_y80ZjRRBZAYY__a-E3qBxc8Nz8XpaeQN-uTM4oF9iU08v68E9jMBY1W0j08PUwGkj44V4yl23DaipyRcyCTSv378droYoOU0T5_txvcUa3Kk1i1moUo2NH0qVYP6XAXxXLaNH7Fb-HXP4c0Q-oGQcsmmQVSWjjoN-Dl9rKstx7_bzeCPT7KgVHPuS2r1Png3ldgier7E9Yhn0WuIL2VNMl-1ULJENMTSZEKuhkGDKR-eF4DwJQsk9v3sUoS_p07xk9ZD7Xc28QQWzNzdfyWSg-Mrj_S-SE-wtWyt5z9cm0Fpw9sfqiQxhd69VLTDZhLGPmv0rLH6M7fp2yurnvRuJC6HV2dkwCiqk3zEvX4AjGtliYNUdiKbK8UDmKiDJbjcLQatS4wEx6OhmIEU3-fNTozrWyDiaPEpbQUuMbn2qq-nT9m3zYVFvPO_uAS-0VnachASX1Ybm3uRh26bkhCCqJ4NFuGP1UWd9YaGOKVDqe626U_E5kOlL1ZI056fzgePTraMYg5m1NdetOKJ8Q-1_Pah1ZsnU_oqjD-JWGt0ZaNZ74FHNVploCTdtoa2FVhrRYjB29nd2YImFO4YvVifzY07upWrxR7btlw4Kqmm4xJ9uzusSIEc9IwtoBOkluYFVV2zsvCxaOyaFsI3CRL4RHZMjtT_r6sdjjMN0kt9SsI8AOJHRTxuFcTKzJfvneb-BAsdgujDnSY4624jX7H4Ath2mVPOrSJTnvb9sKTH0gZFG5VhF03_LegX8kteOtwe_SQWB0YjQAj8pJgpFgNhd3SjyMSgfTCQLOvLsyohaxEhmd0o1vbB1RQw_XyOqck_caah8GzulNg1G3not08UctW83LEQwry6w_aTEoX94DvhTfj1R3PDBtBXpkhvmTFvTNrVfrcuDQS7edJ8dEEaKPgUbiiGKBM13JeCzf1xggF7NxYVIUhsEDS7u5I3f76oPlsyqMGW5bwa6ucaZWDUwmaMP_TFOdHBpwkn41qqT9GRecEMLJCKuNxFQJvypYXQSFx9UQU0EP1gkoOL_7yDMcbXWkYB61UDPcK_FUqlUxZI2r9Znpkskx-Mt52jMuINL4wlqSnzUuofwjsJGNPoo6pHwQ_jNK4GXX2OVL6FfIypv34ie2DNJn_X2YlpSlYKRtorXMRwXSvt24cwh2TF4BtpE3FfjE-cv9zvFkpwtiJ2Zd176q6NxoRCZODymKpvfVX71v9bQMbOU1bhKCwuPNBquvPacWIecX2wkxFCfdeGMKn7ZaUObAJL6i0HUQAcWknDFvAHsxU4F_ifYkaEXYISIYYeamDtzi8uIH66-gkjGp_EkRsuyeWxRW04C1-J333CeiQFvm5-oFu5HmOJI7qf9tf5b6M8XIntZrobxdZiZ17HKBqMZTB21mPM_iKjrCbRUVRErfED450ewbHVA8tBN6DywKBS4f1N9vf2rwHEqP6_AMtQXmwQGO3SB7tnjQ7itXPu4fNbaffoyEqlCLq2oTL-BE90aMGz4DqNrhJePBEiw8QBrBgEIKEAxOARGeTRB-7teuZqcU_nOn4YD4rmYcTtFz7actVeisTZccUJH674zfyp6AMAstI-7AW7aGuYo9fD3oKbd2TGRiBKhMs9XOwmr8wmk37JafLNCGl9-_C_iFB9C7FWSt_2W-zfO36wdUBdKJYva0v40s93Y2vK2WFI-Atf5ryAfgqwJhqt2CquQThfwv7ULkKagpKuqnEaSRuuh0nFQaAIu50EfE9soNahcxIoumIjyOvhl6n2MEusscdnt6qfKFTG0nmMVAqlb23Rmjf3PHmeqCoo1Ya2FHzVvpyKBSEwws_RaayJ8AW7794lC7FPxc8HsDh6_hY5cPHlEW8yIxeK3IB1L9UH49Uj3l1UKo6oC7UgUMTVqn5-LYQkOkDEGYIi2-m8wqlknK2P-65JgEjWxM6SwLgbXWeLSBPYVVo_KsrfQ6YUxofXngH_108vCLkNIRgRvzA1Xo6zOXHunoAjdkbb0UbpHRaBTyjsXRhz1J_ZnscDs_8HMiju820HCGphlavc-AcMkaaN9_n8dZQGfgs6QTsDNveq2jD7O2Gj4HKguos64BWBnoYyUaUjxRBjxPvTgwywiJ-5rp6MPjqi0zjTrNcOmE6BfeKiiWzWa__oc1qWFk0zkHaGnaf-vwCehv_VV0diS6mz8IGKRMs3Yz07c5TXEp4jmbsPyLnOAJenNtRU-hxKfLG0-cj7KrF74J6uDDlB2o_usjdFnGb0Q6sqFe5Yp71bfZGAdDWJ9kdQxHAUrOB_NmLCgNvJWbCbDCDzmwM2HIC3gtxhWznETQPzyllxPHf75BlyVuVJkZu4tvqBogb2xtmbRJH7b1Tc-azgicT63XauI_ZWFKK_rO-N85f3NuJiyX9ypw8C-ODYnb_Yed6LnRflhMalRrw3PDMamP6kpuQkL6SbmdolSgLplr9bNoYXnkmlC1DFD_z3GVt2K8_J2v9etNipATM0ylAMeceqNH3a8G-gGngTpxHOp8XDTX3txuEFlNiV4JTAbA0_gpMQ_jGlDFLF2LV_s95U9w7wgBB9cOpEduE6ndG4JmTGc2hG0yKcLEJnusmhGGffVKHC6mIz1ixmBns90PQ7kWJ9Y-z1Ji9NVhJhePkcJK2xpuFSdOdiEOksvd6g5i-Be2Hgnx0dyxwJqpY-r4wxEAHMPArPRYix_c4ZmSW5vVdtE_FYGytKn-vN4DuA8Vb-OW18N7Dvoo1nPfmsIDNPBvPKmqLTLsgAnDGdiAh4zphea5rZUeFNm2gzDNRw00TJQzt5GVUgaikI6YxYpQ_f_la98_Doy8Jt-cc_kZw_9-1IKqE0d_nfjzbs0MWoAH8G7IvipLZeevT8fXXHxdyaS-HoY_LcJvjDp3GXx-T4C63scv2AfW_8aDJZ8f0fT3wcKMW8i7UEtGGGtIcv-JUwDox4r41qFDpE&cid=CAASEuRoCPse9GsY0wxyRLTDqktikQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 22:46:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame A3B6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyR2eoMjScdFKTf5RKtqHjfvN4Ie1AWFl4St0HsolMsT-hl-I-yv3zRizm09s5LiJKke4MwKyYt09-MKCHp2yfOl-NN63nsjA6gNwBlRNxGqKHrXs0JTK6cKjzhSEPZYVarJl0cWimPSkfNh1xkEVNxYXG8g&dbm_d=AKAmf-DX7Q8VkELGjV5Uex5jXY9J9shFPx1Z0XnA5ZvUwg7nSS8Qc9n_y0_jfqlF1clPyUZFclqulPtwLcJ28REdN9X11fKHGwaF5s6IiDRRio7DcyQA3w5ZOWxTCksdF4e-vMwD2ZblgZZUJ1uXhSyYdr4NZNHPd0yiokI6v5_y80ZjRRBZAYY__a-E3qBxc8Nz8XpaeQN-uTM4oF9iU08v68E9jMBY1W0j08PUwGkj44V4yl23DaipyRcyCTSv378droYoOU0T5_txvcUa3Kk1i1moUo2NH0qVYP6XAXxXLaNH7Fb-HXP4c0Q-oGQcsmmQVSWjjoN-Dl9rKstx7_bzeCPT7KgVHPuS2r1Png3ldgier7E9Yhn0WuIL2VNMl-1ULJENMTSZEKuhkGDKR-eF4DwJQsk9v3sUoS_p07xk9ZD7Xc28QQWzNzdfyWSg-Mrj_S-SE-wtWyt5z9cm0Fpw9sfqiQxhd69VLTDZhLGPmv0rLH6M7fp2yurnvRuJC6HV2dkwCiqk3zEvX4AjGtliYNUdiKbK8UDmKiDJbjcLQatS4wEx6OhmIEU3-fNTozrWyDiaPEpbQUuMbn2qq-nT9m3zYVFvPO_uAS-0VnachASX1Ybm3uRh26bkhCCqJ4NFuGP1UWd9YaGOKVDqe626U_E5kOlL1ZI056fzgePTraMYg5m1NdetOKJ8Q-1_Pah1ZsnU_oqjD-JWGt0ZaNZ74FHNVploCTdtoa2FVhrRYjB29nd2YImFO4YvVifzY07upWrxR7btlw4Kqmm4xJ9uzusSIEc9IwtoBOkluYFVV2zsvCxaOyaFsI3CRL4RHZMjtT_r6sdjjMN0kt9SsI8AOJHRTxuFcTKzJfvneb-BAsdgujDnSY4624jX7H4Ath2mVPOrSJTnvb9sKTH0gZFG5VhF03_LegX8kteOtwe_SQWB0YjQAj8pJgpFgNhd3SjyMSgfTCQLOvLsyohaxEhmd0o1vbB1RQw_XyOqck_caah8GzulNg1G3not08UctW83LEQwry6w_aTEoX94DvhTfj1R3PDBtBXpkhvmTFvTNrVfrcuDQS7edJ8dEEaKPgUbiiGKBM13JeCzf1xggF7NxYVIUhsEDS7u5I3f76oPlsyqMGW5bwa6ucaZWDUwmaMP_TFOdHBpwkn41qqT9GRecEMLJCKuNxFQJvypYXQSFx9UQU0EP1gkoOL_7yDMcbXWkYB61UDPcK_FUqlUxZI2r9Znpkskx-Mt52jMuINL4wlqSnzUuofwjsJGNPoo6pHwQ_jNK4GXX2OVL6FfIypv34ie2DNJn_X2YlpSlYKRtorXMRwXSvt24cwh2TF4BtpE3FfjE-cv9zvFkpwtiJ2Zd176q6NxoRCZODymKpvfVX71v9bQMbOU1bhKCwuPNBquvPacWIecX2wkxFCfdeGMKn7ZaUObAJL6i0HUQAcWknDFvAHsxU4F_ifYkaEXYISIYYeamDtzi8uIH66-gkjGp_EkRsuyeWxRW04C1-J333CeiQFvm5-oFu5HmOJI7qf9tf5b6M8XIntZrobxdZiZ17HKBqMZTB21mPM_iKjrCbRUVRErfED450ewbHVA8tBN6DywKBS4f1N9vf2rwHEqP6_AMtQXmwQGO3SB7tnjQ7itXPu4fNbaffoyEqlCLq2oTL-BE90aMGz4DqNrhJePBEiw8QBrBgEIKEAxOARGeTRB-7teuZqcU_nOn4YD4rmYcTtFz7actVeisTZccUJH674zfyp6AMAstI-7AW7aGuYo9fD3oKbd2TGRiBKhMs9XOwmr8wmk37JafLNCGl9-_C_iFB9C7FWSt_2W-zfO36wdUBdKJYva0v40s93Y2vK2WFI-Atf5ryAfgqwJhqt2CquQThfwv7ULkKagpKuqnEaSRuuh0nFQaAIu50EfE9soNahcxIoumIjyOvhl6n2MEusscdnt6qfKFTG0nmMVAqlb23Rmjf3PHmeqCoo1Ya2FHzVvpyKBSEwws_RaayJ8AW7794lC7FPxc8HsDh6_hY5cPHlEW8yIxeK3IB1L9UH49Uj3l1UKo6oC7UgUMTVqn5-LYQkOkDEGYIi2-m8wqlknK2P-65JgEjWxM6SwLgbXWeLSBPYVVo_KsrfQ6YUxofXngH_108vCLkNIRgRvzA1Xo6zOXHunoAjdkbb0UbpHRaBTyjsXRhz1J_ZnscDs_8HMiju820HCGphlavc-AcMkaaN9_n8dZQGfgs6QTsDNveq2jD7O2Gj4HKguos64BWBnoYyUaUjxRBjxPvTgwywiJ-5rp6MPjqi0zjTrNcOmE6BfeKiiWzWa__oc1qWFk0zkHaGnaf-vwCehv_VV0diS6mz8IGKRMs3Yz07c5TXEp4jmbsPyLnOAJenNtRU-hxKfLG0-cj7KrF74J6uDDlB2o_usjdFnGb0Q6sqFe5Yp71bfZGAdDWJ9kdQxHAUrOB_NmLCgNvJWbCbDCDzmwM2HIC3gtxhWznETQPzyllxPHf75BlyVuVJkZu4tvqBogb2xtmbRJH7b1Tc-azgicT63XauI_ZWFKK_rO-N85f3NuJiyX9ypw8C-ODYnb_Yed6LnRflhMalRrw3PDMamP6kpuQkL6SbmdolSgLplr9bNoYXnkmlC1DFD_z3GVt2K8_J2v9etNipATM0ylAMeceqNH3a8G-gGngTpxHOp8XDTX3txuEFlNiV4JTAbA0_gpMQ_jGlDFLF2LV_s95U9w7wgBB9cOpEduE6ndG4JmTGc2hG0yKcLEJnusmhGGffVKHC6mIz1ixmBns90PQ7kWJ9Y-z1Ji9NVhJhePkcJK2xpuFSdOdiEOksvd6g5i-Be2Hgnx0dyxwJqpY-r4wxEAHMPArPRYix_c4ZmSW5vVdtE_FYGytKn-vN4DuA8Vb-OW18N7Dvoo1nPfmsIDNPBvPKmqLTLsgAnDGdiAh4zphea5rZUeFNm2gzDNRw00TJQzt5GVUgaikI6YxYpQ_f_la98_Doy8Jt-cc_kZw_9-1IKqE0d_nfjzbs0MWoAH8G7IvipLZeevT8fXXHxdyaS-HoY_LcJvjDp3GXx-T4C63scv2AfW_8aDJZ8f0fT3wcKMW8i7UEtGGGtIcv-JUwDox4r41qFDpE&cid=CAASEuRoCPse9GsY0wxyRLTDqktikQ&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:26:52 GMT
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 3E4B 		114 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Origin
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 10:44:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 10:44:26 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/ Frame 3E4B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUboV1sDEfjb2HuWpazrlDqR7wCiUIe30f-QwAklyqDwqCVij1grmL-TlLjEgDv1Yz0LkyiK3orUkZnK4a0-YAwdI6RnMb-DNV4-Oy-D-10B88i2G47Q2i8zh-JZPrzqnqgsnH5x5H1yjnMcwrtB56c-8Myg&dbm_d=AKAmf-BZZCDncK96nCRLqBwGQyJWPP-f2cYf7GgKb1VC805AIcr2NxHXj5ALMCpIL_8LOb0OccZ1l0FvELdPKXC-Y85bO7gKAWF8ecQW-IoPAmOvbOZiAAw1uC7UdEz-jHzR_Y-0loraAHlIu-H8olmliBRP4NRdyN4oL5cO8RhtXBvWxCcKu92a6KKgmbABGal8-4zUbN32MdUB64yjhxi4P0SH6Gctfpam64lt4SdvTCWR3O27fmKcj9WhVk1kGslGHnCd0bt-JAJ8Z_tyYU0BMdTJ2I3cBimH28XraqINnVcS2JQqk27PKnmB1Pje0DzW8HZIAhYuDW34IjsSxZsXCuJWsvR9HZTUgP6F4p4_HQlY816rnetc3S9njnjMg82_rBAMSHllY33vJ8B3gU8MNME3Dy16udYGdCx30jhbEjGf4A81XCDDRDGrL19yJb91ciZfVScM0xCrcbM51YTAoVTKgClfRXCjHf6eCU4sQ6jcz-k2nSdRFrvIOSP-FmMqsNMNrrGkE53KHC7Wm8A7VkpJAhxCwUTQLlwZvf2Bp_cyvUxoL_7ihdapNpn2grCTTWJIO-ZkZSXnyjSYFORmmzZLFe0c84V17Kuf0L995-xgGPOfhP01QO5UR5OxI4fUT7cj8qP8pHxaC5PffQSgkHnm6JpEO0p_8LyS7oMFFPDfMQqyIgAHj5t7kULbuHk04U-7o8fCOq6pKVNjHUEwwjuldI--SxPNL6UWoSI6aHNG_lxFcHXRZxr67lSyhH5GeX8evDFHwrZO6GrheGl8QMqBUu7gEv-1Ld2Nt-fzYUFvoY_uy6WZ5leRMrg9GRkiQgcEisp6QrpaAZGMQEN0XjV76kdqjsLnqPrPgjDP_s2NkCwxHHU32H0ATnL363KGiR-gPwt0mWcUg2TnJCka1qYAP7HcyzUAGodUz9Odt1hUu6Off51B2f_BVsHlmxRpHx_LCnVdi75Wz55vAPlQjJaCf7A963ygm3f0TbsmTc3o0lFsSV1vmTTtjnhdQ0TAzu_lAWjg5EaLEomJQboTXwr-9nAmDRn807LYkjYNiXEl0JgwHFrAI2CyKjQ1SLt1mKEaXwkz8bXaJQeZmVdV5S0c5G8H-4AXf6ONwJAR1QniOjzY6wYqAGVdJkZFEiQu1bK2Wbatqb075JpSMX5c3KBAQ7Qvfq_bkxFCYvLxyURcblrdPdZwLoZKeLLPY3ktjBySr6TSSRb2taSzhnPciGWiphCT5dkxJ51UTKgiqz-HjWLmki3AYQ-MB1mjMCcKlk70UHKSqpiQ9qY9QoNZxR7Lilc-YSCAvE8v0bdXC8eDMhbIQjdTbnpsoza3EJmnEID1nXtKYAekI4gTcsDApzeWnDJ-pYi9URfR5JxjpWnu-VPXe5dKg1vzZP9QjUVQi9R2n51Kc5mXpnDtWjnOr47vBt4-EsnG4j7C78Ywfr7GK3R9tXzflftInWS5onZQgV7sIW5MK0DZJALCiFLVYpGHup4-ngAq_Bqnj6UgGMzzmmqHZGEk7fW7BD_emVNYNUPqljcszyMFvpWOtpN7PGwQ7Kbnoh2luJI6ePfXbPykLlGCwC1eO5ciWaI45Lvcntkx8l3yTY0wZxU7ZnFoQ_nb4Sg_mSILuzgeLHBGaAYakbPu7DDTkGJC5b-D55Iw2ZL4C4qN5pnKc3yeqpH_R_hLku6JaIUQXP_Lha2jmoNbOI4nGau6aW0hxu-Zv18V4q-deMIUDgqvHUGv8D0WQKFvm8Cfjdt6AAMB7MMjt3zYFb_4wpIJiPc8FyfbarblfMBDahqsHt7xVD01HVTPs3BhFCoVJn6-Kbznu9rfcfThSOyzz_wPWTtqyGXMGKu_dGNbKAKSdPdjONagLsQdOOFICpW8mKscMTxpZrOKMwiZediTPBJ1azZDayRcp9AMI0u3mR2AXzlupmJYeET7dZixX2jaT_sMuBzQwKqEjyhgc0dNrfRwF5OsQFA5IePTJcs16kU9q1fXB_jAE9Wb_I7LECctFiuywto1bKeR9rSwIm9aDWDKeNdZG7cwO07FPlyMgMR8bWNfxkcz_FJnLhkYSLLhCHC6Tx_e32Fv8RpHTfBjQPXzGfOr06o5YtWlB0xhAM6eKnovsOW-trUioBMDdnJmr1YeMGU1SEMS7QRU2MFkSYYh9Bl1DuytNcNVzmEC5H6pEbfwDJQcQMZs3hozqhf_PG_effhpBq_zCe02Gz4f81ox_YTE3sCR2BW0xZ-aQEKeG82TMB6JRAIuRPv3b-o_5nY16e_quSHcyEPBB3O2yW8b9GOAIyiZcu1f23yrPb-HzIw1TPHGrUiAUZTeaMNiAAtbSFnWsBKzbKpuVyQ92I5Njyu_2ZSvz00r3H4PTLgRhzdLW6hUfXLvYsQ37tzSyOUFa1T3UPX5cIIrv_6r5iA85pBPfyW4Dm3IbveM6E6Jd9HiHGM6ZdQcmQ3S36UJALoKAIBCMMI8rO6zzqxLp3yxP32rL84DfGWML7iKOkqaAsKiXqJ2m3k6livfXAsDLYxyMVQPQdsBsN-fJqCVoD_caFem1-1jtxojQlG5y9IjXSYj7sDCy3cgIxGUXvc8Ok10yO-exN5IzUvYkSF8In7BFBlcjtDNHMu4gDAdatVlBLnm26bE8XXB4RreiCmbHYgH7kSOkrsIIOD6gFgw_JqcBMYLDwGWbAy_08NkWo8Yv17xMdkXheJ4CsTgLR6PtUJtdTmKHaWFIbQFZL3-hwknZOJ0J36mWmQxDBBPLOKHmmeBIPvPwA4JRuqfRILFfcxW1g2i06lI6Le_ZXLKRSQCGNLuDDJNLqfhcRNV5tIpuowSRsI5GabfLc_z3W_D5mIyA_hwsbRV3SpVRvK69LZfeUXlzCVw9OwU9Im8k6btrz71hm9V4tPc_Od1SFxmEA8KI0gzvmQyKF1YqfKRscMY8HZH9fimNoNCrua1E8Q7-swVhiRA5kgnEixfJYSUzGLv7gxC31d3bZi_2IWL06Bv8GWAKuLjgFt9lxpg3xzorE1tPYcmDekOMriJX1PgA1stlG6628rgpnA2WTUREjqDanAcVrjm55xDQfqdWoCbw4CtEw8A7XITGgQrBqNUN1G6oiU94iWnrH3gFEiaUtY&cid=CAASEuRoAu4sP8MPqJHgKu-txjYVBA&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:46:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2558
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 22:46:56 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/ Frame 3E4B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211004/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUboV1sDEfjb2HuWpazrlDqR7wCiUIe30f-QwAklyqDwqCVij1grmL-TlLjEgDv1Yz0LkyiK3orUkZnK4a0-YAwdI6RnMb-DNV4-Oy-D-10B88i2G47Q2i8zh-JZPrzqnqgsnH5x5H1yjnMcwrtB56c-8Myg&dbm_d=AKAmf-BZZCDncK96nCRLqBwGQyJWPP-f2cYf7GgKb1VC805AIcr2NxHXj5ALMCpIL_8LOb0OccZ1l0FvELdPKXC-Y85bO7gKAWF8ecQW-IoPAmOvbOZiAAw1uC7UdEz-jHzR_Y-0loraAHlIu-H8olmliBRP4NRdyN4oL5cO8RhtXBvWxCcKu92a6KKgmbABGal8-4zUbN32MdUB64yjhxi4P0SH6Gctfpam64lt4SdvTCWR3O27fmKcj9WhVk1kGslGHnCd0bt-JAJ8Z_tyYU0BMdTJ2I3cBimH28XraqINnVcS2JQqk27PKnmB1Pje0DzW8HZIAhYuDW34IjsSxZsXCuJWsvR9HZTUgP6F4p4_HQlY816rnetc3S9njnjMg82_rBAMSHllY33vJ8B3gU8MNME3Dy16udYGdCx30jhbEjGf4A81XCDDRDGrL19yJb91ciZfVScM0xCrcbM51YTAoVTKgClfRXCjHf6eCU4sQ6jcz-k2nSdRFrvIOSP-FmMqsNMNrrGkE53KHC7Wm8A7VkpJAhxCwUTQLlwZvf2Bp_cyvUxoL_7ihdapNpn2grCTTWJIO-ZkZSXnyjSYFORmmzZLFe0c84V17Kuf0L995-xgGPOfhP01QO5UR5OxI4fUT7cj8qP8pHxaC5PffQSgkHnm6JpEO0p_8LyS7oMFFPDfMQqyIgAHj5t7kULbuHk04U-7o8fCOq6pKVNjHUEwwjuldI--SxPNL6UWoSI6aHNG_lxFcHXRZxr67lSyhH5GeX8evDFHwrZO6GrheGl8QMqBUu7gEv-1Ld2Nt-fzYUFvoY_uy6WZ5leRMrg9GRkiQgcEisp6QrpaAZGMQEN0XjV76kdqjsLnqPrPgjDP_s2NkCwxHHU32H0ATnL363KGiR-gPwt0mWcUg2TnJCka1qYAP7HcyzUAGodUz9Odt1hUu6Off51B2f_BVsHlmxRpHx_LCnVdi75Wz55vAPlQjJaCf7A963ygm3f0TbsmTc3o0lFsSV1vmTTtjnhdQ0TAzu_lAWjg5EaLEomJQboTXwr-9nAmDRn807LYkjYNiXEl0JgwHFrAI2CyKjQ1SLt1mKEaXwkz8bXaJQeZmVdV5S0c5G8H-4AXf6ONwJAR1QniOjzY6wYqAGVdJkZFEiQu1bK2Wbatqb075JpSMX5c3KBAQ7Qvfq_bkxFCYvLxyURcblrdPdZwLoZKeLLPY3ktjBySr6TSSRb2taSzhnPciGWiphCT5dkxJ51UTKgiqz-HjWLmki3AYQ-MB1mjMCcKlk70UHKSqpiQ9qY9QoNZxR7Lilc-YSCAvE8v0bdXC8eDMhbIQjdTbnpsoza3EJmnEID1nXtKYAekI4gTcsDApzeWnDJ-pYi9URfR5JxjpWnu-VPXe5dKg1vzZP9QjUVQi9R2n51Kc5mXpnDtWjnOr47vBt4-EsnG4j7C78Ywfr7GK3R9tXzflftInWS5onZQgV7sIW5MK0DZJALCiFLVYpGHup4-ngAq_Bqnj6UgGMzzmmqHZGEk7fW7BD_emVNYNUPqljcszyMFvpWOtpN7PGwQ7Kbnoh2luJI6ePfXbPykLlGCwC1eO5ciWaI45Lvcntkx8l3yTY0wZxU7ZnFoQ_nb4Sg_mSILuzgeLHBGaAYakbPu7DDTkGJC5b-D55Iw2ZL4C4qN5pnKc3yeqpH_R_hLku6JaIUQXP_Lha2jmoNbOI4nGau6aW0hxu-Zv18V4q-deMIUDgqvHUGv8D0WQKFvm8Cfjdt6AAMB7MMjt3zYFb_4wpIJiPc8FyfbarblfMBDahqsHt7xVD01HVTPs3BhFCoVJn6-Kbznu9rfcfThSOyzz_wPWTtqyGXMGKu_dGNbKAKSdPdjONagLsQdOOFICpW8mKscMTxpZrOKMwiZediTPBJ1azZDayRcp9AMI0u3mR2AXzlupmJYeET7dZixX2jaT_sMuBzQwKqEjyhgc0dNrfRwF5OsQFA5IePTJcs16kU9q1fXB_jAE9Wb_I7LECctFiuywto1bKeR9rSwIm9aDWDKeNdZG7cwO07FPlyMgMR8bWNfxkcz_FJnLhkYSLLhCHC6Tx_e32Fv8RpHTfBjQPXzGfOr06o5YtWlB0xhAM6eKnovsOW-trUioBMDdnJmr1YeMGU1SEMS7QRU2MFkSYYh9Bl1DuytNcNVzmEC5H6pEbfwDJQcQMZs3hozqhf_PG_effhpBq_zCe02Gz4f81ox_YTE3sCR2BW0xZ-aQEKeG82TMB6JRAIuRPv3b-o_5nY16e_quSHcyEPBB3O2yW8b9GOAIyiZcu1f23yrPb-HzIw1TPHGrUiAUZTeaMNiAAtbSFnWsBKzbKpuVyQ92I5Njyu_2ZSvz00r3H4PTLgRhzdLW6hUfXLvYsQ37tzSyOUFa1T3UPX5cIIrv_6r5iA85pBPfyW4Dm3IbveM6E6Jd9HiHGM6ZdQcmQ3S36UJALoKAIBCMMI8rO6zzqxLp3yxP32rL84DfGWML7iKOkqaAsKiXqJ2m3k6livfXAsDLYxyMVQPQdsBsN-fJqCVoD_caFem1-1jtxojQlG5y9IjXSYj7sDCy3cgIxGUXvc8Ok10yO-exN5IzUvYkSF8In7BFBlcjtDNHMu4gDAdatVlBLnm26bE8XXB4RreiCmbHYgH7kSOkrsIIOD6gFgw_JqcBMYLDwGWbAy_08NkWo8Yv17xMdkXheJ4CsTgLR6PtUJtdTmKHaWFIbQFZL3-hwknZOJ0J36mWmQxDBBPLOKHmmeBIPvPwA4JRuqfRILFfcxW1g2i06lI6Le_ZXLKRSQCGNLuDDJNLqfhcRNV5tIpuowSRsI5GabfLc_z3W_D5mIyA_hwsbRV3SpVRvK69LZfeUXlzCVw9OwU9Im8k6btrz71hm9V4tPc_Od1SFxmEA8KI0gzvmQyKF1YqfKRscMY8HZH9fimNoNCrua1E8Q7-swVhiRA5kgnEixfJYSUzGLv7gxC31d3bZi_2IWL06Bv8GWAKuLjgFt9lxpg3xzorE1tPYcmDekOMriJX1PgA1stlG6628rgpnA2WTUREjqDanAcVrjm55xDQfqdWoCbw4CtEw8A7XITGgQrBqNUN1G6oiU94iWnrH3gFEiaUtY&cid=CAASEuRoAu4sP8MPqJHgKu-txjYVBA&rfl=1%2Chttps%253A%252F%252Fwww.lotterypost.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 23:26:52 GMT
truncated
/ Frame 46C8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
911fde909895cfdd04c73dcb3bc9933f30ba75df75d2d3ded11d71ea2488e276

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame B8A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
server
OXGW/16.216.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame B8A4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame B8A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Oct 2021 23:29:34 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B8A4 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNWlPZWWxnmrIDsmA2LOyRvu0OF5Wtr6f3lzU45dh1_JynknK5xqQsC_aZs-LwYqqxOWt-SQ8pEgBJ9eefAKpKv9DyA1ZwOEcon3UT6tlfRmHrrqTwSVd9kZ0Pa57X730u23aWf5rPalbKK4zur9om73V_7ruNict5qT_-ase8_18-7N7ck
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Oct 2021 23:29:34 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame 2B44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEFUpYEEC7TU6uzrlXDMtf0g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B44
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjMxOGU4NWQtMDQ2Yi0yOWM4LWQzOWUtZGQ1Zjk1ZTA1MTMy
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 2B44
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Oct 2021 23:29:34 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEE8gV9Vt6eiD3GusRGwUNdM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 2B44 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYrsbeswEwAQ&v=APEucNWdAdblZyH-NjfPKxOFD-KidqPh2TD8ptNV--w2cwH4IzZWzBJz8mm5DeNFCzYcpkfALiPDLIbjFWcVyhZfmU3r1gcpT9hIr113O2pL5jGjOgNcIR1gLH2iePsON7LuDV4I5dZeiFbysjg6RFfcWUjBw7NaoVCTIBjKQy136XTNtEW_I28
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 05 Oct 2021 23:29:34 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame 1115
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1&__user_check__=1&sync_id=195c615e-2634-11ec-999f-141922060206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1&__user_check__=1&sync_id=195c615e-2634-11ec-999f-141922060206
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
20
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEFOLRa8qwZNKxzsUEBGV4Ac&google_cver=1&__user_check__=1&sync_id=195c615e-2634-11ec-999f-141922060206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1115
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk1YzYwZTYtMjYzNC0xMWVjLTk5OWYtMTQxOTIyMDYwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk1YzYwZTYtMjYzNC0xMWVjLTk5OWYtMTQxOTIyMDYwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTk1YzYwZTYtMjYzNC0xMWVjLTk5OWYtMTQxOTIyMDYwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
62
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 1115 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYkuCEGzAB&v=APEucNWD6BALlYG3SPZNYLqM01rGN4R1t_U5eEzvaY5hQntEn6QFnsiOHGHi4wMWUMh4J9FwDCPxxgU2Kqai6hp3yYr8YemUzhYwTzBYK6Kkjc6UuUpDHYQmTuoKdqhO6En7DpSbfR4-YgZnYX0cAwV_4j4E_sQJc7UcbvswDjZH7y5iDn-ZVYg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
pixel
cm.g.doubleclick.net/ Frame 720F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOlTK-xdffgPZJ8Ac4tjkb8&google_push=AYg5qPLh659IylRzDn0IpKRVi0fvkV5zgKQlcc-JPky8zhMpRr-QT8EdKG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOlTK-xdffgPZJ8Ac4tjkb8&google_push=AYg5qPLh659IylRzDn0IpKRVi0fvkV5zgKQlcc-JPky8zhMpRr-QT8EdKGPrAM1qXxImxfnhiP9KhfJTK-CHBkIG46QBnq3fw4mt
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1633476575.540772,VS0,VE89
x-served-by
cache-hhn4025-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEOlTK-xdffgPZJ8Ac4tjkb8&google_push=AYg5qPLh659IylRzDn0IpKRVi0fvkV5zgKQlcc-JPky8zhMpRr-QT8EdKGPrAM1qXxImxfnhiP9KhfJTK-CHBkIG46QBnq3fw4mt
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 720F 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBB8tz5bUyH3V46dFQrBjvw&google_cver=1&google_push=AYg5qPKUDnDBfeSEoLeM42R0ApUY-Ok4Gja4RKEpidYkEvFQRLvBkjOhwjGDmKycwGlewO3HJF3zW7b0EWYi9dX2hny46oKuW00g
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:33 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 720F 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDTW9z030zh7i_vHcRgaWK8&google_cver=1&google_push=AYg5qPIebiX-Eue2Up5nxQ_capLdK8-u2J9qpjyon35zXmOKnLk9twucUF9LUH1XotZCg-cfHlEk12E2f8DHa2RnBk5zbErEDz3h
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
alt-svc
clear
pixel
cm.g.doubleclick.net/ Frame 720F
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhhdRsykxwbN6p5aVL3uXecA-EGALxmxkeANWs4zRD1_Dm8X1OsUO0R3T8ChD4xzOLXIiQBI0sRXoQEVny0yN-B3T9Na_z
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJhhdRsykxwbN6p5aVL3uXecA-EGALxmxkeANWs4zRD1_Dm8X1OsUO0R3T8ChD4xzOLXIiQBI0sRXoQEVny0yN-B3T9Na_z
date
Tue, 05 Oct 2021 23:29:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 720F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2Y...
0
0
pixel
cm.g.doubleclick.net/ Frame 720F
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9M...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9M...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM&google_hm=ba575aaba583875d62572e5f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM&google_hm=ba575aaba583875d62572e5f
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIGS5iTSIAxQtcm3N9lZV9TDY_A-gZ7aQGahU9cRDBe36Dt83Y9izy3hcvmV2SDnqFxfq2X7dNSZQJ9GDB9MldDAIXoCcM&google_hm=ba575aaba583875d62572e5f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
dot.gif
s0.2mdn.net/ Frame 720F 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEK7XeQlLviocZYKeZX9P0Wk&google_cver=1&google_push=AYg5qPI6BEQtHeYU7vbkvG3qGPtLsscWToa7O9hRFF6-BlosV79nrcomZCfUbKH7AYUzMa11R_IZFi0mNbXLrUuvyP73GjWDm9sXxw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 23:29:34 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 720F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K1o_LUxC1oFbWWJRKPGvBoLprFy7nacgXuHaa6H9_3LX_pStAPGQSreCUVijOzz7H55JSA-w
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 98FF 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1076053
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 23 Sep 2021 12:35:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
699a6ed0881759e3-MXP
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 98FF 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84557
x-guploader-uploadid
ADPycdtJWLatNlCMyFjyC69umkNd8lp942QpohL69qnvVfnLgCmFFITPiv39hUc4daRlkjF_JQyHBv6kaf2nJzdbcyU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 08 Sep 2021 05:18:43 GMT
server
cloudflare
etag
W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bo42C0xTkQyz0y3r%2Fl0CEt7KHsy06D%2FX%2BUwINzVv5ZfAtE0P8996UAQLSB6oBXu9YTiFZc6SlqVrdmfk8V3jL6hzVsyDsWFWGkrKLFTu%2F7EuaeTFJyR8%2BCoCWBVkZV3yqvdJ0%2Fg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1631078323262956
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11933
cf-ray
699a6ecebddd59e3-MXP
expires
Tue, 05 Oct 2021 00:00:17 GMT
npoee1nv94vs
hal9000.redintelligence.net/zone/ Frame 9243 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
46.4.10.49 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.49.10.4.46.clients.your-server.de
Software
Apache /
Resource Hash
b6a996b251e633799fe8f5cf3e9de4d3f1683e0c03ea1a4faacfaa4bc1985857

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3908
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9B63 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 04 Oct 2021 21:57:40 GMT
expires
Tue, 04 Oct 2022 21:57:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91914
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1F9C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 05 Oct 2022 18:13:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 57F4 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 21:06:15 GMT
expires
Wed, 06 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8599
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 1F9C 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19ec365a21b9f4a4dbe55c21cf164e69bd15b982ab5312991a0bb8ec12fd3388

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 3E4B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 05 Oct 2022 18:13:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C4A8 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 21:06:15 GMT
expires
Wed, 06 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8599
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 3E4B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7461202b13ea22816a1182f80b8a5f1b451f3e8ec4ac147dfe74c9d1abb879e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A3B6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 05 Oct 2022 18:13:36 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0299 		1 KB
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 21:06:15 GMT
expires
Wed, 06 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8599
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A3B6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20504c17797c89c21417e9c1bf94a7bfa4a1c5f2998d7902d1b669e4eeab67db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
request.php
hal90009.redintelligence.net/ Frame 9243
Redirect Chain
  • https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=916283846821&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
63d4f0e48a4f852c18776919a1964672be22804c1a981c91ea4161d9c0a9798b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40882900005550600710616011739009
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
894
Expires
Wed, 06 Oct 2021 00:29:34 +0200

Redirect headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=916283846821&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Wed, 06 Oct 2021 00:29:34 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E386 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 04 Oct 2021 21:57:40 GMT
expires
Tue, 04 Oct 2022 21:57:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91914
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sfht0if3y.js
cdn.krxd.net/controltag/ Frame 1F9C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 varnish, 1.1 varnish
age
1176
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3744
x-served-by
config-service-a003-ash-prod.krxd.net, cache-bwi5181-BWI, cache-hhn4032-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1633476575.715244,VS0,VE0
etag
"6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 86
index.html
s0.2mdn.net/4528516/2173885051601150/ Frame 9E58 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2173885051601150/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
619c8efddf09b09ffe5b1d639d4ed453b8ba7cdb86e8078b231014a44b57de0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/2173885051601150/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2666
date
Tue, 05 Oct 2021 10:50:41 GMT
expires
Wed, 06 Oct 2021 10:50:41 GMT
last-modified
Tue, 06 Jul 2021 10:10:27 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
45534
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 1F9C 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9-tliVp4rGLcyEGaa-_DbYNmydTmGcO6Mc5suCC3H3BfY_Pddhvll1f2lQq1dWZ8DhECuxMpyoxGcIpl4uRFEDavh8v_1lbEyomPKeKle02XRTJd90BOFurokbrZZa0hvQlxSygM8v-nz2ONcERY3TkqSGsa53J2Bic9t45a3OxwdYzX8S8Aq96Bq7VVva8I6iKIWbcRWqJFu3l2EJeNeumAfBa6_8QWdX8Q6BIf-2X7iMX3ko3ZUy24fgv-kCMm4Zp-GDjDs2_UBUI8-hj93DEF-Zj1iTCtjLQjuX8qCAtlJBqxUg2-YmRKalmkOT1i1s1RFBnHn2pq6iyLnsO65WeMnTzhOTgsmtIGkfBfMohE1Czzyc9HWNoZw-E0qBl7cU3n9XZh_z6s-iVpmaAgMOc-Mo7mmQPL2aK8s5KyQ3taYVUsvvGJkTow8mjpzgMTPMzO9AusIMtjNxDhbifi-BZaaVvLf9vwMIcJT4h5LdCzrTyaqo39FKLs2o-d19TezexVtAvx_TcR2JDmEhLDLsyYM-VLxt3boe09gSZg9Zv5sjogPCieS_tvGDAs-HlvKJwjTdV05jg-PXw_R3QO2LuBVbbWvUbY36-KRyxTrDU2I-V_RKCyU6rP6sfsRJDDds-cKDK0C69bqAUcIOM5MNgNF8yRUbQmgO_MMPRvkB4Ykaj0_M_blL5lwBFAqKOUwYJ-e9iqsZOoZuK55V6_7cu_oXIBo__mt4lnLfIvtXZsRm-sCe01E_mAc2oDmx1U5VmL9RGeslt0RQkpvlD54Pku3IIA5cfaO8SZQo5kCGoHm-bkPq_fgd1TXrXVXcZs-Y6jOHUiZivbKWKFtOexneUjSRMGsWVrkWrrFetbYbnetf2XevPyCDVQteiJnefO-ogbYFyr1qz_VMOilOW--R2mnr0Y4tqMvDHp8zb8XS4V_tku4ZIogb2hNggqnSKtXd5LojjFExUOpFs7zIVzLDiUgHMyEdSeNaf31nbCOvf4blkyFbvAj09Gq2r47rCMI18dwAs33sdq6YysokwzvfH82_ZdyfTHAmU9RiQxJqeqV0fezGfbaNUdMNabjMTGGn3mRfgB5RCTEGuBydET3JB8TXTRfquntLP5KfFAg6b4TbM_RRwpy6SzekGcmJdImAM74Ke09NAsjr2MORo5BC8FvcMkL116J7YPbpw9Uo5VexHp2Lw9gJmW4InpKA8mIay8ddiZcV-VFpCD3j6B8So_ptY-drok&sai=AMfl-YR_70O_16pVLstSQIgMSq32BJsnD_ypYcUi0TaN0nmAXeQh3Xm44j7n995Utt40nJrIdKA1IF_zWa2NL0XmMaww2h7AgwIHqLnO0-sVw9kW5Q3A-18C4MA-gIAxGDwcu_j9fo8V-mQz6rBEM_Xu2LD3-qKSKw&sig=Cg0ArKJSzOomu_cUaQwjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&cbvp=1&cstd=255&cisv=r20211004.33333&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 05 Oct 2021 23:29:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3052 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 04 Oct 2021 21:57:40 GMT
expires
Tue, 04 Oct 2022 21:57:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91914
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sfht0if3y.js
cdn.krxd.net/controltag/ Frame A3B6 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 varnish, 1.1 varnish
age
1176
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3744
x-served-by
config-service-a003-ash-prod.krxd.net, cache-bwi5181-BWI, cache-hhn4032-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1633476575.715325,VS0,VE0
etag
"6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 87
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/ Frame EFDD 		12 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679efa01c0db01376fbdbb83f70eb6178bb2004b7f33d30f2f4972f8454c7559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
1879
date
Tue, 05 Oct 2021 23:29:35 GMT
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
last-modified
Thu, 09 Sep 2021 14:29:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A3B6 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_eoWVmd8AF2qEIx7Qlbkp_Xt3yImQjEVwpa9xXrwAzOHNefF3cVlzPjmRDirgJ8s96ysWV0i8yebohYhoAXBSFEzrG3hgaPdtG4S0m3hc6u8KEBF1xJdVb8QZnFv-RshBd5Kf5DPHDp7joSb9aM262YNjrBP-wh-ZxOvVdGzrRSE1X4lqy-wIY8U2gzNaktQGim-oDg-5jfo0q35QCOV19UQVFe4ipkcyemBFNj2EfVAK7UKkUja3Nliku-JvOBytauJXQYbMwhjvQ0uhtlOSev2hmQ2fEYmMklmQq2qWLz0C3hpeQ_7T8owv9jFIWkE-dTjLv6QrzK8T72gvhAa1aP4QDENTn9xMbFpNiueFlCgKaDicjvjER05ZeXGVEa3OOmZhY8uYvKH_MH4mZdC3DAY9yRW4lGBSa0cIxYQegxP-eVV8HD-4B2qqVpICd_BckBBJFBEJMu6TRGFD7AdjpZMSN4RwJ8qxlpmOuf8JYCrFL4DeEHQeMYEdsVbWJ_yIA-4TmLZPkMOVvy7zS8kv8kI2fLrXYSktzoAurq6-kqZpncDE0GscgP-v6WRDM3tArTN9ohMDDLmpmP96OvcuN6-pyJLU5-Znnbc7AhVh5i6d06yO_W31qk237eurb7XjmWjDDuSdV18w1fT-DYvi7axCDLBJxnPcDroAjteFtnDdBpV4vWccy5RR49NHRM2ZlOAjw3SmzIEWWuoABrussEvbKEWrmzeQD5_OzP5fPyuYPzUEQ_EVUReP6eXl5so7LT6S0yCOhFaOGUzH3SZBrdUy02JTZ1dhRgA9xqHhw-N5_f4qcsrL0wGuvM30NQlMvvfVCA3Ise8KnbPzB-FIDphFR1oW1zWvREy9rBCpYMc0NTlXOI7MYX3JpDvIQ5YfAQ9KniQWCXPqsf1UHVQdk71wjstI2cCD1ybYuMw1n5gZ8CVAYoeVVnWIwyJtRaFi47eVldTnZ25yqEFsuc2eZagqvQELi5I_VFtQzDc6wzl1YwdwaQGDcTAIuv7YNcDnToc_Zg2IY_beot6eknUb5TKefSJiDEGaiSSrboepV_W7uDRL8yKg6nCPzQrj1CVVbn3cQWcEV6QpfIf7fKJyM4L_0K9-LB0fuolV4NyjjU7myuaMMuAzzpDjCJ2Jod1nGhw190VW5QQck_T4RL3a3pohuWTsRhjfuy8pvvwEpWY9aO5rKyKLGlmRmyNqtvyTLuAzAtydWhAwmUGR57b-&sai=AMfl-YSS6AT1u7faoEfNAqFeB9uop5b094q4XZi6K450Wv9kuwLA1jx2bNxlQwrvWVyoDEG5e0HgugxO4NHCSel_xjHwvC6WiZS42twageOX1ywTLIqKSN4aiWWst-d6ra5JSca5Q-UCc0XeFRzYgXk-z7ISqKtcCg&sig=Cg0ArKJSzCG2UVel6U8_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=238&cisv=r20211004.77877&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 05 Oct 2021 23:29:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sfht0if3y.js
cdn.krxd.net/controltag/ Frame 3E4B 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/sfht0if3y.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Tue, 05 Oct 2021 23:29:34 GMT
via
1.1 varnish, 1.1 varnish
age
1176
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
3744
x-served-by
config-service-a003-ash-prod.krxd.net, cache-bwi5181-BWI, cache-hhn4032-HHN
x-response-time
1
x-do-esi
esi
x-timer
S1633476575.729512,VS0,VE0
etag
"6b7f7c5dd851aeb3a658ac72e276f359fcdeb737"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 88
index.html
s0.2mdn.net/4528516/2128478866615035/ Frame D67A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2128478866615035/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
380dc0f2b32c68f27730e2c0dcb9bab05b97103e26ba298a45d43d12979ba855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4528516/2128478866615035/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
2648
date
Tue, 05 Oct 2021 17:54:03 GMT
expires
Wed, 06 Oct 2021 17:54:03 GMT
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=86400
age
20132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 3E4B 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_GFK3bahkgk0sFPxMGkuPVPyLANOsIRSGLGzOBaH1f5y-IujTj82lOs-KvORkxKU8J5hQ37fCkjW3CWsFlp5J8LAv-Ccn_h29rXs3sCtrRjJYdYVXT0Ubl6l2olF7poGtPTuMHuOnPdg_5tz98NyMqHwD7yLxXyRuEsMDAp6qw0qvaUKg-GYCO5Ae3Qqai-2h8u7csPuaEjZaZ1m0mEJ-RdXtUHF8-DNZKLCGu6xw1XrllhJGAPLq3at7h94PrUBsKSfaHa6Fmc8YDZ0T--cWj5eiG7ovCfcE-8Ivb8ZcO7N0kiACmkD-sItzNzQ_mh9qyb0Nzd3QOEuhNPCkOYFJangi768U9FAvF_c4PM7Bqxd1QBfQ0TMqz1AADp0vtIxhv8SYzaqU-oxE_oQbN8k0wxsPzH2OwEKpO1kXMISBLLbxqNetjwkK3ERozwDCHRIrYcIM_zbfVVSYmQDVbvS3Xlmzrjv7vyBoEM_MxdbuEoZrshfxZ0ZkonYe4fgvLUNFeRtgrg2UxYmnJoaFONVg0C8EtcdW6stOEg9ne--jsEPmtpSj1atOUCf6IoFaEzBpOR83H6uy4z0f0WyRWyxhFR0BJkDEPqdpDjXmhtmyqIl6EFb5od0nBSqRWVWBvFg0tOwayhpGCvArU9D-EW7UC3kPwyFtQeyUXYJBVFqOZE49pLK0rkxTxu1VasUkWOHgX5gPZsK-IJfu-cUiRJmFF7AyGrZU-IxsBnGEuCvYv9Dj6vbAnUSwZHyrCWdBbLuI6TT11HRD2Ib00c7H0psTaNyGJhnkfHGG9M5-kSkJ5R6-G75Tv2bR8vfikEIn8Oda58y9kZWrMSc-4GqgK_ovFcuEXvrk8sFmAKTyATNhF5An1_VpHd6NBESfq_icfe9xtJW8Qxn5xdyKI0hteUBFITRm_230t2bUTu7RF-g0og7q18n-1q9Z0wh_ofVmRKU79uCWDkTkO-Wkkmmf8dN3yg3py4Nt4mV5Cve1tnaJSWEr1ns46pzI4B3dSvG3iZLHjEkxW0AIepWxzg8S7qljS4qxfHsfK9EImiyBVd6stk3di6r8US9egd_jCXxaMTj8UoJj_WD0tJA69dTlw7ijNnumtn1YRKZ0_LbLVAaEGSTos5BhirLMEPQNQAN3YcEubAeDHEh6HwIx16nNQ6SG-RbNi7QAlMD6lTlJRo91oW0qzME7Twi0FaEiGI9SFRKsvL9kKj4mRfjUEEtMGsr0IS6m&sai=AMfl-YR31rxiCBoS3sC49L_Wefz0pu56AV3wdTAGEWr2DKQLDEcYo8HOB2LQxksc0T0pov2q-NzcWZB8ABUby97jbFPxEDYE6P27tlOAw9b7E3pWbKI0a7JGCatzN9ZzEBjoQvKvshAburpPEowPwaz4FdvO4SqpuA&sig=Cg0ArKJSzP-312sih4A1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=254&cbvp=1&cstd=252&cisv=r20211004.92168&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 05 Oct 2021 23:29:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A7A6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Mon, 04 Oct 2021 21:57:40 GMT
expires
Tue, 04 Oct 2022 21:57:40 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
91914
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 57F4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAtIXsv3FtsoDX213Zaer0U&google_cver=1&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq-wz1UAXRD4M
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq-wz1UAXRD4M
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
MT3 4033 f73cd20 master cdg-pixel-x28 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJQOi2tLkqTxdIzXukzFdfhv1bRMk9moOjmdq7QWH-l9tmSvJenzPop6R3YLvkcFRSxBrdwDm7klSCQVvqq-wz1UAXRD4M
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 05 Oct 2021 23:29:33 GMT
pixel
cm.g.doubleclick.net/ Frame 57F4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJRwEveIol3h2wUKwT8vYWM&google_cver=1&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpCowfOzhLM7uA
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpCowfOzhLM7uA
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Oct 2021 23:29:34 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPKciMG7DPnonDwm-Iyuag5jbocsJtZZJk__LB4LsdEapL8dVDzey8qd4q_WCD9XNeGnQm7T9I8WQ1CpSpCowfOzhLM7uA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Oct 2021 23:29:34 GMT
pixel
cm.g.doubleclick.net/ Frame 57F4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESENPi2XEqS-dChSPCS1XjsBs&google_cver=1&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTcyODQ2NDEyMDA1MTg1Mw%3D%3D&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j33dq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTcyODQ2NDEyMDA1MTg1Mw%3D%3D&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j33dqHGsnfgQA4
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNTcyODQ2NDEyMDA1MTg1Mw%3D%3D&google_push=AYg5qPLiYk2Q5IPeZA4ofhjCKm6toYorNI1L_SP8fzMnLrtoaTbiwIeO9aR29QA7LRf0wGEhOXmUI_dsOWCd_j33dqHGsnfgQA4
Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 57F4
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEGkrQ5EuwbyoxX7GBKQEz3w&google_cver=1&google_push=AYg5qPLquH3d7BEwYsIYg4UIfAUS_C-mY0aWgvGdNE3Ds_qL4r3DbUnK9i3wgrDR3QV0sxeOLiO...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEGkrQ5EuwbyoxX7GBKQEz3w&google_cver=1&google_push=AYg5qPLquH3d7BEwYsIYg4UIfAUS_C-mY0aWgvGdNE3Ds_qL4r3DbUnK9i3wgrDR3QV0sxeOLiO...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=HyeSEVtcTvShkhKkBC7g2g&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=HyeSEVtcTvShkhKkBC7g2g&gdpr=1&gdpr_consent=
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=HyeSEVtcTvShkhKkBC7g2g&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
dot.gif
s0.2mdn.net/ Frame 57F4 		43 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEBvgNa7KRynk4vG1Wr9Wrew&google_cver=1&google_push=AYg5qPKNvjjTchLMG0Hz0v1keK5cLXpHJUn8EQ3DjVUMka9xFaL6ux9QFGG7HRJGU402YkNqBtaPUVdJ1U3BsjMtxZgYoLh6oK0
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 23:29:35 GMT
pixel
cm.g.doubleclick.net/ Frame 57F4
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8T...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8TPf00XVjB_A&google_hm=ba575aaba583875d62572e5f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8TPf00XVjB_A&google_hm=ba575aaba583875d62572e5f
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPLBib6IBVgeQFKBeDHm51fPxFk1QWn6ih1efHLXnADVuBN2-JZvQPRNg53KysMpLQQxg-FS4l5_kfbdkvZ8TPf00XVjB_A&google_hm=ba575aaba583875d62572e5f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
dot.gif
s0.2mdn.net/ Frame 57F4 		43 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEK7XeQlLviocZYKeZX9P0Wk&google_cver=1&google_push=AYg5qPKNpmFxjr77CeQ7ADRAQVq4t-TolywtUaVBrc0-nMQozMBWEuNpGpSNQiO48JhVLa8RHnnaY3FpKUd28sD6sFe3vB_Wj_D0
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 23:29:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 57F4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJFZ2tIZbowg603V2HaVXOvR5sKi2hVIB8hbLCcsewYM-E9-LrX2tlcmnE1koTLcXHYIIpzw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 1F9C 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
age
2936498
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
6065755
content-length
84509
x-served-by
cache-hhn4032-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1633476575.788433,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame A3B6 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
age
2936498
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
6065756
content-length
84509
x-served-by
cache-hhn4032-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1633476575.788565,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame C4A8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1&google_push=AYg5qPLVofQRQbnPNzhblfyM57zof2qpH0IjsgZ7iFsoczyBgBbkquY3zNaUAquAWgJtmVwJwuf_vn965R0RQZZJxD3Pdr7Sik9E
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODU5MzA1NDkxMDg3NTQxMDM5MQ==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECF6sETIHDSGxTT4mnhHyNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame C4A8 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM2a4sx5jeE15yrA49Qb_QA&google_cver=1&google_push=AYg5qPLhQLSTdXKo0CySDJcngPYL0c-_cY5anIB-3cE_C5Qnsid7QtItL8Vhn8R3p-eLKy6g4pIDRd8xvxItasLfJeLdfjxX7bw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C4A8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBB8tz5bUyH3V46dFQrBjvw&google_cver=1&google_push=AYg5qPIyhVN_znVPgJgUmx-IiJ5dHyOytA3BnN8A7ifgAsy_dK1V7nVXho3jASFrLarxt79K2mFwQ0wMzgWNUSToQC04ZjYvLxLY
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame C4A8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBHnIT4LW9FXUIbh0Xuzx3E&google_cver=1&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ19qbM&google_hm=NzQ2ODUwODY4MzI0NTUzMj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ19qbM&google_hm=NzQ2ODUwODY4MzI0NTUzMjY0Nw%3D%3D
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Oct 2021 23:29:34 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPI0rwq4xJMDYnvkjjt3NzQrXqNXyeoUIj4hHZ82tddGhMRppdSWCig3dCW_sHn4EZ3JK96zQxfte6chSVPb4dbDXVJ19qbM&google_hm=NzQ2ODUwODY4MzI0NTUzMjY0Nw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4A8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKvYnorT3DkZE97M_rBypRU&google_cver=1&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_Q...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKvYnorT3DkZE97M_rBypRU&google_cver=1&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaC...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEyNTM0NTg2MDAxMzg1MTU&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QF...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEyNTM0NTg2MDAxMzg1MTU&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QFqM-PqgmmM19d-PWl5Jf
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEyNTM0NTg2MDAxMzg1MTU&google_push=AYg5qPJI680cW_qY1jskyQt2ERBfCUDUa9570S_x5A2r75vkx0GYuJRObYkETLSK7WpNCJ7VwaCCRX_QFqM-PqgmmM19d-PWl5Jf
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame C4A8
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO5Xb5yqUUQz0jwK5c44iPk&google_cver=1&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPLwPA9_ku--ZdJJg4iGtDe954N9f4kcNlU64FsOdKdsEvY6cK7hAl49sbEPXCG-7IiNSOFLHSDOqSgs2ik0SXonzPZ1qnuY
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame C4A8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOTGdUfzJkKBuxjU3JREzH4&google_cver=1&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7Y1XVqN5hkVGBnjiUz...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TREk4VnZSRTJ1R013andXSXpsRGgxbDdrMU1NdDdWa35B&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TREk4VnZSRTJ1R013andXSXpsRGgxbDdrMU1NdDdWa35B&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7Y1XVqN5hkVGBnjiUzFMAXJZB_0mx0ISxAstLAMj_N4XIQ
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:34 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1TREk4VnZSRTJ1R013andXSXpsRGgxbDdrMU1NdDdWa35B&google_push=AYg5qPIEZcVDfiLmd8orY6RQK6zgXPT7YgbHzwxO8f75BbwwwwFANyDF7Y1XVqN5hkVGBnjiUzFMAXJZB_0mx0ISxAstLAMj_N4XIQ
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame C4A8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFNLuVqQoXr03LWPFnw_8FU2-VZXeQPvVP_IHxlXhWxOgl06TOyKrJLzwtrs5RsSV3Xs48SQ
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 3E4B 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/sfht0if3y.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Tue, 05 Oct 2021 23:29:34 GMT
content-encoding
gzip
age
2936498
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
6065757
content-length
84509
x-served-by
cache-hhn4032-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1633476575.792502,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 9B63 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYo...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZ6ZjNnQUFBZDVzZUFBUg&google_push=AYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYonF5H05gi09PhZfl6iXUNZgMTwZhy71G8YAVVWrCYdMSOv8gpgaqdH3BE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZ6ZjNnQUFBZDVzZUFBUg&google_push=AYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYonF5H05gi09PhZfl6iXUNZgMTwZhy71G8YAVVWrCYdMSOv8gpgaqdH3BE
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZ6ZjNnQUFBZDVzZUFBUg&google_push=AYg5qPKRSwbNCzuNHam3Qh_T8FLVv5yAGQl_xUncHYonF5H05gi09PhZfl6iXUNZgMTwZhy71G8YAVVWrCYdMSOv8gpgaqdH3BE
Date
Tue, 05 Oct 2021 23:29:35 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
cm
a.rfihub.com/ Frame 0299
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESELQhXAUnIUB_MkwKzxobap8&google_cver=1&google_push=AYg5qPLRW6ZeKti0By8tKD4wfs0xOGz63aVQJJSkZYFyd_EOdPZQkKDNZrRAFm1uAeYjaTG9l_rvTz9EIj2DplztKjzPRql...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPLRW6ZeKti0By8tKD4wfs0xOGz63aVQJJSkZYFyd_EOdPZQkKDNZrRAFm1uAeYjaTG9l_rvTz9EIj2DplztKjzPRql3m8c&google_hm=ODA5Njg5NTYy...
  • https://a.rfihub.com/cm?pub=445&google_error=5
42 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.rfihub.com/cm?pub=445&google_error=5
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software
Jetty(9.3.29.v20201019) /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Cache-Control
no-cache
Server
Jetty(9.3.29.v20201019)
Content-Type
image/gif
Content-Length
42
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://a.rfihub.com/cm?pub=445&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 0299 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHu-mc5o4789l3B6So0RE6Y&google_cver=1&google_push=AYg5qPLdxWEKcCJ-LD_HLD0HiX6wwRzLoZfjWC8KWAH1DIVyXytIjYYVRU5siWCHjP3_9etUALpUsHop9iRnlruyY7kECRJkLI4
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDS3sHY8_QznVlo_Scgq5N0&google_cver=1&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNN...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEDS3sHY8_QznVlo_Scgq5N0&google_cver=1&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNN...
  • https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7sqmdEZGiP_1pBVGbWaMOA&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7sqmdEZGiP_1pBVGbWaMOA&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyiF8CHrwn1o_ziSNJJ1M
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=7sqmdEZGiP_1pBVGbWaMOA&google_push=AYg5qPK9WIUByuMkDRs8E0BSdBmFTl_lITCsy5BdJWnmCDatlI_rvac3esPNNZIPVJQo0W5dgvnwrHZyiF8CHrwn1o_ziSNJJ1M
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
237
pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEOG9ihjTAhwqU56OWp9RK3g&google_cver=1&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkg...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEOG9ihjTAhwqU56OWp9RK3g&google_cver=1&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi...
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=2bef3edc-e927-4a69-adfa-fdd02be914b7&ssp=google
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4&google_hm=IoPJAMBwRcKWrRg8oWsFkQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4&google_hm=IoPJAMBwRcKWrRg8oWsFkQ==
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJCr7dKtC1RPGolqn12DFKVQaj_77bqorXOiha6yPzKb4FicMJ5zvAEeiX8iPpzk889dz0WfUolbJBOEi0poHkgmWbjIZ4&google_hm=IoPJAMBwRcKWrRg8oWsFkQ==
Date
Tue, 05 Oct 2021 23:29:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEN-xEygWtS7wr5jHzvJ3eGQ&google_cver=1&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEN-xEygWtS7wr5jHzvJ3eGQ&google_cver=1&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPKxXObACgYalXoMOPYxjgW9SB0Ie6kz_6M1idbkUkh9APigZpI78LHTud1_zyatrNqvObEWk-UYIb2Pw8owpqBN_6DVxg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0299
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpzDrtpvzMBJZAWEq3HLZ4tC4IZloc-4RS4myqvrfxxug0xz4l2I7wukonWCoMOSa4L-bZcp8IzilWwGKvJlvcOsvEhQ
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=U9ZwZH8yTeOT2c9w5CC-sQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIpzDrtpvzMBJZAWEq3HLZ4tC4IZloc-4RS4myqvrfxxug0xz4l2I7wukonWCoMOSa4L-bZcp8IzilWwGKvJlvcOsvEhQ
date
Tue, 05 Oct 2021 23:29:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
attr
cm.g.doubleclick.net/pixel/ Frame 0299 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSglzIutKJUzTG9kF7-wc55QFv0Qd8YtaAVmLvhxCiKgjBl1SEsrk422O0461vZItQsdmw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame E386 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 3052 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame A7A6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
ad_impression.gif
beacon.krxd.net/ Frame 1F9C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618923&adid=321276323&creativeid=153933532&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1633476574
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 98FF 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Tue, 05 Oct 2021 23:29:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10234179
x-guploader-uploadid
ABg5-UxoPNwS_DaOD6_S_CVFJe5ov3VZFonW38nRt3SkTIrljCrL2cPBTD-CAqzrYMj2U41QDlYitI7anDrN-95aki8
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwIGSA%2BKYavz6b6KgvOP4wBBCKI6XsckOFgLnZ2UA%2Fv4A00OWSJQrlSYqHnMw71vMp77ONR864prIXz1EGctD%2FbxxWerSLwQfzkzrmuK6eCEKWgpMA1Z%2B8hDnguYWKUGFvGO3vE%2BT9pJDKZSumzM7aYb"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
699a6ed17bed5a1f-MXP
expires
Thu, 09 Jun 2022 12:39:08 GMT
frame.html
ad4m.at/ Frame 4639 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-type
text/html; charset=utf-8
x-guploader-uploadid
ADPycdunb5fYC1m9dNhoGuLTimCjdDaVqkoUDGHrVfXuZTyYr3a8CcMkqhbUjJyyjLrzIb6bHKjqGO5shRDOMqSBEM1ez9YqVQ
expires
Wed, 06 Oct 2021 00:29:35 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-goog-meta-
x-goog-custom-time
1970-01-01T00:00:00Z
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
1488888
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2Bd9W8Od0RwoFxHf1ZPbdmZln7N7PIeV7xdicOmXZoTi5L1v3B0Jasi6vp9ACSArjaHSkkuZoUnlX64fl0UAAkkrnWFVG8yClSmgfZczz%2F2l8gpWFbF3qMrPJ%2BL7I48%2FenhCUXo%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
699a6ed39c7359e3-MXP
content-encoding
br
ad_impression.gif
beacon.krxd.net/ Frame A3B6 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=312889049&adid=505449620&creativeid=156970804&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1633476575
x-served-by
beacon-n001-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ad_impression.gif
beacon.krxd.net/ Frame 3E4B 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=11313517&advertiserid=4528516&placementid=150618918&adid=321276318&creativeid=143874856&siteid=1729994&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=af5fc09f-edef-481c-bfa7-696005c6deb3&confid=sfht0if3y
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1633476575
x-served-by
beacon-n024-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405
5994599.fls.doubleclick.net/ Frame A923
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
391 B
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
3c40ac84f4006acf81224a4f0ed516bea9de848499af9e27ab7a6d22abf0597d
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 05 Oct 2021 23:29:35 GMT
expires
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
322
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 05 Oct 2021 23:29:35 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90009.redintelligence.net/ Frame 0264 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/request_content.php?s=40882900005550600710616011739009&a=045ac46e
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=3e5765b136&subid=&uid=f87d29046fabfb19&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCam8A3d9cYbHRFt7X3gPKwJGgB7XN-YNXzN65q-UM8C4QASDyrYUcYJXikIKgB8gBCakCc3kTtB11sz6oAwGqBPIBT9CqLW40li1msbHG6AlJsPe2VWW9ix8IiAXFGQE5zNBHZf2TcjaIBy7OkEg1uEqA0faeEPuar0F1dwjbn0JsDaCKvFrKjcxSJhNNs9R-iULlPsk3ydG_jF04nR695Iuh7_VCqkbSUUowBrEyCEjWPEos8dFXuCmKXfKHYjzgRVq3l0lSlGFXg3YMzk0LCz6EIk5aTUkMu3zJwoIr8vAMV7Lww7b5StMrgWhBFf-7D25Wzr1f0bAd3agQSBjbxROg-UHvBtSmCWPluXqJhMdcuykvnhUiybkMnd6D6BqF2cx9q4O8XWRYQcKFEZBRZELaUx3ABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdgAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRosBzxDnaYy-CWkWz8SMW4yg%26sig%3DAOD64_02FalCxcf5A-FKp4krLn_9TKI0UQ%26client%3Dca-pub-1121228379837289%26dbm_c%3DAKAmf-DWYPTl5J-w7M_gu8oFL8j-oqd2nkBkgHR04uYzaakZh8CoJFRCwOouXmRGgfjO9O6jja2Cwfkc3OsWm0myv5hFZdakeJxKu1Ta9FZLzOUAjV1m5T0qVrp-LJrckYt75bAFkLj59UMQE3IkVrCBhuR4d1-skw%26cry%3D1%26dbm_d%3DAKAmf-Dai-V6sYMDjCdpufZP1VNqGbS1E8h0IkR79oDDfWLNWwPLphHEBwMMtvRyLvtYuQ-W52nP1i-ieJbYmewak4dnfEgJxNDT56Ao3wr2XbhjE5JG2srE55c-HTWymm3hPrtuKD7Hgr232zxPFbv2UZbcyvGHIj-KxP8_XIIKjAe6QTh5OmCne9kd4OvNPZQQO-AJbhQEn0C4UPfdmruKSoAOO4yrcOTXYhgRzG6wzk2RLGWcBa1YR8FaNiLsjittAS3x7tm8VoDkP_Sox-4zrjnp_b4YMoUjOpSExl7DzpKjH3cGWFThRGk30KBa8IE_zFjwKVKtAiiZpB4ajq32oSSL3Gcl9jAxYMr-TjG-q1gbNlrGNC1IOfwr7dLH7h6ZtQ8tDSUJxuWivYv_t8bMi7lqhL1RuLsdZ5mv66PfVfZuL7FprmPZckLr8Ydj64plVwZFRbPM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.lotterypost.com%2F&ancestorOrigins=https%3A%2F%2Fwww.lotterypost.com&random=916283846821&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
49157863e756fdf4eab9dea635ad433c7251a7fbdc94ef47592878b226f46d95

Request headers

Host
hal90009.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=851113c4a6bace5a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Wed, 06 Oct 2021 00:29:35 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1528
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7E31 		1 KB
787 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 05 Oct 2021 21:06:15 GMT
expires
Wed, 06 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
8600
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9243 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a342a77cd9e7bdde47e99406ad4c6fd92da4df8c3e9ef857360092c9fbaf96a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame 1F9C 		221 B
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cdbf92b3dffa5072e5338c460ac6c3048a7bdff00c77c72dc9227870c688b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a009-dub-prod.krxd.net, cache-hhn4054-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1633476575.079969,VS0,VE29
content-length
179
x-cache-hits
0, 0
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame A3B6 		221 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cdbf92b3dffa5072e5338c460ac6c3048a7bdff00c77c72dc9227870c688b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a009-dub-prod.krxd.net, cache-hhn4054-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1633476575.139944,VS0,VE0
content-length
179
x-cache-hits
0, 1
af5fc09f-edef-481c-bfa7-696005c6deb3
consumer.krxd.net/consent/get/ Frame 3E4B 		221 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/af5fc09f-edef-481c-bfa7-696005c6deb3?idt=device&dt=kxcookie&callback=Krux.ns.congstar.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cdbf92b3dffa5072e5338c460ac6c3048a7bdff00c77c72dc9227870c688b66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a009-dub-prod.krxd.net, cache-hhn4054-HHN
vary
Accept-Encoding
x-cache
MISS, HIT
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1633476575.158983,VS0,VE0
content-length
179
x-cache-hits
0, 2
createjs.min.js
code.createjs.com/1.0.0/ Frame 9E58 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2173885051601150/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:44:35 GMT
javascript.js
s0.2mdn.net/4528516/2173885051601150/ Frame 9E58 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2173885051601150/javascript.js?1624447940766
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2173885051601150/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35a2a4429ddcadf7d111102cdddf92847deb2cae394fc88ae0b4a4c6f10afdf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2173885051601150/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:57:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59541
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9956
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 10:10:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 06:57:14 GMT
createjs.min.js
code.createjs.com/1.0.0/ Frame D67A 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:f7::5c7b:e033 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Tue, 05 Oct 2021 23:44:35 GMT
javascript.js
s0.2mdn.net/4528516/2128478866615035/ Frame D67A 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4528516/2128478866615035/javascript.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4528516/2128478866615035/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ab391037283a4c8256a0d8a67f9833828d253d133eb8221093fcbeb496d252
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6235
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 06 Oct 2021 04:56:41 GMT
1631190739197.css
s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/ Frame EFDD 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
facd338be7d2ebe007361f4f67a544d9c71269fc0066e5b561ad3f8cfe9902ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:53:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66942
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2113
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 14:29:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 04:53:53 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame EFDD 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 21:05:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 21:05:51 GMT
1631190739197.js
s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/ Frame EFDD 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cecc0742ef005103627c7941da3f787b86a77665670413226c696bebc95ed806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 09:47:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11075
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 14:29:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 09:47:33 GMT
300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 0264 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=40882900005550600710616011739009&a=045ac46e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
85.114.131.233 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
srv21037.dus4.fastwebserver.de
Software
nginx /
Resource Hash
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Last-Modified
Mon, 20 Jun 2016 09:16:21 GMT
Server
nginx
ETag
"5767b465-ce63"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
52835
viewability
hal90009.redintelligence.net/ Frame 0264 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90009.redintelligence.net/viewability?s=40882900005550600710616011739009&a=29c43ec2&vb=m
Requested by
Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=40882900005550600710616011739009&a=045ac46e
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.149 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90009.redintelligence.net/request_content.php?s=40882900005550600710616011739009&a=045ac46e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 0264 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405
adservice.google.com/ddm/fls/z/ Frame A923 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COW8hLi2tPMCFRNAHQkdYFYIwg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6067436367186.405?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame 7E31 		0
0
pixel
cm.g.doubleclick.net/ Frame 7E31
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEJRwEveIol3h2wUKwT8vYWM&google_cver=1&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UVNwcI4YOp7jqpw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UV...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UVNwcI4YOp7jqpw
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=11306663840145189EF3831B6B56416E&google_push=AYg5qPJcqXF0Ljbo2EbKus70YuZwX8zjxG6iIVfct_thMVDXorebrja5Ae3cl8lJH_WMNQ9AbDdubQNxqQBx6UVNwcI4YOp7jqpw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 04 Oct 2021 23:29:35 GMT
google
match.adsrvr.org/track/cmf/ Frame 7E31 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHu-mc5o4789l3B6So0RE6Y&google_cver=1&google_push=AYg5qPJQMG-ComPlqTO9SXm0QfpN04KABER7nmNWAtc0_pVLRRgzIqI_-7e8FJenewWFar-ENLSdybQ0rw_VofrYJKnlskNUsLg
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 7E31 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEBB8tz5bUyH3V46dFQrBjvw&google_cver=1&google_push=AYg5qPKcWKdnQ3UHsoG7322hjKzee05MscUrFbIOKdNUdRz-nk-QiCOvWJB-GngPa4yhtFguPOu0Watb4_uktvmU6_LG2N-w6WP3
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:34 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 7E31
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFkOsfiywIILOa4XGw1hsqU&google_cver=1&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEw...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEwT0fyMRbYHuN&google_hm=ba575aaba583875d62572e5f
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEwT0fyMRbYHuN&google_hm=ba575aaba583875d62572e5f
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 05 Oct 2021 23:29:35 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL2gGUdHYYInyXwF0U_83Nz-6jgVRbzHZvgS7C3mEkssWi3csOuo2T0O0YK-ewGC4KgYc4Rw_FF5IsuTLGEwT0fyMRbYHuN&google_hm=ba575aaba583875d62572e5f
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 7E31
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEO5Xb5yqUUQz0jwK5c44iPk&google_cver=1&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bswvdov-PbryqvcBqt_mFgWqgPV_WHonu2A8nsUPY
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bs...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bswvdov-PbryqvcBqt_mFgWqgPV_WHonu2A8nsUPY
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NjIxNzE2Nzk0NjMyNTg0MzM2OA%3D%3D&google_push=AYg5qPJXMHLHM2LZxyqvgdTDNCRGz5SImW96BvtpTKOmPhYXOPgxOLAs48bswvdov-PbryqvcBqt_mFgWqgPV_WHonu2A8nsUPY
date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
dot.gif
s0.2mdn.net/ Frame 7E31 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEK7XeQlLviocZYKeZX9P0Wk&google_cver=1&google_push=AYg5qPIw_r3Hvn9ZSVOVpo11859g52OMeRWhVCP7EXhWWODLKkxJnWTZHNX0l-X1-8Cc77twG5g2bdQm5UyMWnYwPRJ72pnwUTUM9g
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 23:29:35 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7E31 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KS2OqYKiogHaAXO2G3TVOc5ihYtQxMIqd1WPQhFZ3RKJneOonWSY1_2o_avX-ie91W-BS-HA
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/ Frame EFDD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 22:01:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 09 Sep 2021 14:29:05 GMT
server
sffe
age
5312
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1954
x-xss-protection
0
expires
Wed, 06 Oct 2021 22:01:03 GMT
optout_check
beacon.krxd.net/ Frame 1F9C 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=29 t=1633476575
x-served-by
beacon-n012-dub-prod.krxd.net
content-type
text/javascript
view
googleads4.g.doubleclick.net/pcs/ Frame A3B6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_eoWVmd8AF2qEIx7Qlbkp_Xt3yImQjEVwpa9xXrwAzOHNefF3cVlzPjmRDirgJ8s96ysWV0i8yebohYhoAXBSFEzrG3hgaPdtG4S0m3hc6u8KEBF1xJdVb8QZnFv-RshBd5Kf5DPHDp7joSb9aM262YNjrBP-wh-ZxOvVdGzrRSE1X4lqy-wIY8U2gzNaktQGim-oDg-5jfo0q35QCOV19UQVFe4ipkcyemBFNj2EfVAK7UKkUja3Nliku-JvOBytauJXQYbMwhjvQ0uhtlOSev2hmQ2fEYmMklmQq2qWLz0C3hpeQ_7T8owv9jFIWkE-dTjLv6QrzK8T72gvhAa1aP4QDENTn9xMbFpNiueFlCgKaDicjvjER05ZeXGVEa3OOmZhY8uYvKH_MH4mZdC3DAY9yRW4lGBSa0cIxYQegxP-eVV8HD-4B2qqVpICd_BckBBJFBEJMu6TRGFD7AdjpZMSN4RwJ8qxlpmOuf8JYCrFL4DeEHQeMYEdsVbWJ_yIA-4TmLZPkMOVvy7zS8kv8kI2fLrXYSktzoAurq6-kqZpncDE0GscgP-v6WRDM3tArTN9ohMDDLmpmP96OvcuN6-pyJLU5-Znnbc7AhVh5i6d06yO_W31qk237eurb7XjmWjDDuSdV18w1fT-DYvi7axCDLBJxnPcDroAjteFtnDdBpV4vWccy5RR49NHRM2ZlOAjw3SmzIEWWuoABrussEvbKEWrmzeQD5_OzP5fPyuYPzUEQ_EVUReP6eXl5so7LT6S0yCOhFaOGUzH3SZBrdUy02JTZ1dhRgA9xqHhw-N5_f4qcsrL0wGuvM30NQlMvvfVCA3Ise8KnbPzB-FIDphFR1oW1zWvREy9rBCpYMc0NTlXOI7MYX3JpDvIQ5YfAQ9KniQWCXPqsf1UHVQdk71wjstI2cCD1ybYuMw1n5gZ8CVAYoeVVnWIwyJtRaFi47eVldTnZ25yqEFsuc2eZagqvQELi5I_VFtQzDc6wzl1YwdwaQGDcTAIuv7YNcDnToc_Zg2IY_beot6eknUb5TKefSJiDEGaiSSrboepV_W7uDRL8yKg6nCPzQrj1CVVbn3cQWcEV6QpfIf7fKJyM4L_0K9-LB0fuolV4NyjjU7myuaMMuAzzpDjCJ2Jod1nGhw190VW5QQck_T4RL3a3pohuWTsRhjfuy8pvvwEpWY9aO5rKyKLGlmRmyNqtvyTLuAzAtydWhAwmUGR57b-&sai=AMfl-YSS6AT1u7faoEfNAqFeB9uop5b094q4XZi6K450Wv9kuwLA1jx2bNxlQwrvWVyoDEG5e0HgugxO4NHCSel_xjHwvC6WiZS42twageOX1ywTLIqKSN4aiWWst-d6ra5JSca5Q-UCc0XeFRzYgXk-z7ISqKtcCg&sig=Cg0ArKJSzCG2UVel6U8_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=978&vt=11&dtpt=731&dett=3&cstd=238&cisv=r20211004.77877&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
optout_check
beacon.krxd.net/ Frame A3B6 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=87 t=1633476575
x-served-by
beacon-n003-dub-prod.krxd.net
content-type
text/javascript
optout_check
beacon.krxd.net/ Frame 3E4B 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=29 t=1633476575
x-served-by
beacon-n007-dub-prod.krxd.net
content-type
text/javascript
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1/ Frame EFDD 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 18:00:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
106175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Tue, 04 Oct 2022 18:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EFDD 		6 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5b0f509584b1c474c2da802f7a4c0d9f583bc204401a8a6c4755af0269b294d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4464
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1F9C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4tTX6tpbKtVkX0rR4OkAK22DGmpJcCh4xyVopK0vEo1Ba8-wJDEPAZDRNaGxFxsReP2S4NROduDr8EJPSJlamo7PuD-QmpU9zQIwCQZK3yEnAtFhwGA&sai=AMfl-YRCP5FIPLpqrAmLoBcLyNySJ3fr7T6CrZTZdJJilXWp2JXtp8Eqv0vgkZxdQGtHI_K_Ubv-I1Z-5lKjBGSnsTx0OZNQ9NSgEQRntP7aWn6r179QGshasDHzKTI7&sig=Cg0ArKJSzIPQ7NFhQgZWEAE&cid=CAASEuRoTlO4YAOFTTkcKhqcBmRWfQ&id=lidar2&mcvt=1082&p=0,0,250,300&asp=194,1140,444,1440&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1304712773&rs=4&met=ce&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633476573933&rpt=610&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A3B6 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu89-NktQRSpCWFwQMKNRB0FV3PoDauFTz7f9GqQ6ekGf_TRyxTNuDz6ArtkDsL3ehnEg9iKx9KQujXPrqpsYr15xFmX9UbdfSU6ZitB3yE95AlmsfWcQ&sai=AMfl-YQRMgccWdf-ShSnVK2ZfAmacoXAguxm66y7f4nrtAwFYcO91ezu5Gt00jRvoWzcjcJbd3GrzvoOdoKlJwN-VNDnvjTA-q7h8b4k5-KcXIGLarzs5DRWDTKKNQAB&sig=Cg0ArKJSzInw6q1j6j7iEAE&cid=CAASEuRoCPse9GsY0wxyRLTDqktikQ&id=lidar2&mcvt=1020&p=0,0,90,728&asp=10,712,100,1440&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=167273885&rs=4&met=ce&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633476573955&rpt=680&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3E4B 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvywS8-D9bukz6RaRYwCPb31jxP6ABbVSUXhZcOJXnPMGuUi2NacYZ5f9iUiy_pUbOVI5vQ1QeBjGJHF25tKJkJ3uW2ToTqaQ_5xM9yCYKOCbkh74w3qQ&sai=AMfl-YR8ClZn1dQSVBujaAarHjczZ1L57x4ZVeHQv9KHUqUPHP-VhhnVGwSp5rZ81iZ0L7xY4aknj1VnzhrKFVYP3gfvg3cWVFlG3CcWLsXiV2AFaMsVwFNRMl2_uDJE&sig=Cg0ArKJSzPKiG1QwUDTVEAE&cid=CAASEuRoAu4sP8MPqJHgKu-txjYVBA&id=lidar2&mcvt=1022&p=0,0,60,468&asp=530,496,590,964&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4006668155&rs=4&met=ce&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633476573950&rpt=627&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EFDD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 05 Oct 2021 23:29:35 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B63 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHl8f3t9cYbS5FYaV3wPyqa_IDAAAAAA4AeAEAg&bg=!j4yljMjNAAZE-GIIRPg7ACkAdvg8WgWDOz9d0n2pt-FYFiBd500flwXGWq0YQBfyM34IkI00uw7bDQIAAAKnUgAAAH5oAQcKAF0Q-dJdoje2f71hMDcLKmb686LCFzP-ucUdviUbrSvUNK-eVbIW98oBQPhQTNLodnL8c_H7MNwmKaDZAhbIjwdubJNGSkZRxYbuyZPoe-s4aNWMffhAaRl1Yj8xJmiZAwnXnqAVo7__mvvsdwDP9MfFjuHQgyJJyuKlPnviCvaOMvVH1sNWCV9eVXBv8xoXlWeSpF2sJ2UDDH_JauYmgZc4cp8enY2lUZVG065hXgf-fF2xeqwaU01g2CgrR-AZlUD_xzLTHb6iVv99OpY8uyuGYNihpZPbulP8MBla4nfsKlTzmtZaHx5Ns51hlddHMtGvFUvlEm_2SOjeL8rfTvMH5nMJqMJBFKu0F-UCUCTm93LRIso2QErxRS9mF9LbcX_vtoEpOYbWdcArI8GXOAapx8nZ2v2nBmB0QHqB5Q-ewgT41arVbylCCo94I-ww7IZ2hMttcwGzvobjuyqC_E30smKE3S4co-ZPD9v7jvym-u3xMfZgWsLW7Vm0tQw8VHCpD8bZ8HYU0IgeYkgUfQoayUGxBR0Awa9nOnni0N4uVrPdLlljnbOi6iSwMHc_MP5c1RvX7NUbzFqP-WNzaiYD-vNIgRT0HBg79mZIip_VLm6_GVZ42GwgJ15xKPWM8sShKSSiz6xYyx93DMy3b_57XnNrtUcUQYOYH03RSqQRjOb05bZ4Smr__sdrFQhfvJM9eeuklsg1GW_qNXeMWyBNVKndiGXRZzjscEyW1hvMzS3oQEJaT8bjpHNhUd7XnsCzZXJgiKXKTHtaliv4237pgaaAEGWYkyogzkm8aLh9GGoPMu4KM7f9GNUFolIAD3X_DO3nMbzPSKzzX2iBGVbkr22EMSK4gBJ4DCpHAiyMKcUdWOMsYZPgEa5C0295r6qQlZY4QFTPEuZJrizWVAgq_09QvjJAd_p4hklE0euzyOv4XLWzbR9j_kdXxQ2tSutfD0JZc4nFEacmz4BFQPMM9Vl5lngcvqVkYgDk0HY3dVgy3M0j03rI888t6mWlVgJmCJ1olNTZp3zHrH3IHyZDSb9cMoF2cogruv_QPwZsVwRbsgW6q3FUyrDAlMACWoooJ9ZeCSO0G0pQVYsx3NKjCbBSbWSCcv2ndMj15uZk60SP7wFqq1FM-6aPiaiekHnb9oH2yMHSBm8
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 98FF 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a04480619fffaf971235b0eb4b2041c592b8d4a1ef439b85f12016139741ea

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
699a6ed6bb1e3742-MXP
date
Tue, 05 Oct 2021 23:29:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QobqpRVmfbfwGCJbHpY%2BxI%2Bh4Xq1%2BNAxwUNuMEUvfMDATN9ihy%2BzKunjE0C5QYi6X6kJiJoEa41Te78jm9r8tgSffLDjmcRTqMrQgj0fDbuH31DqzLCy%2Bz6TObfyoCsQLfVTclk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-fx4g
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H2
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://as.ad4m.at
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
aa-reachservice-group-europe-west1-fx4g
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKHcivXfp0joos6yi5lMWle47FQfaOSIpW8o3ywIy2gHMHzbSfd%2FPvkjGgQZvresSdPiUEoJjkggsR%2B4ZnmAP3HiKK%2B%2B7S4sXDjvfLxqqGCaPIb76Z6shQzWeA75xRTGdk5yEKM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
699a6ed67ae43742-MXP
congstarfont.woff2
s0.2mdn.net/creatives/assets/4234010/ Frame EFDD 		98 KB
99 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4234010/congstarfont.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:19:31 GMT
x-content-type-options
nosniff
age
604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100772
x-xss-protection
0
last-modified
Thu, 05 Aug 2021 09:13:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Oct 2021 23:34:31 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame EFDD 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.css
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:24:18 GMT
x-content-type-options
nosniff
age
317
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Oct 2021 23:39:18 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E386 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3ryh3t9cYe3DFOKN3gO1g6WoAwAAAAA4AeAEAg&bg=!j4yljMjNAAZE-GIIRPg7ACkAdvg8WuzHz3YmK6Bk94nZhJmAIQEBhutzgkCMVWRM9T87yg3pZhGufwIAAAKHUgAAAC5oAQcKADA5toPyMMAPAqEmTTJaMQicEbElpDZBWpVQbG84oABn17p_v3q5UuTIOqFGPuBUZ7SZAvvam6FvIbhLbeGIprs74icFSvZTUYZwOmGkr1l1yAaEhf6AqX8L1Xij2FJTGIGefjK37gyqK6UMpO5I-Y9a1ar2fddrMkxAvRMcYTRyaLfICR0e1CdE0QNiYU9wxfl-vMnoIxyz1BqZ7JifjGk7Mi04dS_UYLKF-p1iiBhFpVbCtGMGPtUhs5DLb5FRl4hJ6HvWsZU6Or0ufbXP_pbuwugAGEN-cFdIXTlQoVTcSKS0fkKI6mjYfiiM24LGfuB5iCaJnVkNFNXYZEv724o0E0gqdLBcJdAGsVmtnfwtOYwWBw6U9Zrt16KDgQWSpWChZ2jI9IHdVK4GP2SVmvqAfiwAOIFk1f_CNi7EjNJDpm7RgN555L0yEmAGYtAWDTDC14Ibp061Au7lLqNs0Sx_fwh4Aek32bEHKsMfHxEja-p_fZVIrcZXOPtEnkImNu8Ke7xHJC_3c12VdxvK-StN9V8YUxpCzybVa9r-nEBU4EJTSUnwTx_a9kQeRwfyahDG133kRfNLaDBzpo26s8C7BQEmZdcojs8KgkyZC-k6okJn_42d9qRkH-p-SVTowrcDIwFmpDWAwRemBbHSu-BliQUTdI3gqS7PBTrlvjG51hHAxjpW0UxOj3hR3aooOGjh8WXjq1ZeCjZkKsbEkrho6YUQdUHG4tT9epxH4_uASqxnrVN4cpY-gQ3lfhTvC_Oz8Vkm-UYuxklO-fUK8sjp-rGRa1w-_48hCZvszobLquV817lBtMd87YmFX33SYqjXV1_Em3brfTJ4c8iTf-2jhSLeTQCw5r2e0Uh6cLILE_tcdD1X472-gPzxj4C28SmySakNsyz3-xzosR01o4FCejLacOf5iDhQp8u6R0DSIsOmwDdnh4Z-TjQsHHBnyMrWpIJ5UqBHafXxLwGNJTKKsg3bEH5b6GXh2X1GfW_Zdc5Pht6Zr2gXL5o3NgkUJd_d-yE5SAdMbPOmanbziug3RDSiIrQ68GsFwRwj7vI1aR2Dckr9Ns0ZwH_P1PEK
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3052 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhXPY3t9cYdS-FuKN3gO1g6WoAwAAAAA4AeAEAg&bg=!BgWlBUHNAAZE-GIIRPg7ACkAdvg8WlpIRugW3_M3ZlEp7wNzXTif5UGgvBis7KvT2FJsCyxIY6LbYgIAAALGUgAAABdoAQeZAwFdEO1IByxdvxJwfObd56oOi6IL4NmbIlsAftPX3P8z5-YullBwiu_2E58cL9ZZEFfGH_McsEsW-PnAQqtDgWVJ8JOu7Qk9oLXa3FYVkofFypeT4F8a8jtLItR8U78YavcVSnNGbcna9U7uyjDwpGRirY6TwHPmTdnG4jwfq3bTW5iUDUNPv43CrhPQzKSzxx1Ue7YsmSbZA9zkLkFV5CKnUAcoNVPheziBmAQNDoR6PE5x-Kycr5ZLX2D7N4IQw8si7sJ0b1OeY4HMAGjh1_jUEZ7-6XihV0bVYmPSRUa0M6-NOsKFZv812aGIQ_Q5uvAZ7huCDCXcS3yV9P4rmeo1fVrCQIuprF_QvGhYYHOhqOOfFdN0YQm-IpJ8EE6wKdXuO9H9b7VWEGk-uNcfjxyxLLEXiSIZkxcg6O5tqBHRL6uVoB0std8jNuffzuM7YiylcjNjgFcqUMAeSm1nVJ4lKWxBHlqsW9YqziuPBHctLjoJnXLl9RPzllE9CAoxIxO8Pxy7p6UXXjyBKLLZnkmFqYyd_pQxXIxYwinklahSG2D2L2Mpng8__fuANO9jrpydGN101TA9zIg-3wJxvDAar1JfuH4Cvujddc5uFSR9sf3JsooPqp7M2TaWMn8nLfyP3sJq0VVG9By4ErCFAy-iNW1CNDSwUiGUKBfjADYijhV421qLMFlme1T6vzqIU8QO6Xc5vALKij4Gah63MYnTMVu6bb3YPDlrpLap8kzbZFzJni5Ysckfmz_AfRm66aw8IrGOYwiNOdxj_6YfHmQkYGhViVx6OIkFoMS1T5tszjISilVRP386gQVkneHd2lS-loOHN_JcWLirurymLIVsIhTjxR53VifQUAnTBwDKCEK-o3nO8JJ-niEfP0qD9K0XujKit1ovkM1JmFxrOjAqAYkkS_0hyu9_f_HEWlFXu71Kbwih9D-LHDYx0PgqyL0p3CEd_VjMsSPnQE_2Pt0R0YzdmSGlV-DyJ1KJGIMu1lSdIVSNdu_UKp710eqLdHM3
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 26D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
device.png
s0.2mdn.net/4528516/2173885051601150/ Frame 9E58 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/2173885051601150/device.png?1624447940757
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fabbec15801a30e129cb31d837afb27195efaf3747e1babebd01375aaf308bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2173885051601150/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 17:20:51 GMT
x-content-type-options
nosniff
age
22124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23016
x-xss-protection
0
last-modified
Tue, 06 Jul 2021 10:10:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 17:20:51 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1F9C 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9-tliVp4rGLcyEGaa-_DbYNmydTmGcO6Mc5suCC3H3BfY_Pddhvll1f2lQq1dWZ8DhECuxMpyoxGcIpl4uRFEDavh8v_1lbEyomPKeKle02XRTJd90BOFurokbrZZa0hvQlxSygM8v-nz2ONcERY3TkqSGsa53J2Bic9t45a3OxwdYzX8S8Aq96Bq7VVva8I6iKIWbcRWqJFu3l2EJeNeumAfBa6_8QWdX8Q6BIf-2X7iMX3ko3ZUy24fgv-kCMm4Zp-GDjDs2_UBUI8-hj93DEF-Zj1iTCtjLQjuX8qCAtlJBqxUg2-YmRKalmkOT1i1s1RFBnHn2pq6iyLnsO65WeMnTzhOTgsmtIGkfBfMohE1Czzyc9HWNoZw-E0qBl7cU3n9XZh_z6s-iVpmaAgMOc-Mo7mmQPL2aK8s5KyQ3taYVUsvvGJkTow8mjpzgMTPMzO9AusIMtjNxDhbifi-BZaaVvLf9vwMIcJT4h5LdCzrTyaqo39FKLs2o-d19TezexVtAvx_TcR2JDmEhLDLsyYM-VLxt3boe09gSZg9Zv5sjogPCieS_tvGDAs-HlvKJwjTdV05jg-PXw_R3QO2LuBVbbWvUbY36-KRyxTrDU2I-V_RKCyU6rP6sfsRJDDds-cKDK0C69bqAUcIOM5MNgNF8yRUbQmgO_MMPRvkB4Ykaj0_M_blL5lwBFAqKOUwYJ-e9iqsZOoZuK55V6_7cu_oXIBo__mt4lnLfIvtXZsRm-sCe01E_mAc2oDmx1U5VmL9RGeslt0RQkpvlD54Pku3IIA5cfaO8SZQo5kCGoHm-bkPq_fgd1TXrXVXcZs-Y6jOHUiZivbKWKFtOexneUjSRMGsWVrkWrrFetbYbnetf2XevPyCDVQteiJnefO-ogbYFyr1qz_VMOilOW--R2mnr0Y4tqMvDHp8zb8XS4V_tku4ZIogb2hNggqnSKtXd5LojjFExUOpFs7zIVzLDiUgHMyEdSeNaf31nbCOvf4blkyFbvAj09Gq2r47rCMI18dwAs33sdq6YysokwzvfH82_ZdyfTHAmU9RiQxJqeqV0fezGfbaNUdMNabjMTGGn3mRfgB5RCTEGuBydET3JB8TXTRfquntLP5KfFAg6b4TbM_RRwpy6SzekGcmJdImAM74Ke09NAsjr2MORo5BC8FvcMkL116J7YPbpw9Uo5VexHp2Lw9gJmW4InpKA8mIay8ddiZcV-VFpCD3j6B8So_ptY-drok&sai=AMfl-YR_70O_16pVLstSQIgMSq32BJsnD_ypYcUi0TaN0nmAXeQh3Xm44j7n995Utt40nJrIdKA1IF_zWa2NL0XmMaww2h7AgwIHqLnO0-sVw9kW5Q3A-18C4MA-gIAxGDwcu_j9fo8V-mQz6rBEM_Xu2LD3-qKSKw&sig=Cg0ArKJSzOomu_cUaQwjEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1328&vt=11&dtpt=1069&dett=3&cstd=255&cisv=r20211004.33333&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
optout_check
beacon.krxd.net/ Frame 1F9C 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=57 t=1633476575
x-served-by
beacon-n019-dub-prod.krxd.net
content-type
text/javascript
visual.png
s0.2mdn.net/4528516/2128478866615035/ Frame D67A 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/2128478866615035/visual.png
Requested by
Host: aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
URL: https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7f2fbe414e0b79e516fec53f54d6ef6c914cea4e6ad1e804bbd762ad8332dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 16:01:22 GMT
x-content-type-options
nosniff
age
26893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59019
x-xss-protection
0
last-modified
Tue, 29 Dec 2020 15:22:46 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 06 Oct 2021 16:01:22 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3E4B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss_GFK3bahkgk0sFPxMGkuPVPyLANOsIRSGLGzOBaH1f5y-IujTj82lOs-KvORkxKU8J5hQ37fCkjW3CWsFlp5J8LAv-Ccn_h29rXs3sCtrRjJYdYVXT0Ubl6l2olF7poGtPTuMHuOnPdg_5tz98NyMqHwD7yLxXyRuEsMDAp6qw0qvaUKg-GYCO5Ae3Qqai-2h8u7csPuaEjZaZ1m0mEJ-RdXtUHF8-DNZKLCGu6xw1XrllhJGAPLq3at7h94PrUBsKSfaHa6Fmc8YDZ0T--cWj5eiG7ovCfcE-8Ivb8ZcO7N0kiACmkD-sItzNzQ_mh9qyb0Nzd3QOEuhNPCkOYFJangi768U9FAvF_c4PM7Bqxd1QBfQ0TMqz1AADp0vtIxhv8SYzaqU-oxE_oQbN8k0wxsPzH2OwEKpO1kXMISBLLbxqNetjwkK3ERozwDCHRIrYcIM_zbfVVSYmQDVbvS3Xlmzrjv7vyBoEM_MxdbuEoZrshfxZ0ZkonYe4fgvLUNFeRtgrg2UxYmnJoaFONVg0C8EtcdW6stOEg9ne--jsEPmtpSj1atOUCf6IoFaEzBpOR83H6uy4z0f0WyRWyxhFR0BJkDEPqdpDjXmhtmyqIl6EFb5od0nBSqRWVWBvFg0tOwayhpGCvArU9D-EW7UC3kPwyFtQeyUXYJBVFqOZE49pLK0rkxTxu1VasUkWOHgX5gPZsK-IJfu-cUiRJmFF7AyGrZU-IxsBnGEuCvYv9Dj6vbAnUSwZHyrCWdBbLuI6TT11HRD2Ib00c7H0psTaNyGJhnkfHGG9M5-kSkJ5R6-G75Tv2bR8vfikEIn8Oda58y9kZWrMSc-4GqgK_ovFcuEXvrk8sFmAKTyATNhF5An1_VpHd6NBESfq_icfe9xtJW8Qxn5xdyKI0hteUBFITRm_230t2bUTu7RF-g0og7q18n-1q9Z0wh_ofVmRKU79uCWDkTkO-Wkkmmf8dN3yg3py4Nt4mV5Cve1tnaJSWEr1ns46pzI4B3dSvG3iZLHjEkxW0AIepWxzg8S7qljS4qxfHsfK9EImiyBVd6stk3di6r8US9egd_jCXxaMTj8UoJj_WD0tJA69dTlw7ijNnumtn1YRKZ0_LbLVAaEGSTos5BhirLMEPQNQAN3YcEubAeDHEh6HwIx16nNQ6SG-RbNi7QAlMD6lTlJRo91oW0qzME7Twi0FaEiGI9SFRKsvL9kKj4mRfjUEEtMGsr0IS6m&sai=AMfl-YR31rxiCBoS3sC49L_Wefz0pu56AV3wdTAGEWr2DKQLDEcYo8HOB2LQxksc0T0pov2q-NzcWZB8ABUby97jbFPxEDYE6P27tlOAw9b7E3pWbKI0a7JGCatzN9ZzEBjoQvKvshAburpPEowPwaz4FdvO4SqpuA&sig=Cg0ArKJSzP-312sih4A1EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1298&vt=11&dtpt=1044&dett=3&cstd=252&cisv=r20211004.92168&adurl=
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
optout_check
beacon.krxd.net/ Frame 3E4B 		81 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.congstar.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.113.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-113-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=28 t=1633476575
x-served-by
beacon-n008-dub-prod.krxd.net
content-type
text/javascript
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211004&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f2b713b539c249db82d10682e313c44fe495fbdbdbbbf77e661f9cbd600d6a78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8559
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A7A6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhR6d3t9cYa_VFYGMlQeJyo-IBAAAAAA4AeAEAg&bg=!CwilCEzNAAZE-GIIRPg7ACkAdvg8WjBdlS5YnQHFCZNE17iDhZLKouAMenA-E-lWXtg3VGwCGNDuuQIAAALMUgAAABFoAQcKAETRAlMAU8MFNg2gaUHZeSq6nVjYxDriqI6gODLzTHYbYJmkfH9NQizBzftAAxUzxJQSUrjiWgDA9T_TBCQRcWw7758m85kDLqIe1S_cE4pn7PpY2oNk1EwijS4-tJsxR8IB6epcRehS53gGMf78ah9pkzWZgnLAyB2kwtFp5zq5PJR2GGaikBGlEsg_7g4rRdPS36qAbEFp66Ogh-YYP7BOvzFeYrp6xpydOT8YZmaxUIfyJx1-2-2IylKqWthVNkX7_IemMa4cUzGOCAsmxyMQjp2HnjRJUvAysuRby33m-pA40Gb94b_fRLeOoupF_VFW9zJi1_9lmSv-S_Xh-tEKgxUNTHfDStlNzygQT3a-yrIdxw44uWu-ee14L-IwR6MJX9ozFHipz3LnFO6FgiQmWYNkClSOOkB6cSfn_YGyzQRlgBFTk90N8Vs4ANC6jTH9s9ENxtlRfaccjP3zT3DQiPDIcCASyZ5KOxEH5dYeeFmj5D4R6alWeOdoG8Dd8rNLU3bkw18TFpc3i8So79PEqI2soZ3KSQF59yVAi1bzdmeFzycw4qWT7_V5XfSQsn9jKwzDWfeTmxKWrrhJR9UXbW6xrH23d8yTwURNlr8ZT-qhJi_ENBt3-pN3dolQP6X4yjXOaMQC-EoKgjsfJ-25fw1tyJXmv9zR8HpdyVZK3dylQjPT5FqAUXcKqOZROOT-xc2_B_-AHEVjzo-xMFTDURkDz9Mc-xesQ_JjvPfsKe3hbcua2CXR2RsFHUA8xfIm65l7NNONHuWUB_Zo6hBMpLjy-Rf9a--v8wyO99U7J1llbnq9THvEbIe2klIi1YCnTLprbcQAWUclVZ8iG5UbNJ-afmsiHhXYN0agil_-8dtYtuhesWqW3o4x76b_438-SE1YCNEwmHVOFCgezuo4AM8mXr02rqAfITMkSKccZ_rYq9fTMU9VXMS6vlfa6rLHQvUpgTrjeJPL8Z5mwB7tJpduD0AhIx_RracsUI8Bus2-JIcTueEnUXrEBszxN4iSrMwHPM1RXS68dIT6RUFFxXmM0DHFbe7T7diEJ63MTMoYLqf4tnOIAYKSJ2RKuaOYNPbAjTbhJ-JpcK5FlYqEIFzR_8ifqT1K-0cD-f4YIMhoILDdEVazRCFjjNAtN0jJZ-8oNEKVKrgu27mF4m4WUanNfBU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.lotterypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
699a6ed70a8ad600-MXP
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lotterypost.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
application/json

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
699a6ed72abbd600-MXP
vary
Origin
visual.png
s0.2mdn.net/4528516/2173885051601150/ Frame 9E58 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528516/2173885051601150/visual.png?1624447940757
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
812efd9ef7bee94c6ab93aa418e3f0f232df2fec1cf8cad4476d5552316cb3e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/4528516/2173885051601150/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 08:54:28 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Jul 2021 10:10:27 GMT
server
sffe
age
52507
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56303
x-xss-protection
0
expires
Wed, 06 Oct 2021 08:54:28 GMT
mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
s0.2mdn.net/4528404/ Frame EFDD 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 11:01:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 07:12:27 GMT
server
sffe
age
44876
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
expires
Wed, 06 Oct 2021 11:01:39 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&bust=31063019
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 05 Oct 2021 23:29:35 GMT
rar
as.ad4m.at/ad/ Frame 2732 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54ef4aa50bb568bba9d78693183de4eebc7c883909576e8a790309d85725e5a0
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hv75g4e8dcwq7hk0t8jtqp1txj1vhwmecvzvhm094s58h2x4j5jetv34ts23erbpdvfadr67qdc563d3e5n0p1jmcvjbqzp30myq1bj3y53rhwvanpt2xcf7qvgw602rf3y1ncdbh9x58vr1wkkxm1539nwrcddgbagds2f2r9c8xrymvf48t5zvgqpagjcp6r3qvvry0csd4g70x4qsad9fsx1vsrkt0jha6eq0nh83b1ehbvad3wdn849dvtwshf6bj6gaq3eehz64v996cfn2wwzxs9dc7ds92hh2cp42tmp2hcedpr3z3g5s4rrtz6gs7styzhwxafyr2sy3fptyy8xgaegxb8zfm7mjvf37epr1ts1qfdt6bckce7f2tmf09mj3t058p19kbkr0cdh&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%26client%3Dca-pub-1121228379837289%26adurl%3D

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
699a6ed728f259e3-MXP
content-encoding
br
mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
s0.2mdn.net/4528404/ Frame EFDD 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/mhorizontal-allnetflat-sb7669e89-51e8-4fa7-b144-a3f787a01152.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/1631190739197.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61875219/20210909072905410/index.html?e=69&leftOffset=0&topOffset=0&c=E46hZftWpH&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 11:01:39 GMT
x-content-type-options
nosniff
last-modified
Fri, 30 Jul 2021 07:12:27 GMT
server
sffe
age
44876
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27852
x-xss-protection
0
expires
Wed, 06 Oct 2021 11:01:39 GMT
activity;src=4528516;pid=312889049;aid=505449620;ko=0;cid=156970804;rid=156825352;rv=3;stragg=1;&timestamp=1633476575884;str=Show%20Slide%200;strtype=1
ad.doubleclick.net/ Frame A3B6 		42 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;src=4528516;pid=312889049;aid=505449620;ko=0;cid=156970804;rid=156825352;rv=3;stragg=1;&timestamp=1633476575884;str=Show%20Slide%200;strtype=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 23:29:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3F8A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 05 Oct 2021 14:21:40 GMT
expires
Wed, 05 Oct 2022 14:21:40 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
32875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 0486 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a564d46c5c1f14680cbdec207077b33edf700931fc52f87f0735d7e06e2351a7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kosAYCBOmQsVk9xYMgIkdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 05 Oct 2021 23:29:35 GMT
date
Tue, 05 Oct 2021 23:29:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-kosAYCBOmQsVk9xYMgIkdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2732 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1076054
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
expires
0
last-modified
Thu, 23 Sep 2021 12:35:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
699a6ed7b99559e3-MXP
cf-bgj
minify
B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 2732 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
531962
cf-polished
origFmt=png, origSize=35453
x-guploader-uploadid
ADPycdsDMLoWGK1_GOYfF_F_IOQk2Jr9EJd7czSLbbwdykrFj1LREmjUze2rbbkcUueCFvAQmLfBx8f6EzpL0fCp6ciH3qcxdw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
18872
last-modified
Mon, 18 May 2020 12:30:29 GMT
server
cloudflare
etag
"e18c9634cdd319e69c2765475f29cd13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4865ElZaKST9eiquWOj3yTw5PSw787Wq1Spe4A2o%2B2Vy%2BTimZHj0M3%2F5hxpgT8oQzI2mv8Lo%2BK3mccSIvQbMOrAvpefvqOEPeLJzJmdiXGAM30Xg8iFkct78ckODLVM10rVOHkSCrp%2BOpy2"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1589805029334103
content-type
image/webp
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
35453
accept-ranges
bytes
cf-ray
699a6ed7d9b059e3-MXP
cf-bgj
imgq:85,h2pri
A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame 2732 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25177
cf-polished
origFmt=png, origSize=4031
x-guploader-uploadid
ADPycdv9QaMSWAgPGeBFtCc2m5UAVkplB4eWuTPg2kfydIlcBA0cD4Rqji8zLCiX8I46vvuNuuhxcdjKL-17NwvuebiR3egNiA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1598
last-modified
Wed, 20 Jan 2021 17:03:56 GMT
server
cloudflare
etag
"7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUGB7mIegI0bEpXhe%2FwoDqQa1I77Ui9fOOdGAtCRySsZvsXZPZsgV8pcRAQy%2B62Ee4T8RXso92N6CMkjAppVa0b%2FJIBy7%2Fgj9tmhsaC9wrDvHK%2B7YLTukfum7%2FXEOafMID9c1HtWZGyg9UfI"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1611162235947637
content-type
image/webp
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
4031
accept-ranges
bytes
cf-ray
699a6ed7d9af59e3-MXP
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 2732 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:36 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame 2732 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25153
cf-polished
origFmt=png, origSize=44613
x-guploader-uploadid
ADPycdvimmw7JOBtIJlbsvs8Bc-DVoNwBcINEoEWptBK-fhshdVIZJTCZR39iq9vKxpfDLPpJ6SfdTZ515GXidN3_F3JKiXuvw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
39202
last-modified
Wed, 22 Jan 2020 13:11:41 GMT
server
cloudflare
etag
"c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChnD7LnAwhf8bkJABu%2BiZjzB00i5DLxUasMpZrnil7L4EY9AnohMrJvh6uNgXfqj82LnKIl9%2Fio8epiOH4rt%2BHNKWj4qaoywO%2BIDdCcg6g5peN1iPQEqejOiWDT3G%2BzQ4HydsiCgyJeJt8jY"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698701189315
content-type
image/webp
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
44613
accept-ranges
bytes
cf-ray
699a6ed7d9ad59e3-MXP
cf-bgj
imgq:85,h2pri
69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame 2732 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
784489
cf-polished
origFmt=png, origSize=136328
x-guploader-uploadid
ADPycds8vm7yov4ihcuVlxBAzxyHEGutJWUvIjEh4Du-GwtQNXuYS3ZppIiI2vUiO_1U3vQNNoXT5OWiqvPkyPY7Rek
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
115268
last-modified
Tue, 29 Oct 2019 09:42:57 GMT
server
cloudflare
etag
"0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxZq0ViHUEWajhscZ91PpYJmALUq4gRT4VUj7atRryyEgniG2%2BJCi9Im6zIib4BY2xT6Lk7L13A%2Bx%2FPuI0ejmcu6PeU94E8d16iXcihQE5ZsVQby6uNDN2%2BGm4bTUxgqXjtjbF0uC8T3%2FCte"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1572342177666668
content-type
image/webp
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
136328
accept-ranges
bytes
cf-ray
699a6ed7c9ac59e3-MXP
cf-bgj
imgq:85,h2pri
cshow.php
www.awin1.com/ Frame 2732 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-239-217.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:36 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 2732 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
532797
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdutyTd7Ts83wWWcskGNjuvof-eZgCWtJdhRifIrChgVv-5YXZLKrEynOyrb5TVo1aPDMROOc1hgoSnh0NHTv2-hhLfPzg
x-goog-storage-class
MULTI_REGIONAL
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APNa6%2FgLEJZdev7KPmwRPZrkRrEoiPH99uvD0Ma1u%2FN%2FRk9HvGY%2F1HmBusfkXKjucQvBKpRZ24YPE8qJ0pIPzAxg2XFO6IYc6nLiyuRCVb3soqxeY4GKYkqOa4g5vdoQgmD%2FOcuxfrTz6UoW"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
8354
cf-ray
699a6ed7d9ae59e3-MXP
expires
Wed, 06 Oct 2021 23:29:35 GMT
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
x-goog-generation
1579698787150900
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Length
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 2732 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Tue, 05 Oct 2021 23:29:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
441103
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycdtgGGhBRI_1_r5SwokBTKMYOWyEJmZq1U8e_EN4B2VNw1yG7z56s5f3cylPLEtaS2rjk2wfAlgdI9QF3lowhzibLms0dA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TH7vd0okayHRJRYQsXeCe%2FuAMthzOfEbqtMxjc3QtK5Hn2zgNYy6st3VHgzFXgYa7vVZZVNT7WSqALv51j7pVSC3XIls7Wf8NsM0xxUFL%2FDKnZaNrFLY3%2Bu6HXVzMMcO7cdymizaKo41g3v9"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Wed, 06 Oct 2021 23:29:35 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
699a6ed7d9b159e3-MXP
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 2732
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNe6vLi2tPMCFSXnuwgdu8AE2A;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuid_mZY5kPkMYxMTJUwU-w985DBhMQSxkCVasuid__dc_reach_suite02wkz&gdpr_cons...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633476576_1a3616b0-2634-11ec-bef8-692d023ad792
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633476576_1a3616b0-2634-11ec-bef8-692d023ad792
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=120&d=600&e=_mZY5kPkMYxMTJUwU-w985DBhMQSxkCV&g=253f03774aa78ba184f6b4e8f32c9845%2F9898034171487713734&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1633476575816&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hars6aq0nxsexc8axjs3q0jmh1nfv58j9smtqpagrv8e57000ym0mwnbtqypchxxvxmcsvaa9bjv0q3setzd3hc6z10e8heyys00dk022a5wn41trqpzybwbv55dkzryrsrhzph61bzv0a71qm46vn3zg8bxvzmmp1xvat1yrxkd4cxwfsxy874h0zjsrbvfzp8ysy7bafa9edvh0zrhgf7zzwwf58wzdy5gwg2y91ek7aq9fvrqsqq45c1sekb5nncxxgy2rwwe%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCpgeo3d9cYbLRFt7X3gPKwJGgB5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTExMjEyMjgzNzk4MzcyODmgAcKu6N0DyAEJqQJzeRO0HXWzPuACAKgDAaoE0AFP0GtzWAUKhrLFqSwzJ7N927tHQZt6l2ncLLZE6ceZQftHQfef7apogBdhclM_8CBcotyr3qnPUq4bGeLjGctxwzRoTPKQRIS9VYfLW7tQbcvU-LwtO5S7Q5ClicQ7j5y-7O_JKb5062w3QB1blpc9hNVZcp0rWehuVC6CejJ1X2uDuspnmHqhEzSWJOLWuFEc4YQQhKApe3S9j0yy0NZEUgfw3UhDcCYKOf2Qvmi38xWYXAljLoHqIqa6VYGnY81ZZPQE2oOVSEqsUKQLqcTM4AQBgAb-lKmSp4_J-P4BoAYhqAemvhuoB_DZG6gH8tkbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2eLRqzWcWoBGxoDL1K3JNjxxFNJg%252526client%25253Dca-pub-1121228379837289%252526adurl%25253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Oct 2021 23:29:35 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Tue, 05 Oct 2021 23:29:36 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1633476576_1a3616b0-2634-11ec-bef8-692d023ad792
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0486 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211004&jk=3983645627881113&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 3F8A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 18:32:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
17802
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 18:32:53 GMT
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame 9E58 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2173885051601150/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:07 GMT
x-content-type-options
nosniff
age
209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Oct 2021 23:41:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20211004&jk=3983645627881113&bg=!kpGlkdXNAAZE-GIIRPg7ACkAdvg8Ws2kK6Lq7xcmyYhXH_jibwZOxT5jmUEylLw2p6UJlbEvB4dJggIAAACYUgAAAAtoAQcKAGef6GcZbVAtsA8YN55d34kFtY0N5BchDzjSDNYFyS09Lsc5lOFi9QlU4TMOEaFkaW_tIrRCpoTe15-m-l5GixTCCAy3pHTxmT5OobevVYajrs-RZJBtzvvEzAsolBV_4i0Zc-MqQSwtmQLONjYpejc1ow_yyKO90kx0yqv1zJBCz5gbPN0dIj19BZ4mufHSQP7Wc94aXpP1PQifPmWxVJE_pyXAe1NVa9NLUgLwhXRqTGnYmebKprNh0zZv6GAQDrxljLAFrTGP0PuJ8bk5KhclsHYo6CD3SOp8AHl-YtiAa1FcIkSSBMitPEqqeMGqXjdbHttaoJR3UIvMOIkTn1p4N2Z9V1YSqP3A8KgwtS9cFXmqQpHdnmMKkqICpM-oGH3xoXy7o0Y3ppVSbXDVtMQ-EmkjNFULjX8e10XOqPDYfZEnzDe-c5BvNPVZzIx696zcjuMuRT6Atzj3Ux2SBOxCEyMVw7TeTjGVh9SUao_bRHQh7a_EdoFZ09bx2fb30HizVJiaRetA7PNtZ5emDHGvjlz7DuGKA_13rw0huW_jqXQQetwtBbrOV3ebONdSpTvYBCpTYyDrNTF8U19hsma2Bksme2F-jS6LQSriARvbi7ulgJvCmlUE-k9-qUFBTJRJ-ZcRSE4COpAY8AhYTaWbztZov2on4Hc7L1w6662jOr4mbsqaZggzCzUARZx3-ZID62nTmsO2dl4JxfXvDpfnuq-ELm5KPRAMdjlk7ULMRxjP_7emROc3tmtKF5jaR_5A_3_6MrgSC-WCwrrIaXPSMyjmfhAbQZtKl3uK6FLKwTL9fn94Zzt7M-Aglrf8H3hCcrys44QFsouEuzjK1bo5IEmzJuNTNqvdk2kgETGfAbQu0-R9sKvorKMSGtJFuuA2ih_K1pvIpktZV1AWteqYL8ActE29sdLlBgMYfnFTEjQzDZG1uqB-hufVMnUywp8sJ7awE2Kx-3UQ_NSEvGcDvImcIxGAQtxRjlcf6VK7x9sLz9MrbwBivDZIKUFAyiA8wVQzD3E1Cu0_Fm7tQV2jAR9EwJVuHBt0fKrl2Q-OxBVZHw4dc1z5cm_lCPzNg1qNZs5UDU2GNg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
CongstarFont.woff2
s0.2mdn.net/ads/richmedia/studio/45844501/ Frame D67A 		102 KB
102 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/45844501/CongstarFont.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2128478866615035/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:26:07 GMT
x-content-type-options
nosniff
age
209
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104232
x-xss-protection
0
last-modified
Thu, 06 Oct 2016 14:32:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Oct 2021 23:41:07 GMT
86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
s0.2mdn.net/creatives/assets/1881029/ Frame 9E58 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/1881029/86bef0b5-fa75-4ca3-8394-cb7b5a474a45-3.woff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4528516/2173885051601150/index.html
Origin
https://s0.2mdn.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 23:24:18 GMT
x-content-type-options
nosniff
age
318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58447
x-xss-protection
0
last-modified
Wed, 15 Feb 2017 10:23:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Oct 2021 23:39:18 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEHYhDbNng1fVt2e4bGfYHWs&google_cver=1&google_push=AYg5qPI4A9bj1WJE8XJXKrM71dRSIu43OG7OEmuC5C5j6PjiNZ1THyBGRJvNZhI9emkYdhYUYmeGL4CvlQladN25IikPE_QbfDw

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect boolean| originAgentCluster object| LPPreInit object| googletag function| pbBds object| pbjs object| apstag object| dataLayer object| adsbygoogle function| $ function| jQuery function| pbjsChunk object| _pbjsGlobals string| dataSpace string| dataSpaceStyle string| dataSpaceAnimated object| effect function| effectsEffectSlide object| LP object| LPCookie object| LPErrorType object| LPError object| SW object| gL object| mL object| __cfBeacon object| ggeac object| google_js_reporting_queue boolean| apstagLOADED object| google_tag_manager number| google_srt object| google_logging_queue object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_persistent_state_async number| curtop string| google_user_agent_client_hint object| _gaq object| _qevents object| _atrk_opts function| atrk boolean| _atrk_fired function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _gat object| GoogleGcLKhOms object| google_image_requests

66 Cookies

Domain/Path Name / Value
www.lotterypost.com/ Name: g
Value: a=44474.8121764815&b=44474.8260653704&c=%2f&d=
.lotterypost.com/ Name: f
Value: a=44474.8121764815
www.lotterypost.com/ Name: tz
Value: 1
www.lotterypost.com/ Name: ASP_Session
Value: QWRQQBSB/BCDGKLACAGAGNCGMGIMEANJI
.lotterypost.com/ Name: __cf_bm
Value: 6xdpsnYKnglo_x9_VuRoQsrUer6LdRtxMlTWyGgMOEg-1633476573-0-AVnVZxsmp97h3JYqnP1IjLjf7Bpclybs8T0VPqogMnmVj+QC/gGDOQs4hIkSVoxzW0B4qwTePlkcfl9DtfKli2c=
.adnxs.com/ Name: icu
Value: ChgIvtpWEAoYASABKAEw3b_zigY4AUABSAEQ3b_zigYYAA..
.adnxs.com/ Name: uuid2
Value: 3516465167777035173
.lotterypost.com/ Name: __asc
Value: 02e52ed017c52ca77e2e91241fb
.lotterypost.com/ Name: __auc
Value: 02e52ed017c52ca77e2e91241fb
.lotterypost.com/ Name: __utmc
Value: 130209170
.lotterypost.com/ Name: __utmz
Value: 130209170.1633476573.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.lotterypost.com/ Name: __utmt_UA-7096458-1
Value: 1
.lotterypost.com/ Name: __utma
Value: 130209170.582819757.1633476573.1633476573.1633476573.1
.lotterypost.com/ Name: __utmb
Value: 130209170.1.10.1633476573
.quantserve.com/ Name: mc
Value: 615cdfdd-54bda-90494-9e81d
.lotterypost.com/ Name: __qca
Value: P0-184219623-1633476573330
.doubleclick.net/ Name: IDE
Value: AHWqTUmIXyAOpM4oylg8hiqbX1sqhUA2wbi9JAcUuLS69VVcBBjj_aSxhCx5dz3SAtU
.lotterypost.com/ Name: __gads
Value: ID=f80ea3595f0de998:T=1633476573:S=ALNI_MZ-lYdjPfGqUhDm1NH9DMqH7FMT9g
.casalemedia.com/ Name: CMID
Value: YVzf3h5ZxTc3lBCD-T.NiQAA
.casalemedia.com/ Name: CMPS
Value: 5203
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVNx3N`j!]tbPl1M>e)ZlrFUfJ+tGXxoTUGKCTHPCKH_%3pvat['/<r850X^W<BXAee%*bpRz*qF1`*baYx*WYr3
.casalemedia.com/ Name: CMPRO
Value: 1216
.casalemedia.com/ Name: CMST
Value: YVzf3mFc394A
.lijit.com/ Name: ljt_reader
Value: ba575aaba583875d62572e5f
.openx.net/ Name: i
Value: 9cdb04ce-649b-489b-9ca8-4f0e3b25acaf|1633476574
.casalemedia.com/ Name: CMRUM3
Value: 2d615cdfde2760CAESEEyEQlsnXMPyhAgOwQpYT0g
.blismedia.com/ Name: b
Value: 615CDFDEFB5490017EA3F680BLIS
.yahoo.com/ Name: A3
Value: d=AQABBN7fXGECEFoYrVSOLOz_yllmivnefOsFEgEBAQExXmFmYQAAAAAA_eMAAA&S=AQAAAq_NDXSzMJSWdIRxYo7YLLc
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVzf3gAAAd5seAAR
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 53D67064-7F32-4DE3-93D9-CF70E420BEB1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 851113c4a6bace5a
.spotxchange.com/ Name: audience
Value: 195c60e6-2634-11ec-999f-141922060206
.3lift.com/ Name: tluid
Value: 6217167946325843368
.adfarm1.adition.com/ Name: UserID1
Value: 7015728464120051853
.quantserve.com/ Name: d
Value: EAgBCQG0JIEA
.bidswitch.net/ Name: tuuid
Value: 2283c900-c070-45c2-96ad-183ca16b0591
.bidswitch.net/ Name: c
Value: 1633476574
.bidswitch.net/ Name: tuuid_lu
Value: 1633476574
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~20sn
.simpli.fi/ Name: suid
Value: 11306663840145189EF3831B6B56416E
.mathtag.com/ Name: uuid
Value: 6c73615c-dfde-4900-8d49-f20fdcebaddf
.mathtag.com/ Name: mt_mop
Value: 4:1633476574
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMStjCwNLOwNDUzMjM2NTEzMLUwtBDiM9Q1SjZLswzJDE6sdDaX4jU0MzY2MTczNTexMDMAAN8VilA0AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAOOSMXR2dA129QnMiHAMzfMMdYr3zS73rqrIT0ossAjiNTQzNjYxNzM1N7EwM3jFiMI3BAAEE_SDPQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMStjCwNLOwNDUzMjM2NTEzMLUwtBDiM9Q1SjZLswzJDE6sdDYHANnrHTElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAAAOOSMXR2dA129QnMiHAMzfMMdYr3zS73rqrIT0ossAAA93wkcB4AAAA
.rfihub.com/ Name: smd
Value: H4sIAAAAAAAAAOPiNTQzNjYxNzM1N7EwMwQACV6y6Q8AAAA
.de17a.com/ Name: guid2
Value: 1.8673354976608375584
.turn.com/ Name: uid
Value: 8593054910875410391
.tidaltv.com/ Name: tidal_ttid
Value: 1f279211-5b5c-4ef4-a192-12a4042ee0da
.adform.net/ Name: C
Value: 1
.krxd.net/ Name: _kuid_
Value: OZ1Gn1wy
.m6r.eu/ Name: test
Value: true
.adform.net/ Name: uid
Value: 51253458600138515
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srA0szI0sgAAxB9+8QkAAAA="
.scoota.co/ Name: tuuid
Value: 2bef3edc-e927-4a69-adfa-fdd02be914b7
.scoota.co/ Name: c
Value: 1633476575
.scoota.co/ Name: tuuid_lu
Value: 1633476575
.m6r.eu/ Name: cct
Value: 1633476575130
.m6r.eu/ Name: id
Value: eecaa674464688fff5a415466d668c38
.awin1.com/ Name: awpv14098
Value: 412871|1633476576|1a33ccc0-2634-11ec-bef8-692d023ad792
.awin1.com/ Name: awpv11830
Value: 412871|1633476576|1a33ccc0-2634-11ec-a1d8-692d067fb68d
.awin1.com/ Name: awpv11938
Value: 412871|1633476576|1a3616b0-2634-11ec-bef8-692d023ad792
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1633476576_1a3616b0-2634-11ec-bef8-692d023ad792%22%2C%22sp%22%3A%22awin%22%7D

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVzf3h5ZxTc3lBCD_T-NiQAABMAAAAIB&google_cver=1&google_push=AYg5qPIZt9BsCMV7STwWA44NLGtrhIzEbJsihwi4GCLLbD2UdxuF26ZDyH4xVJi4GoMyoD4KvM2YpBj6bj79xgvhuAJ5sHn6Xy0&google_gid=CAESEKUjZ2tH3vhyWjKmfXQmkA8
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.rfihub.com
aa64a28d6b204fa5a14006d04dbdff12.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
as-sec.casalemedia.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
beacon.krxd.net
c.amazon-adsystem.com
c.deployads.com
c1.adform.net
cdn.contentspread.net
cdn.krxd.net
certify-js.alexametrics.com
certify.alexametrics.com
cloudflareinsights.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
consumer.krxd.net
d5p.de17a.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
hbopenbid.pubmatic.com
ib.adnxs.com
image6.pubmatic.com
lp.vg
match.adsrvr.org
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.everesttech.net
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod-rtb.ad4mat.net
r.scoota.co
r.turn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rules.quantcount.com
s0.2mdn.net
secure.quantserve.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
sync.tidaltv.com
tpc.googlesyndication.com
tr.blismedia.com
tracking.m6r.eu
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lotterypost.app
www.lotterypost.com
x.bidswitch.net
cm.g.doubleclick.net
google2waycm.netmng.com
104.111.239.217
104.111.242.245
13.248.245.213
138.201.63.149
142.250.181.226
142.250.185.230
142.250.185.66
142.250.186.162
148.251.139.77
151.101.130.49
151.101.194.133
151.101.2.133
169.50.137.190
18.156.0.31
18.66.112.116
18.66.97.14
185.29.134.244
185.33.220.240
185.64.189.112
185.64.189.115
185.94.180.126
193.0.160.128
2.21.141.232
2001:678:cb4:bbbb::11
213.155.156.180
216.52.2.30
2600:1901:0:76b9::
2600:9000:223c:5200:6:44e3:f8c0:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700:3035::6815:c5a
2606:4700::6810:5e41
2606:4700::6812:12ad
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::2013
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9c
2a02:26f0:f7::5c7b:e033
2a05:d018:24:b001:6cd5:9d52:6dd6:6c58
3.127.179.79
34.107.148.139
34.96.105.8
35.244.159.8
37.157.2.239
46.4.10.49
52.222.210.175
52.51.154.99
54.68.102.112
63.32.201.39
63.33.113.238
66.155.71.25
72.251.244.140
76.223.111.131
85.114.131.233
85.114.159.93
99.80.151.46
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c30d255b6876569786f56c1e5a605ced32a91b468b25ceb07a9aef4366c4b8
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0fabbec15801a30e129cb31d837afb27195efaf3747e1babebd01375aaf308bf
10a04480619fffaf971235b0eb4b2041c592b8d4a1ef439b85f12016139741ea
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
19ec365a21b9f4a4dbe55c21cf164e69bd15b982ab5312991a0bb8ec12fd3388
1d019867c120344469403527c7d958861b81d0fc873813c97ee135f707d74122
1f49691475663af0b6f95af60cec34547603722738c384ce1e67928ba86280c0
20504c17797c89c21417e9c1bf94a7bfa4a1c5f2998d7902d1b669e4eeab67db
20ad751946c6de307b0879a5b77284f993253c01c2e53aae57c34914303c399b
20d50a214cfc2d2d34d1bbba769871b1f47d55bb1595a5061041c18c1bd52f31
22427cad9122c7a25517a21ee486b44185f761705e92b3389d7623dc8ef3b71a
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d452ca7bf499867307ebfa48373084a42e1f56ec0a26e5bb2e12f01888c3cc9
2df1e67459f1d7eda2c4c5af7e07c73f911f6c898f3d061d8f3e9a32ad63fe31
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
35a2a4429ddcadf7d111102cdddf92847deb2cae394fc88ae0b4a4c6f10afdf1
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96
380dc0f2b32c68f27730e2c0dcb9bab05b97103e26ba298a45d43d12979ba855
387c96ccbbeb381248c3dbc086b8e34d313ddad0ba99c47795c0199c7e39276e
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd
3c40ac84f4006acf81224a4f0ed516bea9de848499af9e27ab7a6d22abf0597d
40a1b3366662d4c052b65b0e7842e3e7f78c4514afb3b4a387f550108ecdab03
41ab391037283a4c8256a0d8a67f9833828d253d133eb8221093fcbeb496d252
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49157863e756fdf4eab9dea635ad433c7251a7fbdc94ef47592878b226f46d95
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e
4a342a77cd9e7bdde47e99406ad4c6fd92da4df8c3e9ef857360092c9fbaf96a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3566195744a438e72a483075dd46ea4ba6c7f069c854024f1f3cfca75eca10
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3
4cdbf92b3dffa5072e5338c460ac6c3048a7bdff00c77c72dc9227870c688b66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
54ef4aa50bb568bba9d78693183de4eebc7c883909576e8a790309d85725e5a0
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
619c8efddf09b09ffe5b1d639d4ed453b8ba7cdb86e8078b231014a44b57de0b
63d4f0e48a4f852c18776919a1964672be22804c1a981c91ea4161d9c0a9798b
6500bd4cd278cdd0e00b473891ec40860e4dde8e5a7f02ab1d2ad6e30dfb0ce4
679efa01c0db01376fbdbb83f70eb6178bb2004b7f33d30f2f4972f8454c7559
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6a933656de5c2ad92d1aed602522c19de5d193b55e2db4deee759e93368fd72f
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a
71df2ea76e7bc4e40b7c29a9b6817bc1fcfccb1262c3dfc0bfc6a30b65e9f83d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7461202b13ea22816a1182f80b8a5f1b451f3e8ec4ac147dfe74c9d1abb879e0
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
7ba2fe612796611c9919175d2695e0b59f663649ed2a77df439b3133e7cf6c97
7bf665ffe31f571f93841c1357cd41852238e36a53d4a83fda73a63e064d695a
7c310a100b2bb38cd97a6ed696abe3dd3556b707607d207a13b838cd89f73e78
7ce58446680ed8f4bae75f61c0dab8875c4271c44d06182e67a8e1c1b1b21c69
7d25315501c2acf3479ba7acf3eb53d947b003a092f895d3f2ad04842bd1b7d6
7e2612afb04cbcea013499e68efa6aec0c38aeba41cb4d16417692fe1b25f452
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
812efd9ef7bee94c6ab93aa418e3f0f232df2fec1cf8cad4476d5552316cb3e6
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853a8c7e34be5549a44fc541e13876f5c2838123142f527dab2265950feaeefb
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
85d8dd4789aef864dde1bea614b5ceec78e9d19c30cc2a14b4a358fa63df8ace
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a228eb3dc55d38329b4733cf9e742c2854218b7a1ab4444147608e530b7d222
8d3c0c686269883af89dc5eb52e5d97fbe7b7889d1cdb9ebb2ce8a4d7b200259
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8e7db196f52cd053d40a1777734ad97db6b60f69cc485e8c51371a57eba06bee
90ac99434a5c356465fa979e3ac1c9d27ddc5b0796515811bc0c89ba287c5aca
911fde909895cfdd04c73dcb3bc9933f30ba75df75d2d3ded11d71ea2488e276
955989f9323a6bb8a2cae91108aca7193f4f8e8e782e1ccc374430dbd254afe0
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9f04ba1e44f375346e3004e8c764b391033c56e2d3297218ba108d50788ffb86
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a564d46c5c1f14680cbdec207077b33edf700931fc52f87f0735d7e06e2351a7
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a91020548d67e771f524cd09adb38a3a87a3b9017121546c4a17cc9470dfa4ba
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e8c09bb678554529832c6d75a38410fa710832269e40a8ed74773da3393c21
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6a996b251e633799fe8f5cf3e9de4d3f1683e0c03ea1a4faacfaa4bc1985857
b6e546240e38467a569aab6d5ef52d2acbe5ea9861a53ced210b6d3de7ed6a74
b813df1588f1943d275a86850087398f0278bcc4c068088ac77c6c8d312287db
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50
ba856424cbf679cbdd0107d249eb68b7f62012a13dca26ba5fa48dabe04746b9
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5
bd2bc837d31f27f7b36acba2f2edd4fd34f06768c46c5a14260942a139235758
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
c1b7bdd84c22411a42dfc9fa619781772c511d0fb4fc73107a9f4e0c4a590a98
c88ba14ddd56ad58b697c9317346ecf29af4f205dc131c982fa18e2894629f4a
c96a44612c761357350d1aadb6649c5eb28bae6833790d75f3a2f219e21aa9e1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1
ce5a8b7e5fa0afdc2594d6df3938686f7696e1cb040e704a76ace91a01ecc79d
ce8aa74dd3fd8050ad82ac308b1643a973a67d4a67d87c9f1c8d1c424e348f63
cecc0742ef005103627c7941da3f787b86a77665670413226c696bebc95ed806
cf08f3419c0eec2558b52cde89a8998a56ab802ca33810be7f01437b0164a8cc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d4b5fb772e3f8f9691b73875b99dd696d27adaa169382f30a3a193c8a32a9fdd
d4c1f4ad75aa23200a7b5d63e1994b70f989742dbd44d04429045a0dab617b89
d7f2fbe414e0b79e516fec53f54d6ef6c914cea4e6ad1e804bbd762ad8332dd2
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
dc6401178db74899e2cb62ea5015681932488b766b2166df077b315f01c87057
dee852eb3ae7251e2b4cb91238e21bf99353690b2aa2827912856a460b375f44
e1d4e0640dff26e61c23bd1b4e473351d3c549f80ecc7ca000735fc348382e61
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7
e330c45c6ef0232cd32f61eab2611bcfd885163c682db8d9b5cf0c6569f24b7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e88e4806e083246e88e8bcaaf24a32bb4a5d12825a45696537a64d8758880538
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ed663829f239877ce3e0ed6fe2b2ddb37fd9f8290b53aec8fb06da866bdfb43d
edeecc21623abc3df07f9496d595070caed15bd980ff0ee2e04e97df28c09cba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b713b539c249db82d10682e313c44fe495fbdbdbbbf77e661f9cbd600d6a78
f5b0f509584b1c474c2da802f7a4c0d9f583bc204401a8a6c4755af0269b294d
f66257ab22784df391afb687663d08dd4e33bf0c17fa871287a57e8f9d1caa80
f716ad7f9c7d704196846ea6f7d24eb9a2214e2a5fe4f157291c715c246ef97c
facd338be7d2ebe007361f4f67a544d9c71269fc0066e5b561ad3f8cfe9902ca