urlscan.io logo urlscan.io
SecurityTrails logo

www.lotterypost.com Open in urlscan Pro
2606:4700::6812:13ad  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.lotterypost.biz/
Effective URL: https://www.lotterypost.com/
Submission: On April 12 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 76 IPs in 12 countries across 89 domains to perform 404 HTTP transactions. The main IP is 2606:4700::6812:13ad, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.lotterypost.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2020. Valid for: a year.
This is the only time www.lotterypost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
31 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 52.85.32.122 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
8 216.58.212.162 15169 (GOOGLE)
3 7 216.52.2.30 30282 (AS-INAPCD...)
3 4 185.33.221.50 29990 (ASN-APPNEX)
3 54.77.12.55 16509 (AMAZON-02)
2 10 104.108.145.8 16625 (AKAMAI-AS)
1 2.18.68.31 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 9 2620:116:800d... 16509 (AMAZON-02)
1 54.192.210.10 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:209... 16509 (AMAZON-02)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 54.230.183.21 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 11 52.95.123.41 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
43 2a00:1450:400... 15169 (GOOGLE)
1 1 13.226.155.126 16509 (AMAZON-02)
2 18.195.155.181 16509 (AMAZON-02)
15 104.108.144.214 16625 (AKAMAI-AS)
6 6 18.156.0.31 16509 (AMAZON-02)
4 13 34.98.64.218 15169 (GOOGLE)
3 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 54.163.239.172 14618 (AMAZON-AES)
24 72.251.249.14 29791 (VOXEL-DOT...)
8 14 52.215.237.248 16509 (AMAZON-02)
2 2 69.173.151.90 26667 (RUBICONPR...)
9 9 185.29.132.69 30419 (MEDIAMATH...)
7 8 37.157.4.23 198622 (ADFORM)
18 28 142.250.185.162 15169 (GOOGLE)
1 4 184.51.9.98 16625 (AKAMAI-AS)
2 52.94.232.32 16509 (AMAZON-02)
4 169.197.150.7 398989 (DEEPINTENT)
7 7 66.155.71.25 13768 (COGECO-PEER1)
3 3 18.198.69.109 16509 (AMAZON-02)
5 6 35.227.248.159 15169 (GOOGLE)
1 192.132.33.46 18568 (BIDTELLECT)
4 185.64.189.115 62713 (AS-PUBMATIC)
2 178.250.2.151 44788 (ASN-CRITE...)
4 4 213.155.156.165 1299 (TELIANET ...)
1 39 185.64.189.110 62713 (AS-PUBMATIC)
13 13 52.51.245.167 16509 (AMAZON-02)
2 2 185.86.139.115 201081 (SMARTADSE...)
5 5 198.148.27.139 19189 (PULSEPOINT)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 94.23.73.243 16276 (OVH)
1 4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
14 14 35.156.19.236 16509 (AMAZON-02)
4 4 52.215.39.23 16509 (AMAZON-02)
1 4 2a00:1288:110... 34010 (YAHOO-IRD)
5 185.64.189.114 62713 (AS-PUBMATIC)
2 2 2001:678:cb4:... 56396 (TURN)
5 5 151.101.114.49 54113 (FASTLY)
2 2 159.65.197.210 14061 (DIGITALOC...)
2 4 169.50.137.190 36351 (SOFTLAYER)
17 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:3::621 54113 (FASTLY)
10 2607:f8b0:400... 15169 (GOOGLE)
4 2a00:1288:80:... 203220 (YAHOO-DEB)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 184.51.9.34 16625 (AKAMAI-AS)
1 1 2620:119:50e4... 14413 (LINKEDIN)
1 1 31.172.81.172 44066 (DE-FIRSTC...)
1 1 31.172.81.160 44066 (DE-FIRSTC...)
2 174.137.133.49 27257 (WEBAIR-IN...)
2 2 202.241.208.100 4694 (IDCF IDC ...)
1 151.101.65.108 54113 (FASTLY)
2 104.76.200.247 16625 (AKAMAI-AS)
2 104.80.28.24 16625 (AKAMAI-AS)
12 12 213.19.147.151 26120 (RHYTHMONE)
2 2 18.193.144.52 16509 (AMAZON-02)
5 6 37.252.172.249 29990 (ASN-APPNEX)
1 1 69.173.144.165 26667 (RUBICONPR...)
3 3 185.184.8.30 204995 (RTB-HOUSE...)
1 1 168.119.127.61 24940 (HETZNER-AS)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 18.159.8.206 16509 (AMAZON-02)
2 19 54.77.242.172 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (TURN)
1 104.76.200.23 16625 (AKAMAI-AS)
1 1 185.183.112.148 60350 (VP)
3 4 70.42.32.63 13789 (INTERNAP-...)
1 1 50.16.38.94 14618 (AMAZON-AES)
2 2 34.203.138.195 14618 (AMAZON-AES)
1 150.136.26.45 31898 (ORACLE-BM...)
1 1 64.202.112.31 22075 (AS-OUTBRAIN)
2 2 18.156.133.101 16509 (AMAZON-02)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 199.232.137.44 54113 (FASTLY)
2 2 35.157.48.14 16509 (AMAZON-02)
1 38.27.122.126 174 (COGENT-174)
1 1 51.210.112.63 16276 (OVH)
1 1 34.98.107.212 15169 (GOOGLE)
404 76
1    2a00:1450:4001:82b::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.lotterypost.biz
2    2606:4700::6812:13ad (United States)

ASN13335 (CLOUDFLARENET, US)
www.lotterypost.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
31    2606:4700:3031::ac43:c203 (United States)

ASN13335 (CLOUDFLARENET, US)
lp.vg
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    52.85.32.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-122.ham50.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
cloudflareinsights.com
8    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
securepubads.g.doubleclick.net
7    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
4    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
3    54.77.12.55 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-12-55.eu-west-1.compute.amazonaws.com
c.deployads.com
10    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2.18.68.31 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-68-31.deploy.static.akamaitechnologies.com
prebid.media.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
2    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    54.192.210.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-210-10.ham50.r.cloudfront.net
certify-js.alexametrics.com
6    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2093:6a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
16    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.com
1    54.230.183.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-21.ham50.r.cloudfront.net
certify.alexametrics.com
3    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
2    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    52.95.123.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
43    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    13.226.155.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-126.dus51.r.cloudfront.net
s.ad.smaato.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
15    104.108.144.214 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-214.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ups.analytics.yahoo.com
13    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
3    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
2    54.163.239.172 (United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
24    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
14    52.215.237.248 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
data.adsrvr.org
match.adsrvr.org
2    69.173.151.90 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
9    185.29.132.69 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
28    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
4    184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
7    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadm.exelator.com
6    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    213.155.156.165 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
39    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
13    52.51.245.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
5    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
green.erne.co
4    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
14    35.156.19.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-19-236.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    52.215.39.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
r.scoota.co
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
5    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
17    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
10    2607:f8b0:4002:c02::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
pr.ybp.yahoo.com
s.yimg.com
1    2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4001:5f::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
r3---sn-4g5e6nsz.gvt1.com
1    184.51.9.34 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-34.deploy.static.akamaitechnologies.com
aktrack.pubmatic.com
1    2620:119:50e4:101::6cae:b55 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    31.172.81.172 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.sniperlog.ru
1    31.172.81.160 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
2    202.241.208.100 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.76.200.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
js-sec.indexww.com
2    104.80.28.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
contextual.media.net
cslogger.media.net
12    213.19.147.151 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    18.193.144.52 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
a.sportradarserving.com
6    37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
secure.adnxs.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
1    168.119.127.61 (Germany)

ASN24940 (HETZNER-AS, DE)
bidswitch-eu.splicky.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    18.159.8.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
19    54.77.242.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    104.76.200.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
cs.media.net
1    185.183.112.148 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
4    70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    50.16.38.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-38-94.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    34.203.138.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-138-195.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    18.156.133.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-133-101.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    35.157.48.14 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-48-14.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    38.27.122.126 (United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: ns3174889.ip-51-210-112.eu
pixel.onaudience.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
Apex Domain
Subdomains		 Transfer
67 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
aktrack.pubmatic.com
simage4.pubmatic.com
212 KB
58 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
213 KB
58 googlesyndication.com
pagead2.googlesyndication.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
tpc.googlesyndication.com
599 KB
31 lijit.com
ap.lijit.com
ce.lijit.com
54 KB
31 lp.vg
lp.vg
567 KB
21 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
199 KB
19 gumgum.com
rtb.gumgum.com
6 KB
17 ampproject.org
cdn.ampproject.org
367 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
14 bidswitch.net
x.bidswitch.net
4 KB
14 adsrvr.org
data.adsrvr.org
match.adsrvr.org
5 KB
14 casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
17 KB
13 bidr.io
match.prod.bidr.io
6 KB
13 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
3 KB
11 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
11 KB
11 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
11 KB
9 mathtag.com
sync.mathtag.com
5 KB
9 quantserve.com
secure.quantserve.com
pixel.quantserve.com
12 KB
8 1rx.io
sync.1rx.io
6 KB
8 adform.net
c1.adform.net
4 KB
7 sitescout.com
pixel-sync.sitescout.com
5 KB
7 google.com
adservice.google.com
www.google.com
791 B
6 tapad.com
pixel.tapad.com
2 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 contextweb.com
bh.contextweb.com
3 KB
5 googletagservices.com
www.googletagservices.com
156 KB
5 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
32 KB
4 outbrain.com
sync.outbrain.com
1 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com
2 KB
4 simpli.fi
um.simpli.fi
2 KB
4 scoota.co
r.scoota.co
3 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 zeotap.com
mwzeom.zeotap.com
spl.zeotap.com
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 deepintent.com
match.deepintent.com
161 B
4 media.net
prebid.media.net
contextual.media.net
cslogger.media.net
cs.media.net
11 KB
3 creativecdn.com
creativecdn.com
990 B
3 yimg.com
s.yimg.com
51 KB
3 turn.com
ad.turn.com
d.turn.com
1 KB
3 exelator.com
loadm.exelator.com
2 KB
3 rubiconproject.com
pixel-us-east.rubiconproject.com
pixel-eu.rubiconproject.com
2 KB
3 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
206 B
3 deployads.com
c.deployads.com
1 KB
3 cloudflareinsights.com
static.cloudflareinsights.com
cloudflareinsights.com
5 KB
2 w55c.net
pm.w55c.net
2 KB
2 taboola.com
trc.taboola.com
match.taboola.com
559 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 360yield.com
ad.360yield.com
616 B
2 ipredictive.com
sync.ipredictive.com
950 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 sportradarserving.com
a.sportradarserving.com
1 KB
2 indexww.com
js-sec.indexww.com
2 KB
2 socdm.com
tg.socdm.com
2 KB
2 gvt1.com
redirector.gvt1.com
r3---sn-4g5e6nsz.gvt1.com
914 KB
2 bidtheatre.com
match.adsby.bidtheatre.com
1 KB
2 erne.co
green.erne.co
649 B
2 adition.com
dsp.adfarm1.adition.com
1002 B
2 smartadserver.com
rtb-csync.smartadserver.com
1 KB
2 criteo.com
dis.criteo.com
652 B
2 clickagy.com
aorta.clickagy.com
1 KB
2 emxdgt.com
cs.emxdgt.com
59 B
2 google.de
adservice.google.de
942 B
2 alexametrics.com
certify-js.alexametrics.com
certify.alexametrics.com
3 KB
2 lotterypost.com
www.lotterypost.com
20 KB
1 playground.xyz
ads.playground.xyz
487 B
1 onaudience.com
pixel.onaudience.com
400 B
1 bnmla.com
match.bnmla.com
112 B
1 ad4m.at
ad4m.at
335 B
1 adgrx.com
cm.adgrx.com
408 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 stackadapt.com
sync.srv.stackadapt.com
612 B
1 adotmob.com
sync.adotmob.com
682 B
1 splicky.com
bidswitch-eu.splicky.com
217 B
1 e-volution.ai
rtb2-useast.e-volution.ai
233 B
1 adkernel.com
dsp.adkernel.com
233 B
1 bumlam.com
sync.bumlam.com
681 B
1 sniperlog.ru
sync3.sniperlog.ru
370 B
1 linkedin.com
px.ads.linkedin.com
459 B
1 jsdelivr.net
cdn.jsdelivr.net
9 KB
1 bttrack.com
bttrack.com
380 B
1 smaato.net
s.ad.smaato.net
562 B
1 googleadservices.com
partner.googleadservices.com
644 B
1 quantcount.com
rules.quantcount.com
359 B
1 googletagmanager.com
www.googletagmanager.com
31 KB
1 lotterypost.biz
www.lotterypost.biz
132 B
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
404 89
Domain Requested by
45 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.lotterypost.com
cdn.ampproject.org
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
31 lp.vg www.lotterypost.com
lp.vg
ajax.googleapis.com
28 cm.g.doubleclick.net 18 redirects u.openx.net
www.lotterypost.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
ap.lijit.com
us-u.openx.net
rtb.gumgum.com
24 simage2.pubmatic.com 1 redirects image6.pubmatic.com
ads.pubmatic.com
24 ce.lijit.com ap.lijit.com
us-u.openx.net
rtb.gumgum.com
ads.pubmatic.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.lotterypost.com
19 rtb.gumgum.com 2 redirects ap.lijit.com
rtb.gumgum.com
17 cdn.ampproject.org securepubads.g.doubleclick.net
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
15 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
15 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
lp.vg
ap.lijit.com
rtb.gumgum.com
14 x.bidswitch.net 14 redirects
13 match.prod.bidr.io 13 redirects
12 match.adsrvr.org 8 redirects u.openx.net
ssum-sec.casalemedia.com
us-u.openx.net
11 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ap.lijit.com
u.openx.net
ssum-sec.casalemedia.com
ads.pubmatic.com
10 csi.gstatic.com www.gstatic.com
10 pagead2.googlesyndication.com www.lotterypost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
9 sync.mathtag.com 9 redirects
8 sync.1rx.io 8 redirects
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
8 c1.adform.net 7 redirects image6.pubmatic.com
8 pixel.quantserve.com 7 redirects www.lotterypost.com
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.lotterypost.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
7 pixel-sync.sitescout.com 7 redirects
7 us-u.openx.net 2 redirects u.openx.net
ap.lijit.com
us-u.openx.net
7 ap.lijit.com 3 redirects lp.vg
aax-eu.amazon-adsystem.com
ap.lijit.com
6 secure.adnxs.com 5 redirects
6 pixel.tapad.com 5 redirects image6.pubmatic.com
6 ups.analytics.yahoo.com 6 redirects
6 fonts.gstatic.com fonts.googleapis.com
5 www.google.com 1 redirects www.lotterypost.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
5 sync-tm.everesttech.net 5 redirects
5 bh.contextweb.com 5 redirects
5 ssum-sec.casalemedia.com 1 redirects aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 www.gstatic.com googleads.g.doubleclick.net
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
5 www.googletagservices.com www.lotterypost.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
4 sync.outbrain.com 3 redirects rtb.gumgum.com
4 sync.targeting.unrulymedia.com 4 redirects
4 um.simpli.fi 2 redirects ads.pubmatic.com
image6.pubmatic.com
4 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 r.scoota.co 4 redirects
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 match.deepintent.com ssum-sec.casalemedia.com
rtb.gumgum.com
image6.pubmatic.com
4 ib.adnxs.com 3 redirects lp.vg
4 fonts.googleapis.com www.lotterypost.com
securepubads.g.doubleclick.net
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
3 creativecdn.com 3 redirects
3 s.yimg.com pr.ybp.yahoo.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
3 image4.pubmatic.com ads.pubmatic.com
3 mwzeom.zeotap.com ads.pubmatic.com
3 loadm.exelator.com 3 redirects
3 eu-u.openx.net u.openx.net
us-u.openx.net
3 u.openx.net 2 redirects aax-eu.amazon-adsystem.com
3 d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 c.deployads.com lp.vg
3 c.amazon-adsystem.com www.lotterypost.com
c.amazon-adsystem.com
2 pm.w55c.net 2 redirects
2 ad.360yield.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 p.rfihub.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 js-sec.indexww.com lp.vg
ssum-sec.casalemedia.com
2 simage4.pubmatic.com ads.pubmatic.com
2 cloudflareinsights.com static.cloudflareinsights.com
2 tg.socdm.com 2 redirects
2 pubmatic-match.dotomi.com ads.pubmatic.com
2 match.adsby.bidtheatre.com 2 redirects
2 ad.turn.com 2 redirects
2 aud.pubmatic.com ads.pubmatic.com
2 green.erne.co 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 rtb-csync.smartadserver.com 2 redirects
2 dis.criteo.com image6.pubmatic.com
2 s.amazon-adsystem.com ssum-sec.casalemedia.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 data.adsrvr.org ap.lijit.com
2 aorta.clickagy.com 2 redirects
2 cs.emxdgt.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.lotterypost.com
2 www.lotterypost.com www.lotterypost.com
1 ads.playground.xyz 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 match.bnmla.com image6.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 ad4m.at image6.pubmatic.com
1 s.tribalfusion.com image6.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 b1sync.zemanta.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.srv.stackadapt.com 1 redirects
1 sync.adotmob.com 1 redirects
1 cs.media.net contextual.media.net
1 cslogger.media.net contextual.media.net
1 d.turn.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 contextual.media.net lp.vg
1 acdn.adnxs.com lp.vg
1 rtb2-useast.e-volution.ai d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
1 dsp.adkernel.com d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
1 sync.bumlam.com 1 redirects
1 sync3.sniperlog.ru 1 redirects
1 px.ads.linkedin.com 1 redirects
1 aktrack.pubmatic.com d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
1 r3---sn-4g5e6nsz.gvt1.com d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
1 redirector.gvt1.com 1 redirects
1 pr.ybp.yahoo.com cdn.jsdelivr.net
1 cdn.jsdelivr.net d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
1 bttrack.com ssum-sec.casalemedia.com
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 certify.alexametrics.com www.lotterypost.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 rules.quantcount.com secure.quantserve.com
1 certify-js.alexametrics.com www.lotterypost.com
1 secure.quantserve.com www.lotterypost.com
1 hbopenbid.pubmatic.com lp.vg
1 prebid.media.net lp.vg
1 as-sec.casalemedia.com lp.vg
1 static.cloudflareinsights.com www.lotterypost.com
1 www.googletagmanager.com www.lotterypost.com
1 ajax.googleapis.com www.lotterypost.com
1 www.lotterypost.biz 1 redirects
0 ums.acuityplatform.com Failed ap.lijit.com
404 131
Subject Issuer Validity Valid
lotterypost.com
Cloudflare Inc ECC CA-3		 2020-07-04 -
2021-07-04		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
lp.vg
Cloudflare Inc ECC CA-3		 2020-07-05 -
2021-07-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-11 -
2021-07-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2020-03-11 -
2021-05-10		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.deployads.com
Sectigo RSA Domain Validation Secure Server CA		 2019-07-04 -
2021-07-03		 2 years crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
certify-js.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-24 -
2021-05-12		 2 months crt.sh
*.c.docs.google.com
GTS CA 1O1		 2021-03-30 -
2021-06-08		 2 months crt.sh
*.adkernel.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2022-01-05		 a year crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-09-14 -
2021-09-14		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2019-10-29 -
2021-11-23		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh

This page contains 71 frames:

Primary Page: https://www.lotterypost.com/
Frame ID: EED3367D6A67D483228FDCB8BE71A201
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Frame ID: 00D064DA1172E59A2C7E59D9A2E96C23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Frame ID: B92B0E96B2245F88B4885CA1766A2658
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618232184&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618232184314&bpp=4&bdt=304&idt=226&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=4214141447001&frm=20&pv=1&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=235
Frame ID: F475361552F53C6B7389AAF44E38D420
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Frame ID: 017F8C0D6C00D41C2AB6FE835CBF4D13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Frame ID: D412F361B0BC60BAECB3A54F3EC3B32C
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Frame ID: 008EE64617CC1013951F4D107F2EEA28
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: F9E976F55F7C3807B7CD9DFA70A3244A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: F6559896358A73988FCEF6D35FD6B2A0
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UxSS2gN1l2M0DoT999sTPL6yvgP.LmQ-&
Frame ID: F12F12C3573583BDDF614DF227754A7D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: FFC02EA562C173F18B79DABB33FB7198
Requests: 7 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: F0F37D6A995B8FD0340556C202E13890
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Frame ID: 3108DDB2A0E7E8DF8CAE6E658684E3AF
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 3DF7934530050D7BA6FC623D65896386
Requests: 22 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7815766B9109F6A9E53112B7BD8A91B8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2051760143228930276
Frame ID: 797318021C52A2D576044A3D31149143
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJMk7A6IcAACkPutJ60w
Frame ID: 603BA49D2B56F22053C27B8B9852AC5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254311926593680
Frame ID: 93B74AA9D08C7F0DF0958722CB29BC34
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Frame ID: 7143C230BAE27AF5A427E1D7728B093B
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&ex=pubmatic.com
Frame ID: DC0CD355B1109AE8FED12E270BCDB94F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: E2EE615B8344D20390F5671E3882AE73
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: C10F09C0426439A4C1D9CB1C2A87955E
Requests: 15 HTTP requests in this frame

Frame: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5DAB5B27EC095D6ED738661691156D36
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 340854F172437D0B5AF03172630A8F5F
Requests: 23 HTTP requests in this frame

Frame: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9152B77A9F061F5000BA6468F6ABABD7
Requests: 40 HTTP requests in this frame

Frame: https://pr.ybp.yahoo.com/ab/secure/true/imp/xWDi_7M5uKMJLp46AKZw5m91fBiUKkLaycexQt1Th6AT9tu12id-FaSZBg-fbLTugiy81grIhemckRyje--qDvdZWeYoLcLRO8Cdkz1y7TUfBL1GiW1EaOnc-e4BpPu6Nn0OmFWAwlxEO1F6M83a8PLo4463ft0eGcRqFJ3GZI51npcH_c29Bx7m31rhdbaBz2jiyWKmRrvNqfO5HY45RymRkoHh08Tsr5krMt_uLWPSowry8dL2iVMThYrLCCsU0ItkkQ289JRhM9NoUJKmKTHuYwnfXzG9lAJJ3P596UIAo8eeNXtK-ur1O2exU--jqm1jVDTGzx5nY68XDVN-Yjcgx26LhnZldBKI-fZXWieetHTQPDa-pnJ0CM3E6G8Q_zIzU47dFvXuPZEuRi28HRhpRjJpiMx1035FbLyY-j5FlpH6kEmnjIeULmW2j9R6Z2bLaEmWsv3MYa0ufgtEaIFUeGqrQrhm4YALvW8r2WpmnglHKv7K4z-DSEmP5nhjNUWaYIPiRRy0IHmJxl2T8supjhdeQTeNhD_MH-BkylGUWrwCkKngzmMHeXLPw_pmWeIqDwSWsZMsrta7DsJjVWfKvmvgea0ViHbthBCV69YCqrSlmBFWf9GZxy60_kdSPZeQiLZ9gP6LkFxryI2W-8XVt3JOiYfNUEiU-nMdflMaPblwAbmCD9Zmcn-iDOzZ2D1tHUOZUnrgiAUZd5hcaYQclR4PB4ymceHcHBxZnQY9Vk0z6ZiSNrt66rqVXXmciCgumZIZpMparzqv9sMEyEasTDoG4eYY3VHIl872tpDmS2AJgwavig4zT1q-44msSWJqZv_U41vrT-0n_aq9_7i_GYcZcOka9SOOqopmjcX7UOAaLJNfR7VUF3lUaDjrYZkkpGNBx22yvJzkSKE9SFyBCdjo4-POcxMZA_uA-l92jjRr17ri3ZnjX8IrNF510zAO9zjfhDT-AKivDkkm_GeiE2uWG9-RqhDBDHWwF4otmuGm9vd_JrpzfQgt6oUWESbhlLTicDmoq_IeR-_AGwmY6VJCeKhP1M100EZq-aQiwfvjD9UyaTFZ4vp4kYYk5_6_Mh2Czg61RVQ8VM0vWloOx1aDx-3-L5MWBPL2u3oCMRYot9ekuzCT8bIEOvILy2yXGz3zQjluGj_ykN7vtHR9uatEkWsCAOTq1iHt_R9FzVNHRRsuXZw9MNcKZ6t-8_G8kq7YhEEzjVm911lqkD872G0u8qmZZMjy2zVuCy9KJIpXXmw0aXGUZjYFkCRUD2uOjNkJp_c9IQf0MmCQhQNHd6Ong99-QkMRy5SIw6UJItZ0WxV-9g/wp/0.101359/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1Nzg1NiZzaXRlSWQ9NDEyMDI2JmFkSWQ9MTg1MTAzMCZrYWRzaXplaWQ9MTEmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjI2MzczNTAwMTczODk4ODA5NiZhZFNlcnZlcklkPTI0MyZpbXBpZD01OUY5NUUyRS02NUIyLTQyQTgtOTQ4MS00RDZDMkZFRUVBQ0YmcGFzc2JhY2s9MA==_url=
Frame ID: 9875CFF68B96B4728BD6D288F04860E8
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4B17A4828E597EF67F3848A2F83BCFCC
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 27339B237B50C3463CFA271B761E0D89
Requests: 1 HTTP requests in this frame

Frame: https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157856&siteId=412026&adId=1851030&adType=10&adServerId=243&kefact=0.101359&kaxefact=0.101359&kadNetFrequecy=0&kadwidth=120&kadheight=600&kadsizeid=11&kltstamp=1618232184&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.101359&dcId=3&tldId=0&passback=0&svr=BID22467U&adsver=_2344862218&adsabzcid=0&ekefact=eEN0YPk3BQASyeNd-jmCr6K5Pb_J4wjd88vjHXd8gA3CBUm_&ekaxefact=eEN0YA84BQCn1iEWktpHtk6OfSuoEpQ3JwriPYv8QYHnMwfb&ekpbmtpfact=eEN0YCM4BQAmtDLxSIrGNKHyXSMiCENoTMP3Hbxo7vBNGCED&enpp=eEN0YDc4BQCmQrFiGgfP6YC38dFoFSz09fDdpvbXZ3RnIO9p&pfi=1&dc=AMS&pubBuyId=30384&crID=3262253&lpu=hoeren-heute.ch&ucrid=12263735001738988096&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH101788000&wDspId=452&wbId=1&wrId=0&wAdvID=1157489&wDspCampId=1516979&isRTB=1&rtbId=878A51E7-92C8-4552-B800-F4DBB365BFE7&imprId=59F95E2E-65B2-42A8-9481-4D6C2FEEEACF&oid=59F95E2E-65B2-42A8-9481-4D6C2FEEEACF&cntryId=45&pageURL=https%3A%2F%2Fwww.lotterypost.com%2F&sec=1&pAuSt=3
Frame ID: CD64DED44ECED2BAA026B203734A3EC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: B4C34DB7A5C3B34E80C7E5D2D4154A5F
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E9E8FC4BFB28B33BD7E0AFB572D113AE
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F50B45A0E969B3C74F971F7180C8851E
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Frame ID: 496838CB51B150A10A05889B5D407CF8
Requests: 21 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5191659CA730399BE7AEE4AD134C1885
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: C40D066CF8520E89A60E30B87FDE4961
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B569B109162ED1EE07203938339C14EF
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 795FC7231EDCDEBFF6E9B641338008BF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7333820847261831745
Frame ID: 902E6926B5573A300204A6CD68F3F314
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 05976B7BFDE78AD737F4514B6183721A
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Frame ID: C3BDD7171ED659EE0498A342EBEF54F4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 15E3145A4DC29069023BC259A7D2C550
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: B0D7E44FB5A0870671EAC509D10798D6
Requests: 8 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3337249494985287237&gdpr=0&gdpr_consent=
Frame ID: D6DF2E9C1361149B1632C9909B61263C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F0F909FC75B7192E4481B1E1A2FE2797
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CE541241114917404575615ABEA8D5AC
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Frame ID: 7FF7C3A63C31BB7BD367599F9FEFA402
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
Frame ID: 34C0D6AF6853F3BF04451F4638B5BFE6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iMWQyN2RhMi05ZjIyLTQ0YzItOTQxYi1kOWQ0MjU4ZmU3MjY=&gdpr=0&gdpr_consent=
Frame ID: 0189FF008C6D79A6847BD47252E7F7D0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 6F82E8E5F6D096BB0DE57E420B9D57DE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
Frame ID: 9440C8A91E7269B4DED2829CE4EEBA3F
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: 69D9B7BB845248A026F6BF42F748EC6E
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
Frame ID: 8F643EF294DDE72BF5674B523833F63B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827870142671571
Frame ID: 2E19AFC31702E074D823953D3CA054DA
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
Frame ID: 329B91D1ECEEB55B341E3065398280B7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 280B4B959EEFD9D49C143E69568A48C8
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
Frame ID: 1CBD25C566F38E9ABB912DF1BEDDD55F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNdU7A6IcAACk8qj89wA
Frame ID: 05DFC7FAF5CED9958D32ACE0AA85908B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254346290919568
Frame ID: 3FBB2DF14D501AADCC9F15BF261E7439
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Frame ID: B0402BAAFCE6D3DFF3913CCA964D14B5
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 887437D4B5F183DA5366BC1C004E1976
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 5A4CD81537EBF803835AE12259627756
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T3prtrJyQMQD&pid=557219
Frame ID: 490EC3531AA8E937B8EBBDD5FCA9D769
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: B229504B274BEB4CEE0DF6E078C1BA8C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9346C96083E6DE675571765211E8FCF8
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 9EC487FFA5B405FCC4EDB39EAC458963
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Frame ID: 712713915AF9A313FE57ED672619F447
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXkQTPfn1LvW7f5&gdpr=0&gdpr_consent=
Frame ID: 94CA96B2C19F50FF2541076D6A5C395C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Frame ID: 523B725AD21CD402703BE67EB15D4C58
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:05CDF78849C34EEDB7DF45E9B7669229
Frame ID: 6DE9DBC86F2DB97A9D68BF021EEFE487
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 2A238779BD0C0D7D39D426EE693ECE49
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
Frame ID: 6774F6333462A725CE57751FB1337F66
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.lotterypost.biz/ HTTP 301
    https://www.lotterypost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

404
Requests

99 %
HTTPS

30 %
IPv6

89
Domains

131
Subdomains

76
IPs

12
Countries

3532 kB
Transfer

6476 kB
Size

56
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lotterypost.biz/ HTTP 301
    https://www.lotterypost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Request Chain 100
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=628b5dd44b12b3812cf1
Request Chain 104
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UxSS2gN1l2M0DoT999sTPL6yvgP.LmQ-&
Request Chain 105
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 109
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=514c17553e457f84c634181c&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Request Chain 110
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=JXZavSd1WrE-flTtIX9AsHZxDLE-d1nsdXRK3L52
Request Chain 112
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KNELNTOX-F-EGD3&gdpr=0
Request Chain 113
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=514c17553e457f84c634181c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Request Chain 115
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XX6n6V99p-VGdqm5WXe95A558eVGf6S4DXzFoKMR
Request Chain 116
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8689657867462856053
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4jeI-pbA3Yz_RfnNHo5Lw&google_cver=1
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHRDeECC8VeumEpecj502AAABGEAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDdz9IComVc8gSJ_bPHMR5g&google_cver=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHRDeECC8VeumEpecj502AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9HuenWy6F2Lcb5jO1aoBU&google_cver=1
Request Chain 126
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348%26partner_url%3Dhttps%253A%252F%252Fdsum-sec.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348%2526expiration%253D1620824185 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348%26expiration%3D1620824185 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348%26expiration%3D1620824185 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&expiration=1620824185
Request Chain 127
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63376074-4378-4d00-875d-fff11f917e4c
Request Chain 132
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2051760143228930276
Request Chain 133
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESk1rN0E2SWNBQUNrUHV0SjYwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADJMk7A6IcAACkPutJ60w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3257380386610997500 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADJMk7A6IcAACkPutJ60w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3257380386610997500%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=3257380386610997500&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADJMk7A6IcAACkPutJ60w&pid=558502&do=add HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJMk7A6IcAACkPutJ60w
Request Chain 134
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254311926593680
Request Chain 135
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hDrwxwGKRCC-yo7BDRy50w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 139
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 140
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&addseg=31
Request Chain 141
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJO0Y8aTyPvZXVASlVd0Itk&google_cver=1
Request Chain 143
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8689657867462856053
Request Chain 144
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Request Chain 145
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9067763383897638257&gdpr=0&gdpr_consent=
Request Chain 146
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=cb2758a7-c055-4822-96cf-f8a8ffb229a2&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4d36316-356f-4f51-8d09-a0522c407a7c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 148
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7C3aVsdE2uVt8_tAm5RN67BHIHMeIC0-~A&gdpr=0&gdpr_consent=
Request Chain 149
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr
Request Chain 150
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288845911666229246&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 151
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YHRDeQAAIY74xgA0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDeQAAIY74xgA0&gdpr=0&gdpr_consent=&_test=YHRDeQAAIY74xgA0
Request Chain 152
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&gdpr=0&gdpr_consent=
Request Chain 153
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cee85266-da13-4fa4-af58-32d3bed5ef06&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 206
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 235
  • https://redirector.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=027750B55998256CD41F5D43AFAC38A666F2392A.2B7B79E8EC59F5D6602435BE9F85E8BECC4995B1&key=ck2 HTTP 302
  • https://r3---sn-4g5e6nsz.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2C728A607F757FA30D21997AD04D14CDCB549B70.3BE8C968E41E5E8E6F94F0ACF13608936913960E&key=cms1&cms_redirect=yes&mh=QI&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsz&ms=nvh&mt=1618231130&mv=u&mvi=3&pl=49
Request Chain 248
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHyomT4zMp9Cbj3S0vzIBPo&google_cver=1&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3724TvyAPCcsA75uYGJ87EVt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3724TvyAPCcsA75uYGJ87EVt
Request Chain 249
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEPC2En7dv38zmOn7Jon_rXw&google_cver=1&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in HTTP 301
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEPC2En7dv38zmOn7Jon_rXw&google_cver=1&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in
Request Chain 250
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXx7gbZiI3h7X8XkcC26Bs&google_cver=1&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u7agrtqcr4uLCrgjeglXwKv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY4OTY1Nzg2NzQ2Mjg1NjA1Mw&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u7agrtqcr4uLCrgjeglXwKv
Request Chain 252
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOS5zN6mY3c_dY_rmGHwD2w&google_cver=1&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU&google_hm=WUhSRGU4Q281dWtBQUdiUXIyUUFBQUFB
Request Chain 254
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENn43iJQ_C0ypCQbhGah8Xk&google_cver=1&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i67dogLwzm0xar384lCDWhgK-gyBpVeFW05BB3pJ_Au3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pOC5RWjBoRTJ1SDBFNDdySl9pSmxmdWNWQnR1Mk5oVH5B&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i67dogLwzm0xar384lCDWhgK-gyBpVeFW05BB3pJ_Au3
Request Chain 273
  • https://ap.lijit.com/beacon?informer=13414900 HTTP 302
  • https://ap.lijit.com/beacon?informer=13414900&dnr=1
Request Chain 276
  • https://x.bidswitch.net/sync?ssp=sortable HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3f5114d6-9dee-4a34-b0cb-f36370331c72&ssp=sortable HTTP 302
  • https://c.deployads.com/cs/bswt?b=de0bf98b-179b-477a-9a9d-714ea26f8c44&i=
Request Chain 277
  • https://sync.1rx.io/usersync2/sortable HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8849187636 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8849187636 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e3cd7a12-4d33-4bf2-b287-2580a4cf7b96 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Request Chain 278
  • https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0 HTTP 302
  • https://c.deployads.com/cs/QANT?gdpr=1&b=62U1NelmNWTwbTQxv2IvNexsNGPwY2Mx7mJ3y_h5
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJJCsH3nzIINKLLqibVnXuk&google_cver=1
Request Chain 284
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d11d58f-e604-46c0-b2da-6001ba7e35c0
Request Chain 285
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2480524028413374838
Request Chain 286
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:14fa6074-437e-4000-9c18-90ea01235889&gdpr=0&gdpr_consent=
Request Chain 287
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7333820847261831745
Request Chain 288
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7830944657085672463&gdpr=0&gdpr_consent=
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yN_k5ynmSgO31hdWLjBLiw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 291
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 292
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&addseg=31
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzhERkU0RTctMjlFNi00QTAzLUI3RDYtMTc1NjJFMzA0QjhC&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 294
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5993075d-8a94-4a5b-9888-637c28cd05da&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 296
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VTZsL4VE2uUBn7gmQ4Av26SjB.dkmBo-~A&gdpr=0&gdpr_consent=
Request Chain 297
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load HTTP 307
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Request Chain 298
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=KNELNXMV-O-36HA&gdpr=0
Request Chain 299
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7229612509212095200&gdpr=0&gdpr_consent=
Request Chain 300
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2225201196 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3d11d58f-e604-46c0-b2da-6001ba7e35c0 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003 HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Request Chain 301
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz
Request Chain 302
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz HTTP 302
  • https://ap.lijit.com/dsp/google/reporting
Request Chain 303
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Request Chain 304
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=c9357560e058df414921eb63&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Request Chain 305
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=MBdt9hyzsfueCdRec5pI&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Request Chain 306
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=fmx&bsw_custom_parameter=de0bf98b-179b-477a-9a9d-714ea26f8c44 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=fmx&expires=10&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=de0bf98b-179b-477a-9a9d-714ea26f8c44
Request Chain 307
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=2159827870142671571
Request Chain 308
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs
Request Chain 309
  • https://um.simpli.fi/lj_match?r=1618232190599&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=05CDF78849C34EEDB7DF45E9B7669229
Request Chain 310
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=weS0UJ2XMlwC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 311
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=c9357560e058df414921eb63&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Request Chain 313
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AACNdU7A6IcAACk8qj89wA&gdpr=0
Request Chain 314
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=KNELNXMV-O-36HA&gdpr=0
Request Chain 315
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=1a97ea00-b27e-4254-8c69-9b278977247e
Request Chain 317
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253Db1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Db1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Db1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
Request Chain 321
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Request Chain 322
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3337249494985287237&gdpr=0&gdpr_consent=
Request Chain 324
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjYxMjMzNzkwMTIzMDAzMzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKofwm756UE2m-9P0go-YeQ&google_cver=1
Request Chain 327
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f646074-437e-4000-bfd1-766e2ab7304f
Request Chain 328
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W-taHlnoWk9A41saD-xAHlziW0hA7QwaXuxAd3OI
Request Chain 329
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2480524028413374838
Request Chain 332
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgqwsTr_9bc-lTRghbnqTo&google_cver=1
Request Chain 336
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHRDfml8Xlb95BpL12c0TAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM96iWk1RstZj18EnrktRSc&google_cver=1
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHRDfml8Xlb95BpL12c0TAAABHMAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJueIF0FpyGM1kcn5fOkA2E&google_cver=1
Request Chain 338
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNdU7A6IcAACk8qj89wA&expiration=1619441790
Request Chain 339
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061a2204002404fa223c0e15&expiration=[EXPIRATION]
Request Chain 343
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=7229612509212095200
Request Chain 344
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Dde0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=9f646074-437e-4000-bfd1-766e2ab7304f&expires=30&ssp=gumgum2&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=de0bf98b-179b-477a-9a9d-714ea26f8c44
Request Chain 345
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&obuid=ENC(yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DyfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym&uid=7398c31f-d3df-02dc-36fc-74246af278c9
Request Chain 346
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=34b44e68-8424-0776-32e8-36641a19bea4
Request Chain 347
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d0a9998f-846e-470c-5c4f-f4656cb1abf5$ip$91.132.136.76
Request Chain 348
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-tX8G3rdE2pckjyCAqSKFfGAukCyt8ovf6Lkx~A
Request Chain 349
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=80ba33ce-9b8e-11eb-a966-1b05268134cb
Request Chain 352
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Request Chain 353
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=503eacc5-01e8-4f49-8968-662c4dbf9623
Request Chain 354
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003&rndcb=5888179211 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44&google_hm=ZGUwYmY5OGItMTc5Yi00NzdhLTlhOWQtNzE0ZWEyNmY4YzQ0 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFE6u13MxkKqCSC30AYcmZk&google_cver=1&ssp=adconductor&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/de0bf98b-179b-477a-9a9d-714ea26f8c44?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Request Chain 355
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=T3prtrJyQMQD&ev=1&pid=558355
Request Chain 357
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Request Chain 358
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
Request Chain 361
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
Request Chain 363
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
Request Chain 364
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870142671571
Request Chain 365
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
Request Chain 374
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud
Request Chain 375
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTmRVN0E2SWNBQUNrOHFqODl3QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNdU7A6IcAACk8qj89wA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACNdU7A6IcAACk8qj89wA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNdU7A6IcAACk8qj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2336833659442948185 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNdU7A6IcAACk8qj89wA
Request Chain 376
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254346290919568
Request Chain 377
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
Request Chain 378
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a79a186-69a6-44e1-b042-aba4f5fcd295&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 379
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Request Chain 381
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 382
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T3prtrJyQMQD&pid=557219
Request Chain 384
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 386
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Request Chain 387
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXkQTPfn1LvW7f5&gdpr=0&gdpr_consent=
Request Chain 388
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=3882844504 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%26partner_url%3Dhttps%253A%252F%252Fsync.1rx.io%252Fusersync3%252Fcentro%252F1508%252Fb1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%253Fzcc%253D0%2526sspret%253D1%2526rndcb%253D3882844504 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2Fb1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348%3Fzcc%3D0%26sspret%3D1%26rndcb%3D3882844504 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348?zcc=0&sspret=1&rndcb=3882844504 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Request Chain 389
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:05CDF78849C34EEDB7DF45E9B7669229
Request Chain 392
  • https://pixel.onaudience.com/?partner=214&mapped=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=714c110efee5bf8d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zcluid=714c110efee5bf8d&zdid=1332 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zcluid=714c110efee5bf8d&zdid=1332&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGA_8q4TCFtctMSylP2S7is&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zcluid=714c110efee5bf8d&zdid=1332
Request Chain 393
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f646074-437e-4000-bfd1-766e2ab7304f
Request Chain 394
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3337249494985287237&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 395
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=
Request Chain 397
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7229612509212095200
Request Chain 398
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Request Chain 399
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=80ba33ce-9b8e-11eb-a966-1b05268134cb&gdpr=0&gdpr_consent=

404 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.lotterypost.com/
Redirect Chain
  • https://www.lotterypost.biz/
  • https://www.lotterypost.com/
78 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dfc29cdc4c21d06156bce46104ae1899c6f231a123842db8ce86a70d50cde7b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.lotterypost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-type
text/html; Charset=utf-8
content-length
19818
set-cookie
__cfduid=d1aba4d19cf6497a121eed5abf52073d51618232183; expires=Wed, 12-May-21 12:56:23 GMT; path=/; domain=.lotterypost.com; HttpOnly; SameSite=Lax; Secure g=a=44298.3690197106&b=44298.3863881134&c=%2f&d=; expires=Tue, 12-Apr-2022 12:56:23 GMT; path=/; secure; HttpOnly f=a=44298.3724992245; domain=lotterypost.com; expires=Tue, 12-Apr-2022 12:56:23 GMT; path=/; secure; HttpOnly tz=1; expires=Tue, 12-Apr-2022 13:56:00 GMT; path=/; secure; HttpOnly ASP_Session=AUSSDBRS/LGPBIBKBLEDNBFEEHFEGOOEJ; secure; path=/; HttpOnly g=a=44298.3690197106&b=44298.3863881134&c=%2f&d=; expires=Tue, 12-Apr-2022 12:56:23 GMT; path=/; secure; HttpOnly f=a=44298.3724992245; domain=lotterypost.com; expires=Tue, 12-Apr-2022 12:56:23 GMT; path=/; secure; HttpOnly __cf_bm=dec082ca926e7d0d0640a5dde243c9208118e444-1618232184-1800-AbIZPcZbEPVkPn/Cskn7XO1yJiy1KChXMucGXwcxhULx4b74gvGsh9aUnk/P7op4vKca7baD1XuLouMSU1O+nC4=; path=/; expires=Mon, 12-Apr-21 13:26:24 GMT; domain=.lotterypost.com; HttpOnly; Secure; SameSite=None
cache-control
no-cache,no-transform
content-encoding
gzip
vary
Accept-Encoding
x-lp-member-status
0
cf-cache-status
DYNAMIC
cf-request-id
0967c0a42700002c56c1929000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
63ec9d4d0ee72c56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.lotterypost.com/
date
Mon, 12 Apr 2021 12:56:23 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
225
x-xss-protection
0
x-frame-options
SAMEORIGIN
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 08:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101729
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 08:40:55 GMT
asp
lp.vg/js/fs01218.3/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/fs01218.3/asp
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1027062
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24905
cf-request-id
0967c0a4eb0000d6b1192e5000000001
last-modified
Tue, 12 Jan 2021 20:27:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tBriiI%2BTlZzkE0%2Bl7NmXIRYlnxgRA3hK5J5zNYb1K4D2hH%2Bzgf%2FElRzYVfMJBD%2BQ4snv2L8GM4Sh386Fpuh99JD%2ByeX%2FeKTWVpgJsCS0dxm3Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000,no-transform
accept-ranges
bytes
cf-ray
63ec9d4e4998d6b1-FRA
expires
Thu, 31 Mar 2022 15:38:42 GMT
css
fonts.googleapis.com/ 		3 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:400,700
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:07:58 GMT
server
ESF
date
Mon, 12 Apr 2021 12:56:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Apr 2021 12:56:24 GMT
asp,asp-main.css,news.css
lp.vg/css/fs01218.3/ 		63 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4b60f85a4346bdff1e8c38698690a43d7daacf46be720dea7e1e820403e4a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1027062
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13965
cf-request-id
0967c0a4ea0000d6b139284000000001
last-modified
Fri, 18 Dec 2020 16:35:03 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=B%2FBs3TJoQsG%2FSn6WrkDcPR0BtRgbfftoIPIeK2Jhny01Vyno8%2FNkhHplPJxMtQmsl5MuUNICyO6aYgrvAcrC3oPYipngGi%2FvSxcdBBFhvOFEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31532984,no-transform
accept-ranges
bytes
cf-ray
63ec9d4e4996d6b1-FRA
expires
Thu, 31 Mar 2022 14:48:27 GMT
gpt.js
www.googletagservices.com/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dda790d718cfbbc7114c59ba3c53cca231ffa27e2feaf7d4be67ef29df802303
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"840 / 475 of 1000 / last-modified: 1618225763"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20458
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GYObFiYQFsAPpwZjonnhqGiTvSP1inUf
content-encoding
gzip
server
Server
age
53096
etag
9e0e0829d91a39f75ba9ebfdbaf1f5a9
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
date
Sun, 11 Apr 2021 22:11:28 GMT
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
d4MPVs0PHb6QeIRoXl4CvMgbJVJMACQfoenCItyI7HKEXsP4vnAwww==
pb3.21.0.js
lp.vg/js/f1/ 		196 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/js/f1/pb3.21.0.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62878
cf-request-id
0967c0a5030000d6b176969000000001
last-modified
Wed, 03 Jun 2020 14:37:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6ALUtd0CzRHTS%2BKxAoTA5MZIg8MmaL4dvxT4pcXqlGXn2ZFXGmyFcG%2FqZwXOUTdpY2OK3njjwp9FMB5Tmt%2FfudswChN2fTexfDFE1z8gIza9uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31534398,no-transform
accept-ranges
bytes
cf-ray
63ec9d4e69dbd6b1-FRA
expires
Thu, 24 Feb 2022 17:59:32 GMT
gtm.js
www.googletagmanager.com/ 		78 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c14acca468bbd36b1515f0f94c3fcc2a0ef83b5aa0ebe8f56e09d78fa6eada46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31318
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 12 Apr 2021 12:56:24 GMT
lp_logo.png
lp.vg/images/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/lp_logo.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2333714
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
20811
cf-request-id
0967c0a5030000d6b1850e3000000001
last-modified
Tue, 21 Feb 2017 21:49:07 GMT
server
cloudflare
etag
"614390538c8cd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cPWEx3ZFuGIr1hozaVvYU48SxBHgw2StsR0V4Mbko8nNaW9RUHpULR0RwVUlLXJofT01UZbbuGsQBiIF8AIoGuKQdWZ4oQeLOUtQYZ5B9itfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69dcd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
b.gif
www.lotterypost.com/ 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lotterypost.com/b.gif
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:13ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
private,no-transform
strict-transport-security
max-age=15552000
accept-ranges
bytes
cf-ray
63ec9d4e69f22c56-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
0967c0a50400002c5637256000000001
usa-mega-button-2.png
lp.vg/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/usa-mega-button-2.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
353923
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17960
cf-request-id
0967c0a5040000d6b11d8e7000000001
last-modified
Fri, 18 Dec 2020 16:20:19 GMT
server
cloudflare
etag
"ecbb9ad59d5d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V6Q30oHqhvB%2FSm%2BU0p1vbJkbgDC92Of%2BIN0x2wrgxlLa0ysXDED%2BQO8yo5PRf4VVyDJcdr6zOSOd9Sz%2F4agS1%2BAgtinOvw2t2g6FP%2B6dV%2Bccog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69ded6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
LotteryPlaces_140x375.jpg
lp.vg/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/LotteryPlaces_140x375.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19025
cf-request-id
0967c0a5040000d6b1602e0000000001
last-modified
Tue, 21 Aug 2018 20:38:45 GMT
server
cloudflare
etag
"4f827df48e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hXhxV%2BEzwDaNqRxRWnRQOLmlDh55icFTDSQaafPp7CZqifnFO8od3Io7IVy3NYI8bCVkKVsNNFKLMdWmLlxRyYpfvsh4SCuDmfX8exiIKM3Raw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69dfd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
Results2012-US-FrontCover-57x72.jpg
lp.vg/images/amazon/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/amazon/Results2012-US-FrontCover-57x72.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1818
cf-request-id
0967c0a5040000d6b1228cc000000001
last-modified
Tue, 21 Aug 2018 20:35:02 GMT
server
cloudflare
etag
"1f7ea56f8e39d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FWmUgWi9TPUBF7via0Mt2CQpqTn%2BDD8Kx6cjEhu9GPSPk%2BtDcqZ0qFeva8K4axiO1eb6Q0dQBdxyOzEbkDBqN8yjc%2Fnu1EAJLaTP2H5Wub4RZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69e2d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook-share.png
lp.vg/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/facebook-share.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3387
cf-request-id
0967c0a5050000d6b1541a9000000001
last-modified
Tue, 25 Sep 2018 17:12:37 GMT
server
cloudflare
etag
"fae128f5f254d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hTTVcXTXNyz5eG9DI7ZRyiAj%2FAP30L8eIDhGPEh1fZnglhr278osx8aKhytvZo%2FsHVvQs6ebs4J5RWPCkzMaK1FBhhegdeWKcPRIDRZgInEPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69e5d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_walottery.jpg
lp.vg/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_walottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccdc57deac17eacca1bdc9d551d7bf10f71201f913a7f8490f13abf9db868e4d

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
227041
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12179
cf-request-id
0967c0a5050000d6b147329000000001
last-modified
Tue, 21 Aug 2018 21:01:51 GMT
server
cloudflare
etag
"fb9fc92e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wLEh%2FnNuw4fNH7OFN6%2FJr39qVlZLfClQjpym06wNX%2BDXXpatU82VY5dZriHOFyStxsro0jf5XWEVqEu2ZVV2o%2Bd0MU3QiZql90cBfgvfvasbdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69e7d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_cash4life.jpg
lp.vg/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_cash4life.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de828d5cdce40f1fabe8672316f12ea3de0d6f618bbdd8244f8019dd63d7ed51

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
330660
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12938
cf-request-id
0967c0a5050000d6b139286000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"f4a4e52c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2QrTvLcNoBXobHUA5F%2Blr3laoMPtIqLo7mepjDS1Bu9sXdivyrOD765q1BCUnjmtDbpDfNFER15msbJ0QKGM7q28wTTQICZy5d%2F07IuTi4zBaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69e9d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_palottery.jpg
lp.vg/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_palottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad80b11133fcbc6748279b2beec8a18706385d860699b9370eeb14eb65cc9ef4

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
353923
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11292
cf-request-id
0967c0a5050000d6b16c99b000000001
last-modified
Tue, 21 Aug 2018 21:01:50 GMT
server
cloudflare
etag
"347f462e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Em4bjygdhfgm4ihScp8vDte9k7WIdtBvvbVQpIikoQWKFL5esT7OtAW0XblA%2FYc17YD4k9EB9nyg8EPTHpp7%2FeAD5eRSObm%2FTaop9gyV5DCdtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69ebd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_fllottery.jpg
lp.vg/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_fllottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a569c37ba5146a48b1587d68580dc93c1b7389b0d2c60d6e4538859b9be67554

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
353923
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13481
cf-request-id
0967c0a5050000d6b1201c5000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"66181a2d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2tBmkVMlg5OUm60408cXnASTB1jDGjoOvsKFWZ%2BwH9X6bzCCIKUoDIKid%2FhP4DKoyrdttnrRePIgIK96SPzpjiHBZJdb1VWpwYPQIBkHHWbNTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69edd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_nclottery.jpg
lp.vg/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_nclottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8e7869273f2cc1db168a0e59146a82bd84f224a151d0b476c58c00452a08f3b

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
580107
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18421
cf-request-id
0967c0a5060000d6b15825b000000001
last-modified
Thu, 30 May 2019 20:30:41 GMT
server
cloudflare
etag
"13f6c48c2617d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAXwbBLLQ2%2BHRqM%2BOs%2ByFyGoz7vbE5OmjZQbKPIqRNiYVcAqjzjDnRxp%2F20i8pEmiixgeXUkZPR7EPUA%2FGPy8XBAL8RBo%2FniYJc8qxyp14f14g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e69efd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_calottomax.jpg
lp.vg/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_calottomax.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9386932ceb55b9f7241f1a9fb46c6d0d937deb19497ef389fcbadebd1a544d3

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
593863
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14678
cf-request-id
0967c0a5060000d6b14e8e2000000001
last-modified
Tue, 21 Aug 2018 21:01:47 GMT
server
cloudflare
etag
"4456b82c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=53XgNx6qG2N1DUV4w6wZG1j%2BAl%2FTg1Au6QmQGMqKsDAA7B8P7ZGWOTYKFxcZsvLUeBV7lSCtCOQoYCTmxbp%2FXEG3q0qwP282SaOmFH8cOUHBWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79f1d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_ialottery.jpg
lp.vg/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_ialottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1017674
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14138
cf-request-id
0967c0a5060000d6b1810e5000000001
last-modified
Tue, 21 Aug 2018 21:01:48 GMT
server
cloudflare
etag
"46b6362d9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F9SCr5yKZ4EC5vXez29F4wd%2B38h1QmPR8H7Ic%2F0MfSNMDIYTPK01t4TvDEbdSdhFeWmBbMQ0koQqPYr%2B8J87l%2BBGZYfFNCnxPNpgVBPI%2Bi5Hlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79f4d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_nelottery.jpg
lp.vg/images/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_nelottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
742783d2a17bf065551d7cfb7f72f59f5f0b61b984d5d814755743da269d81a9

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
596868
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17449
cf-request-id
0967c0a5070000d6b149902000000001
last-modified
Tue, 21 Aug 2018 21:01:50 GMT
server
cloudflare
etag
"7e11122e9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GVcPivufgmFDt82xrG1%2F9MxqrhRlCkQ9pCSQbkGK09gBaobBAdtWWJRhd7pV2mlZaqjXdX9KaFjEhlr7gLIDTh3H1AN2lakr2AOPIX%2FtqCBGFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79f5d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_afterbigwin.jpg
lp.vg/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_afterbigwin.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a741b7eeca965be3da88d329b8e596520921ec36af00b6ca24378450d200665

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
593863
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13835
cf-request-id
0967c0a5090000d6b118970000000001
last-modified
Tue, 21 Aug 2018 21:01:47 GMT
server
cloudflare
etag
"aff3b52c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=atyb9lGGIt3zvnAVGWTl4dcvKlyT%2BSS3H5VwxmOgJrbeySTEKGHwzFPPsuCRkXGQ4xxlN2RioP5LmaZr5QpX2%2FUjv6xbTWMMmRrclA6Ea2xIIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79f8d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
newsicon_arlottery.jpg
lp.vg/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/newsicon_arlottery.jpg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9babaa44ba60f6f57abf8e221d2ed6fc270dc09cf49da22a936748aa313e5c8

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2316586
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15032
cf-request-id
0967c0a5070000d6b14c049000000001
last-modified
Tue, 21 Aug 2018 21:01:47 GMT
server
cloudflare
etag
"4456b82c9239d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xiERaGZ1ShvjSO2R779Ki1kGlrxc3jQtQO0rwPIvbK6IDBzC0qPGZ%2BEe7dYh7amwCNDf%2BrsYO%2FZERA%2FTVSK%2B3%2FjL32pcP7agvjMRxJLTR34o%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79fad6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48426
x-xss-protection
0
server
cafe
etag
9073347465432709909
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 12:56:24 GMT
advert.js
lp.vg/script/ 		70 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/script/advert.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a4fb0000d6b1381b0000000001
last-modified
Tue, 11 Feb 2020 14:29:00 GMT
server
cloudflare
etag
W/"6714389ae7e0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sxkWByO3cjtwQ8yVxazTy06zI6fhb5qBk40QGv21DezB4TdhdGrVJQZWYjfetySZLnsa4s1z1BEQXZ7xpoMM2yNMFM5yPwCa%2FIeysgIcNathhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e59c8d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cf-ray
63ec9d4e8bb00601-FRA
cf-request-id
0967c0a5180000060119a4b000000001
bgbody1.jpg
lp.vg/images/theme/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bgbody1.jpg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2922
cf-request-id
0967c0a5080000d6b15d96d000000001
last-modified
Thu, 11 Oct 2012 12:17:36 GMT
server
cloudflare
etag
"e828f165aaa7cd1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bsLqHFnLk8%2Fw%2F0Abj5JHkNf2BYen%2BHVZQo7BI6QiN4vZJq4lcgDJzMjkK3BHoEV4Mh0YXi8mLZYeB5F0mwPa14oGsz0CZH8u1mxifCGLd4%2B6rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e79fdd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		51 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
gold-star.svg
lp.vg/images/svg/ 		1 KB
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/gold-star.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a5080000d6b1192e8000000001
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"33c4be19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mxrW0F8%2FBMVAAZDF11PzHAiuociMWYrIK7RTWJR6%2B22fSmESNuIDYPIgBYA0VoJwurrr7lbk3hh8FAGAKUhSQZxb4pAJtngZXVVYPyb%2FSMWhRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e79ffd6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
books.svg
lp.vg/images/svg/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/books.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2398994
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a50d0000d6b186a28000000001
last-modified
Tue, 24 Jul 2018 20:57:05 GMT
server
cloudflare
etag
W/"ba6cb7e09023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m%2FIoFbpiyeuPsjG%2FMSn6S%2FEdaEiuWUlIo0T3yDnaEU72FwSe8Qlqjq6wOg%2B3gO9A%2B2gb%2Bq7m48rbqOT9dRkT37W0tt22ftlzFksBygIaEmoMdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e7a04d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
icon-gift-gold-64.png
lp.vg/images/theme/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/icon-gift-gold-64.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6609
cf-request-id
0967c0a5090000d6b180011000000001
last-modified
Mon, 23 Jul 2018 18:37:22 GMT
server
cloudflare
etag
"b5abe231b422d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gfQFYTFNPeyMECeMvlJg1auCezzsq1VsA0FsrTDPrVoROThzE%2BenENrUBeaowqaPbq88zzMW7mXrS2ji5JjuGFnfyFq7%2BDHbTlDkQnUEvydixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4e7a05d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
facebook.svg
lp.vg/images/svg/ 		332 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/facebook.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2398994
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a5090000d6b11d8e8000000001
last-modified
Tue, 24 Jul 2018 20:57:06 GMT
server
cloudflare
etag
W/"d37a27e19023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LoOi7NAw4Qslmey0XA9UUJ1g5V9wYOmEgpXoju3SYQUd1Zs1SugXjFi3w0MMdLCLRYo7mv40yjfbFY4i%2BSodkmog6RzaNsSwHEjieIRysidaAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e7a07d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
twitter.svg
lp.vg/images/svg/ 		370 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/twitter.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
380575
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a50a0000d6b1541aa000000001
last-modified
Tue, 24 Jul 2018 20:57:07 GMT
server
cloudflare
etag
W/"eee315e29023d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5CvddOdT3ESXnvVN8J1L2ZGnrKgARQQB5LKxksh6qEJgMx2yaoctXcicxfH3sPIQ4PLHA0MhjTbyvIDsTPOg0fhbrToRTeyb5b7xf2qIuhfI8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e7a08d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
youtube.svg
lp.vg/images/svg/ 		358 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/youtube.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a50a0000d6b139287000000001
last-modified
Sun, 28 Jul 2019 22:19:01 GMT
server
cloudflare
etag
W/"174bb1759245d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SlotDJqzOizbWXfbUvvBsnGaVmy0kQwxbFDWEf6io1EaPja5Z1frce2wVypIydzP3vIHTty79DQh6k6079dROlQCUU2ATFMgZjQTyYtFLMQDhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4e7a09d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		46 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
amazon-logo.svg
lp.vg/images/svg/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/svg/amazon-logo.svg
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0967c0a5490000d6b118977000000001
last-modified
Sun, 17 Nov 2019 17:10:11 GMT
server
cloudflare
etag
W/"341238df699dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bZ8Qf0Kg5CwPAXwkmjq7a0OkTWD5fPKzYsMFzp6QqCc99bzt3DTOXcq5Du5fHoqQo13fZnXiYzGh7n5OAqWu4UFDrK4l9%2Bdm3BlBiXCZglG%2BQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cf-ray
63ec9d4edab2d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
sprite-24-1.png
lp.vg/images/theme/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-24-1.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
138480
cf-request-id
0967c0a54a0000d6b12f2e6000000001
last-modified
Sun, 06 Apr 2014 16:33:55 GMT
server
cloudflare
etag
"f04f9b0b651cf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tyj4FH84M6CkGJv9rUxUygjdfi%2FJszVyFiTAzC5TgPeDzU%2B8G3e1rq4xTfrHdlNtGU%2FlJY6X%2BOG0o4o1PyvTgRYrE8DikPCQfGUL7LGveqEZ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4edab5d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
truncated
/ 		140 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubads_impl_2021040803.js
securepubads.g.doubleclick.net/gpt/ 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
sffe /
Resource Hash
a6715a1b3fd94615665a68bb9058e4ab11d027c6772f3624c44b20b155041897
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 18:45:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105914
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
bid
ap.lijit.com/rtb/ 		94 B
762 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.21.0
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
594132c8aeb9a2aba1dfc389a5332f37165e0385d2ffa5b6d8571450146a82f4

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.lotterypost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		610 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ea4cdbf722852b6ebcb92313dae072c3aec13998069ef2586f2b2127b672b93f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.49:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4971b9f5-36d6-4cbe-a778-4932328006ee
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
c.deployads.com/openrtb2/ 		415 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.deployads.com/openrtb2/auction?src=prebid_prebid_3.21.0&host=www.lotterypost.com
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.12.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-12-55.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
75ede65b09ac196031a7e9e5322dfbf550fb1d272dc16cada29e500a9363967f

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:24 GMT
server
SortableCactus/1.0
content-type
application/json
access-control-allow-origin
https://www.lotterypost.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
415
expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		25 B
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=341167&v=7.2&r=%7B%22id%22%3A%2219e314fcf0b396b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2220142014d984246%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341167%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221189fe5df56ecd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341166%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222232ab787c291e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2223e013f3944ef64%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341164%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22242ec34bf8f752e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22341162%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.lotterypost.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a801dabc4f18c46c8fb68fdfb0c23c47651d7aebca53476c844fe61675e26755

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://www.lotterypost.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
45
Expires
Mon, 12 Apr 2021 12:56:24 GMT
truncated
/ 		235 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid
prebid.media.net/rtb/ 		330 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.68.31 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-68-31.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
14dd45aeb578e1ec55a48300634904c222288bc7e705aca5e41728146e870e19

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:24 GMT
server
nginx
content-type
application/json;charset=ISO-8859-1
access-control-allow-origin
https://www.lotterypost.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
330
expires
Mon, 12 Apr 2021 12:56:24 GMT
translator
hbopenbid.pubmatic.com/ 		12 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7199508816b548b87c077c78c00e0744a412151b1281f4bee7c47850e311f75a

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.lotterypost.com
date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-openrtb-version
2.3
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/ 		219 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83926
x-xss-protection
0
server
cafe
etag
9615343531509228114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 12 Apr 2021 12:56:24 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/ Frame 00D0 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210406/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210406/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 11 Apr 2021 14:06:23 GMT
expires
Sun, 25 Apr 2021 14:06:23 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
82201
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dc.js
stats.g.doubleclick.net/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-D86W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
2788
date
Mon, 12 Apr 2021 12:09:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Mon, 12 Apr 2021 14:09:56 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 19 Apr 2021 12:56:24 GMT
atrk.js
certify-js.alexametrics.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.210.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-210-10.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 31 Mar 2021 18:06:02 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 31 Mar 2021 18:01:58 GMT
Server
AmazonS3
Age
1018223
ETag
W/"22e062f70826be118ae2cae04b9fa227"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 93a0d7f8920098ec4cffab828f70f5cd.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
HAM50-C2
X-Amz-Cf-Id
jktX_p1Be6JqbacUU0BI65XruRXwDZ8KKjc_gfsFeVUASNXLUGKaqQ==
bg-footerContent-2x.png
lp.vg/images/theme/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/bg-footerContent-2x.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
19054
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30167
cf-request-id
0967c0a5d30000d6b17d35b000000001
last-modified
Thu, 19 Jul 2018 18:33:19 GMT
server
cloudflare
etag
"7355ef78e1fd41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iCJWYETOREa3BQlOxAtAV9ynKP%2FSU3EkaigZk0hSU6S6Dn2sYf5lnqst4TnymzeVeomZSdKXzUEj9BpRF6Fh2LDZbsJYx%2FS18fzHpPxy0Sk0aw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4fbbf0d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
SessionCount.aspx
lp.vg/services/ 		46 B
527 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.vg/services/SessionCount.aspx?callback=jQuery22408941545404483708_1618232184300&_=1618232184301
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d18998f6c055a67047d364615bff2e4fe9ba7c80fed78c5654394cbe3123623

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
cf-request-id
0967c0a5f90000d6b1192f6000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4Tu2P27t8IkKE0%2F5RhX5K17mb9S5ivLmRi29ey1YV3svMdooBjDT9et8qjDLpCbolr7%2B%2BbQjUAcYypOSC9nhqtjKH9j6Q3x49K2PM7Ob89DtAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store,no-transform
cf-ray
63ec9d4ffc39d6b1-FRA
expires
-1
sprite-16-2.png
lp.vg/images/theme/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.vg/images/theme/sprite-16-2.png
Requested by
Host: lp.vg
URL: https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:c203 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046

Request headers

Referer
https://lp.vg/css/fs01218.3/asp,asp-main.css,news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4041009
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76265
cf-request-id
0967c0a5fe0000d6b16c9aa000000001
last-modified
Tue, 13 May 2014 19:03:09 GMT
server
cloudflare
etag
"e0132fbdd6ecf1:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2FB2bUgrjuB0hn91ohu4gqv2wIwY3sMGptBUGAXRNFpo%2FhJFU3A%2F7gg9A9vCXPeEV4rZPbY5xKVeqVSLcKmds2iVg8P1i0EVsuzgfLhv73DRaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
cf-ray
63ec9d4ffc46d6b1-FRA
expires
Sun, 21 Aug 2033 05:00:00 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:31:19 GMT
server
sffe
age
96766
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24064
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		154 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.lotterypost.com%2F&pid=EvgINM3WGRQ9B&cb=0&ws=1600x1200&v=7.61.00&t=900&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_728x90%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_468x60%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Primary%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_300x250_Secondary%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22120x600%22%5D%2C%22sn%22%3A%22%2F13070090%2FLP_120x600%22%7D%5D&cfgv=0&pubid=c6915d94-7b34-4363-b9a6-c45dfdb5e581&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
Server /
Resource Hash
8427fdcd03caf31d3e253489414314bb1637d2f715b412d313b1dfeb07dc210b

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
HAM50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
149
via
1.1 a69bfd4d39a9b992855d914318a2c367.cloudfront.net (CloudFront)
x-amz-cf-id
sQyBpxpm5yup6omz8JdvNkKfKdDdGxCOAUx8Ms1aEKS6iAE78-Ij0g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-122.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
25279
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
date
Mon, 12 Apr 2021 05:55:06 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ce9a2abd25eed1f472711c23f8a0adaf.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
HAM50-C1
x-amz-cf-id
wVwx2QKzO-EhAxTFkuXz6PMayZcUprYkQHiKuszYUf-j6mtIV8xuSQ==
rules-p-7alUP9zu-TfBA.js
rules.quantcount.com/ 		3 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-7alUP9zu-TfBA.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2093:6a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 06:41:27 GMT
via
1.1 918126cde448a82c2757fd37058ea3ec.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:09:04 GMT
server
AmazonS3
age
22498
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
eRjnsOdgp-_dzVvEWpJpMSNfQ9JKb_5L54PkunHUTXkpr8XQcUmfYA==
__utm.gif
stats.g.doubleclick.net/r/ 		35 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1447020302&utmhn=www.lotterypost.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Lottery%20Post&utmhid=1915140284&utmr=-&utmp=%2F&utmht=1618232184475&utmac=UA-7096458-1&utmgtm=2wg3v0D86W&utmcc=__utma%3D130209170.653130120.1618232184.1618232184.1618232184.1%3B%2B__utmz%3D130209170.1618232184.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=591543274&utmredir=3&utmu=qAAgAAAAAAAAAAAAAgAAAAAE~
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 12 Apr 2021 12:56:24 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		205 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.lotterypost.com&callback=_gfp_s_&client=ca-pub-3077964989149008
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
8a3045b0c79683745d41fee8c2998f69a4126a33509213102a656310b0f0b5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
195
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B92B 		104 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7bc9c2387363584ea2fae779b2ff56c8c2a670e1a6cb10e2faebb65730da921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 12 Apr 2021 12:56:24 GMT
server
cafe
content-length
24803
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 13:11:24 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 12:56:24 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988871915048"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28262
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F475 		0
549 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618232184&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618232184314&bpp=4&bdt=304&idt=226&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=4214141447001&frm=20&pv=1&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=235
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3077964989149008&output=html&adk=1812271804&adf=3025194257&lmt=1618232184&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.lotterypost.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1618232184314&bpp=4&bdt=304&idt=226&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=804x482&nras=1&correlator=4214141447001&frm=20&pv=1&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&dtd=235
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 12 Apr 2021 12:56:24 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 12-Apr-2021 13:11:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 12 Apr 2021 12:56:24 GMT
cache-control
private
atrk.gif
certify.alexametrics.com/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Lottery%20Post&time=1618232184552&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.lotterypost.com%2F&random_number=45971424&sess_cookie=70c4f50e178c6278ee70aa09c76&sess_cookie_flag=1&user_cookie=70c4f50e178c6278ee70aa09c76&user_cookie_flag=1&dynamic=true&domain=lotterypost.com&account=6BUjg1asOv00UI&jsv=20130128&user_lang=en-US
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-21.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 03:07:25 GMT
Via
1.1 7f3d82c6ba482f74d3d5c3921ce57cbe.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
35339
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
HAM50-C3
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
pQ5q9WlyTvKAaFBCnOAqNZek70n4QL48N7H63F2GB2mWKDdtjins7Q==
pixel;r=724218826;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-110787676-1618232184558;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=lotterypos...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=724218826;rf=0;a=p-7alUP9zu-TfBA;url=https%3A%2F%2Fwww.lotterypost.com%2F;uht=2;fpan=1;fpa=P0-110787676-1618232184558;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=lotterypost.com;je=0;sr=1600x1200x24;dst=1;et=1618232184558;tzo=-120;ogl=image.https%3A%2F%2Flp%252Evg%2Fimages%2Flp_icon_310%252Epng%2Cimage%3Awidth.310%2Cimage%3Aheight.310%2Cimage%3Aalt.Lottery%20Post
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.lotterypost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		365 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=621170150751874&correlator=237146245132617&output=ldjh&impl=fifs&eid=31060550%2C31060698%2C31060768%2C31060506%2C44739387&vrg=2021040803&ptt=17&sc=1&sfv=1-0-38&ecs=20210412&iu_parts=13070090%2CLP_728x90%2CLP_468x60%2CLP_300x250_Primary%2CLP_300x250_Secondary%2CLP_120x600&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=728x90%2C468x60%2C300x250%2C300x250%2C120x600&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.05%26hb_adid_pubmatic%3D39cdda55631f993%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D39cdda55631f993%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D300x250%26hb_pb_pubmatic%3D0.04%26hb_adid_pubmatic%3D40febafe7bd9656%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D40febafe7bd9656%26hb_bidder%3Dpubmatic%7Camznbid%3D2%26amznp%3D2%26hb_format_pubmatic%3Dbanner%26hb_source_pubmatic%3Dclient%26hb_size_pubmatic%3D120x600%26hb_pb_pubmatic%3D0.08%26hb_adid_pubmatic%3D416e0e36badd085%26hb_bidder_pubmatic%3Dpubmatic%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D120x600%26hb_pb%3D0.08%26hb_adid%3D416e0e36badd085%26hb_bidder%3Dpubmatic&eri=5&cust_params=Device%3DComputer%26Content%3DAll%26Category%3DHome&cookie=ID%3D106d80fa62613b33-22d6655f10bb0022%3AT%3D1618232184%3ART%3D1618232184%3AS%3DALNI_MYhT6kDzzvaakRMO5uvTZ195StfGQ&bc=31&abxe=1&dt=1618232184627&dlt=1618232184010&idt=503&frm=20&biw=1600&bih=1200&oid=3&adxs=712%2C496%2C1140%2C1140%2C178&adys=10%2C513%2C194%2C1235%2C1271&adks=167273885%2C4006668155%2C1304712773%2C2713855732%2C267450723&ucis=1%7C2%7C3%7C4%7C5&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.lotterypost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1300x0%7C804x3445%7C300x3582%7C300x3582%7C157x1953&msz=728x-1%7C468x-1%7C300x-1%7C300x-1%7C120x-1&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=true&fws=4%2C0%2C0%2C0%2C0&ohw=728%2C0%2C0%2C0%2C0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
32609b955385fb820a5f497af8cc923e22cff9a2d80fdbc32fdf67bd23102465
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56259
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-1,4874127778
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-1,138252142423
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.lotterypost.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 017F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
276 B
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
f2acb2374951e367cf15bb66f2b755d2094272d0209492dfefe7be5912f30355

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Server
Server
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
219
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 12:56:24 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 12:56:24 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Set-Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 12:56:24 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
5047a780e86c651cc655784a21f174f3.js
www.gstatic.com/mysidia/ Frame B92B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5047a780e86c651cc655784a21f174f3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96721b3521658a010d655ca6f373cf6b8ccee5106d38a49a7175911e3b038971
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 11:06:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 08:45:50 GMT
server
sffe
age
352175
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2782
x-xss-protection
0
expires
Wed, 07 Jul 2021 11:06:49 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame B92B 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
214
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:52:50 GMT
2bb9b10fe84bd5dd973ef04ab56c6129.js
www.gstatic.com/mysidia/ Frame B92B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2bb9b10fe84bd5dd973ef04ab56c6129.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e61cd2e450088ffd9a39878e7d61e4fb2c2d7de5573d18e2532b8c78f4d237a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 07:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Apr 2021 08:45:50 GMT
server
sffe
age
364308
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7308
x-xss-protection
0
expires
Wed, 07 Jul 2021 07:44:36 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame B92B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:49:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame B92B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:55:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B92B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame B92B 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:55:58 GMT
14840365233170881944
tpc.googlesyndication.com/icore_images/ Frame B92B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/14840365233170881944
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1745a1401c5d91a731889be5f0ccb87d6f7bf36743c29d9c97f3aa6413a7fec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 19:05:09 GMT
x-content-type-options
nosniff
last-modified
Sat, 18 May 2019 18:40:41 GMT
server
sffe
age
409875
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10258
x-xss-protection
0
expires
Thu, 07 Apr 2022 19:05:09 GMT
5059208718597449788
tpc.googlesyndication.com/icore_images/ Frame B92B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/5059208718597449788
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eccf9951cc23d07adce0ad71d8887be2b911b6e6aa3f609f5a0f0a6187cdd9fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 06:41:42 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 03:35:25 GMT
server
sffe
age
368082
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15905
x-xss-protection
0
expires
Fri, 08 Apr 2022 06:41:42 GMT
9760572908892644379
tpc.googlesyndication.com/icore_images/ Frame B92B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/9760572908892644379
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a5425467472328a9743b7d4a74de926d54793cf0f9f29c5f72d41d7a1a2c05f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 23:19:22 GMT
x-content-type-options
nosniff
last-modified
Fri, 17 May 2019 09:46:01 GMT
server
sffe
age
221822
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15049
x-xss-protection
0
expires
Sat, 09 Apr 2022 23:19:22 GMT
7319650013042649503
tpc.googlesyndication.com/icore_images/ Frame B92B 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/7319650013042649503
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e1cdcefa067d30eb2cc1e5e0e54c2a1ffcfff2bc752a191d3e7fb0dee11757f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 08:58:53 GMT
x-content-type-options
nosniff
last-modified
Fri, 06 Nov 2020 01:15:01 GMT
server
sffe
age
446251
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16567
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:58:53 GMT
6380814753046758231
tpc.googlesyndication.com/icore_images/ Frame B92B 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/6380814753046758231
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f49691475663af0b6f95af60cec34547603722738c384ce1e67928ba86280c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 10:32:20 GMT
x-content-type-options
nosniff
last-modified
Tue, 06 Mar 2018 17:53:58 GMT
server
sffe
age
354244
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11620
x-xss-protection
0
expires
Fri, 08 Apr 2022 10:32:20 GMT
1058557538277283004
tpc.googlesyndication.com/icore_images/ Frame B92B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/1058557538277283004
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fdb45a10bf7c1166b720a9ff59b04a74f8e62485eb52d6497a581fa091f27ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:11:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 16:50:32 GMT
server
sffe
age
297875
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10569
x-xss-protection
0
expires
Sat, 09 Apr 2022 02:11:49 GMT
15541906269173824226
tpc.googlesyndication.com/icore_images/ Frame B92B 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/15541906269173824226
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb9a3b10eaa36ceb09d51309f6383ba666ceb9c2d4f95c4526cf6bf6e1325838
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 21:42:50 GMT
x-content-type-options
nosniff
last-modified
Fri, 11 May 2018 04:25:06 GMT
server
sffe
age
227614
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8222
x-xss-protection
0
expires
Sat, 09 Apr 2022 21:42:50 GMT
1463326319990512901
tpc.googlesyndication.com/icore_images/ Frame B92B 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/icore_images/1463326319990512901
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
122bd6a65c5786328726fd9a4051b6aef4aaf4cd3349ff60decae0f9262ff367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 08:58:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 16 May 2019 17:35:24 GMT
server
sffe
age
446251
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15194
x-xss-protection
0
expires
Thu, 07 Apr 2022 08:58:53 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CeMx-eEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQASCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTN0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=GZQd1W7tYPg&tpd=AGWhJmucNf4A_s3yBuAe0b2nvWMPOD2-oxQndJDH_t9PPHLEIg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CKlxkeEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQAiCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTO0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=2bhovIVbANs&tpd=AGWhJmvELi0eLtvQM_FVf1Euz4efoKPWBeeS1bHO6jVi4n4SUQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNcl5eEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQAyCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTP0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=HOD2KzwzpsA&tpd=AGWhJmuv7Jl0MJ5Ifo7l77CliM8yyXnquUFIdzEVBOVc-7Mdng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CT0nBeEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQBCCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTI0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=VTUM_31KD0c&tpd=AGWhJmumzU-wcZg4DCMbn4wBzf5pYh5lKKgkK_qBi08K-eohwg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJqcmeEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQBSCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTJ0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=I1h8Vr54uHQ&tpd=AGWhJmsrDdbP54ThDm_s5LA3bKv6NtSJ9qfe1wlsizmybGDoyw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C88PheEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQBiCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTK0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=Ccpa4l6lFss&tpd=AGWhJmsIt0-MxiVK-9N3RVH-jaUmI-PXwYprsZK1-VLIO8Gx-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CR1RieEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQByCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTL0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=FAFiS9XSHFg&tpd=AGWhJmtI7lZPtS2S37RPL713m5kNWzS5Att3vhcyBs99KTE9Hw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B92B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CsZGfeEN0YOTLIcrm3wPCo4_4D6XVnbEFjdzCup8Cpp6tjWsQCCCSivACKAhglQLIAQGoAwHIA8EEqgSNAU_QVzTE0EnARKy2U2sanO88vg9CWBLv1KfUNhmmUtMzyjRFPRB82zIS0zE6kNJdVdw5RXlFSKJWvT37DYKVmE5tKD4yE-RWgHZW-UU1jDToup9RhyTO7R1tnRig9sUUUrmefeqBntrzk8fAqjEbwHH24lTu5dr_yXSCrUGo-ZoL0-VHR1YliV81nJ9swcAEpcDLijSSBQQIGhgEoAZFwAYLgAfl9-I1qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB0ggJCIDhgBAQARgfgAoByAsBshcaChgIABIUcHViLTMwNzc5NjQ5ODkxNDkwMDg&sigh=CvCoC7kN9KA&tpd=AGWhJmtYKR_3CfknH_uAM8LPNZMUXNjwRgKUf8JSq2Adg0vjeg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 12 Apr 2021 12:56:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:24 GMT
truncated
/ Frame B92B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e39f9aaeb9ec5a53693d2094e44d28a506ad2a898df37c033231bc890561191

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame D412 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3077964989149008&output=html&h=482&slotname=1259526199&adk=1114796121&adf=2104700100&pi=t.ma~as.1259526199&w=804&cr_col=4&cr_row=2&fwrn=2&lmt=1618232184&rafmt=9&psa=0&format=804x482&url=https%3A%2F%2Fwww.lotterypost.com%2F&flash=0&crui=image_stacked&fwr=0&wgl=1&dt=1618232184246&bpp=13&bdt=236&idt=237&shv=r20210406&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4214141447001&frm=20&pv=2&ga_vid=653130120.1618232184&ga_sid=1618232184&ga_hid=1915140284&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=328&ady=3157&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44740079%2C44739387&oid=3&pvsid=621170150751874&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=F7btiZRpAo&p=https%3A//www.lotterypost.com&dtd=256
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
180670
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sun, 10 Apr 2022 10:45:14 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 008E 		2 KB
1019 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cae004fd87635b5789754bbf163f8e5c61481e67df3a4eeb4277e8dd32e7711a

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&dcc=t

Response headers

Server
Server
Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
658
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 008E
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Faax-eu.amazon-adsystem.com/s%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=628b5dd44b12b3812cf1
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=628b5dd44b12b3812cf1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
DUS51-C1
x-cache
LambdaGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smaato.com&id=628b5dd44b12b3812cf1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
TtGHXfKdleOhiQ2QHsO8J6WO3iekQ_PNl96QidBlTPZqxhOymJseTQ==
um
cs.emxdgt.com/ Frame 008E 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbrealtime.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-length
0
content-type
text/html
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame F9E9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c04a1fb39c293e41f744f906a267f8add09bafe5d405a2fcf572d811e3f14c1b

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHRDeECC8VeumEpecj502AAA; CMPS=5202; CMDD=AAUzMwE*; CMST=YHRDeGB0Q3gB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|45|39|241|176|64|3|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1712
Expires
Mon, 12 Apr 2021 12:56:25 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Connection
keep-alive
Set-Cookie
CMID=YHRDeECC8VeumEpecj502AAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Apr 2022 12:56:25 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 12:56:25 GMT CMPRO=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 12:56:25 GMT CMST=YHRDeGB0Q3kB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 13 Apr 2021 12:56:25 GMT CMRUM3=036074437905a0&406074437905a0&27607443790b40&f16074437905a0&b06074437905a00&2d6074437905a0&e66074437927600&9c6074437905a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Apr 2022 12:56:25 GMT CMDD=AAUzMwE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 13 Apr 2021 12:56:25 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F655 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=87263
Expires
Tue, 13 Apr 2021 13:10:48 GMT
Date
Mon, 12 Apr 2021 12:56:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F12F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UxSS2gN1l2M0DoT999sTPL6yvgP.LmQ-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UxSS2gN1l2M0DoT999sTPL6yvgP.LmQ-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xj0;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 13-Apr-2022 12:56:25 GMT;Secure;SameSite=None A3=d=AQABBHlDdGACEIbjnlkw-HE_6O-qFL4rZc4FEgEBAQGUdWB-YAAAAAAA_SMAAA&S=AQAAAnWQSyq-a5ggxJ86HFHhmIo; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=csp9bnpg78grp&b=3&s=2h; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-UxSS2gN1l2M0DoT999sTPL6yvgP.LmQ-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame FFC0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
f2e28a7b774e9b9b7bff4d90bc5f545c21db75b8fe7db176cbdaac051f8192b2

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=03bf5c6e-1a06-072c-1de1-3aaea8313291|1618232185
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=03bf5c6e-1a06-072c-1de1-3aaea8313291|1618232185; Version=1; Expires=Tue, 12-Apr-2022 12:56:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618232185|gen0vNiygu; Version=1; Expires=Tue, 27-Apr-2021 12:56:25 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 12 Apr 2021 12:56:25 GMT
content-type
text/html
content-length
390
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=03bf5c6e-1a06-072c-1de1-3aaea8313291|1618232185; Version=1; Expires=Tue, 12-Apr-2022 12:56:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Mon, 12 Apr 2021 12:56:25 GMT
content-length
0
via
1.1 google
alt-svc
clear
current
amazon-tam-match.dotomi.com/match/bounce/ Frame F0F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
Cookie set amazon
ap.lijit.com/beacon/ Frame 3108 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-smaato_n-index_pm-db5_n-emx_n-vmg_ox-db5_cnv_sovrn&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
88058b02f2e15c7f1a9a71bf53159ad7f087d3a8990a589caaf45585e6816834

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=514c17553e457f84c634181c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVrIwULIyNDO0NDExNLcw1VEyRuVamKDyTdDkjczBfAsLYzNLC9NaAI0lEEU%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:25 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=514c17553e457f84c634181c;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:25 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 3108 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=514c17553e457f84c634181c&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 3108
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=514c17553e457f84c634181c&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:25 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-16-145.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
merge
ce.lijit.com/ Frame 3108
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=JXZavSd1WrE-flTtIX9AsHZxDLE-d1nsdXRK3L52
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=JXZavSd1WrE-flTtIX9AsHZxDLE-d1nsdXRK3L52
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=JXZavSd1WrE-flTtIX9AsHZxDLE-d1nsdXRK3L52
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
generic
data.adsrvr.org/track/cmf/ Frame 3108 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 3108
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KNELNTOX-F-EGD3&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=KNELNTOX-F-EGD3&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=KNELNTOX-F-EGD3&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
merge
ce.lijit.com/ Frame 3108
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=514c17553e457f84c634181c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
43 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:24 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FFC0 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=88c51f4a-af2b-8321-8739-70d1a425ca8c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FFC0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XX6n6V99p-VGdqm5WXe95A558eVGf6S4DXzFoKMR
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XX6n6V99p-VGdqm5WXe95A558eVGf6S4DXzFoKMR
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=XX6n6V99p-VGdqm5WXe95A558eVGf6S4DXzFoKMR
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FFC0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8689657867462856053
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8689657867462856053
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8689657867462856053
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FFC0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=d0136337-b381-38db-4737-f246cc16016c&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FFC0 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmM3Y2IwZmQtN2FmNi02NjdmLTUyZDctYThmZjA2ZjRjZjBj
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FFC0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4jeI-pbA3Yz_RfnNHo5Lw&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4jeI-pbA3Yz_RfnNHo5Lw&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEB4jeI-pbA3Yz_RfnNHo5Lw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 3DF7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144496
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
usermatchredir
ssum-sec.casalemedia.com/ Frame F9E9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHRDeECC8VeumEpecj502AAABGEAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDdz9IComVc8gSJ_bPHMR5g&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDdz9IComVc8gSJ_bPHMR5g&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDdz9IComVc8gSJ_bPHMR5g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F9E9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHRDeECC8VeumEpecj502AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9HuenWy6F2Lcb5jO1aoBU&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9HuenWy6F2Lcb5jO1aoBU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:25 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN9HuenWy6F2Lcb5jO1aoBU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame F9E9 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YHRDeECC8VeumEpecj502AAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame F9E9 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHRDeECC8VeumEpecj502AAABGEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame F9E9 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:24 GMT
content-length
0
server
a
rum
dsum-sec.casalemedia.com/ Frame F9E9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D64...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&partner_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_i...
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&expiration=1620824185
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&expiration=1620824185
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:26 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:26 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&expiration=1620824185
alt-svc
clear
content-length
0
crum
dsum-sec.casalemedia.com/ Frame F9E9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63376074-4378-4d00-875d-fff11f917e4c
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63376074-4378-4d00-875d-fff11f917e4c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:25 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
MT3 3660 495c301 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=63376074-4378-4d00-875d-fff11f917e4c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:24 GMT
cookiesync
bttrack.com/pixel/ Frame F9E9 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Mon, 12 Apr 2021 12:55:35 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame F9E9 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YHRDeECC8VeumEpecj502AAABGEAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 3DF7 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cac5d0884a87c92b3a9382a084590b7c831bb81cbb9df301e70884b984301965

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usersync.aspx
dis.criteo.com/dis/ Frame 7815 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 12 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1033
x-powered-by
ASP.NET
date
Mon, 12 Apr 2021 12:56:24 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7973
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2051760143228930276
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2051760143228930276
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PUBMDCID=3; KRTBCOOKIE_22=14911-7288845911666229246; KRTBCOOKIE_153=1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr; KRTBCOOKIE_1101=23040-6950254311926593680; KRTBCOOKIE_80=16514-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&22987-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&23025-CAESEJO0Y8aTyPvZXVASlVd0Itk; KRTBCOOKIE_391=22924-8689657867462856053&KRTB&23263-8689657867462856053; SPugT=1618232184; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo; PugT=1618232184; KRTBCOOKIE_377=6810-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&22918-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&23031-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-2051760143228930276; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PugT=1618232184; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:24 GMT; path=/
X-lat
amspug014:0:369
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2051760143228930276
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 603B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFESk1rN0E2SWNBQUNrUHV0SjYwdw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADJMk7A6IcAACkPutJ60w&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=3257380386610997500
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADJMk7A6IcAACkPutJ60w&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D3257380386610997500%26bee_sync_partners%3Dpm%26bee_sync...
  • https://match.prod.bidr.io/cookie-sync?userid=3257380386610997500&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADJMk7A6IcAACkPutJ60w&pid=558502&d...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJMk7A6IcAACkPutJ60w
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJMk7A6IcAACkPutJ60w
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PUBMDCID=3; KRTBCOOKIE_22=14911-7288845911666229246; KRTBCOOKIE_153=1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr; KRTBCOOKIE_1101=23040-6950254311926593680; KRTBCOOKIE_80=16514-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&22987-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&23025-CAESEJO0Y8aTyPvZXVASlVd0Itk; KRTBCOOKIE_391=22924-8689657867462856053&KRTB&23263-8689657867462856053; SPugT=1618232184; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_377=6810-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&22918-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&23031-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10; KRTBCOOKIE_188=3189-771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348; KRTBCOOKIE_336=5844-2051760143228930276; KRTBCOOKIE_57=22776-9067763383897638257; KRTBCOOKIE_218=22978-YHRDeQAAIY74xgA0&KRTB&23194-YHRDeQAAIY74xgA0&KRTB&23209-YHRDeQAAIY74xgA0&KRTB&23244-YHRDeQAAIY74xgA0; PugT=1618232184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AADJMk7A6IcAACkPutJ60w; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:25 GMT; path=/ PugT=1618232185; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:25 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:25 GMT; path=/
X-lat
amspug017:0:410
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADJMk7A6IcAACkPutJ60w
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 93B7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254311926593680
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254311926593680
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PugT=1618232184; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6950254311926593680; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PugT=1618232184; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:24 GMT; path=/
X-lat
amspug003:0:452
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:25 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6950254311926593680; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254311926593680
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 7143
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
42 B
811 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=42503102&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PUBMDCID=3; KRTBCOOKIE_22=14911-7288845911666229246; KRTBCOOKIE_153=1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr; PugT=1618232184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:24 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PugT=1618232184; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:24 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:24 GMT; path=/
X-lat
amspug009:0:761
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 12 Apr 2021 12:56:25 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=YvqTJ3XSWebag57s0mCwWoRo; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
strict-transport-security
max-age=0; includeSubDomains;
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DC0C 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A4BJC3U7G0Mmpa6v7lKREw0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=hDrwxwGKRCC-yo7BDRy50w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=87263
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 13 Apr 2021 13:10:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 3DF7 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63ec9d575fb905ed-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0967c0aa9b000005ed728e9000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 3DF7
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:23 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:23 GMT
frontend-id
10
location
/pubmatic/1/info2?sType=sync&sExtCookieId=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 12 Apr 2021 12:56:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
X-lat
amspug005:0:443
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJO0Y8aTyPvZXVASlVd0Itk&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJO0Y8aTyPvZXVASlVd0Itk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
X-lat
amspug003:0:392
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJO0Y8aTyPvZXVASlVd0Itk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8689657867462856053
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8689657867462856053
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
X-lat
amspug019:0:390
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8689657867462856053
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
X-lat
amspug010:0:320
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
MT3 3660 495c301 master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:63376074-4378-4d00-875d-fff11f917e4c&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9067763383897638257&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9067763383897638257&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:23 GMT
X-lat
amspug004:0:401
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:25 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid
47839d5c-59a6-4592-9eed-b4c724d23b4e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=9067763383897638257&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=cb2758a7-c055-4822-96cf-f8a8ffb229a2&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4d36316-356f-4f51-8d09-a0522c407a7c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4d36316-356f-4f51-8d09-a0522c407a7c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
X-lat
amspug006:0:386
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b4d36316-356f-4f51-8d09-a0522c407a7c&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 12 Apr 2021 12:56:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
843AF0C7-018A-4420-BECA-8EC10D1CB9D3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3DF7 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/843AF0C7-018A-4420-BECA-8EC10D1CB9D3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7C3aVsdE2uVt8_tAm5RN67BHIHMeIC0-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7C3aVsdE2uVt8_tAm5RN67BHIHMeIC0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7C3aVsdE2uVt8_tAm5RN67BHIHMeIC0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
X-lat
amspug017:0:359
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288845911666229246&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288845911666229246&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:23 GMT
X-lat
amspug002:0:293
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7288845911666229246&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDeQAAIY74xgA0&gdpr=0&gdpr_consent=&_test=YHRDeQAAIY74xgA0
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDeQAAIY74xgA0&gdpr=0&gdpr_consent=&_test=YHRDeQAAIY74xgA0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:24 GMT
X-lat
amspug017:0:428
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618232186.004955,VS0,VE0
x-served-by
cache-hhn4081-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDeQAAIY74xgA0&gdpr=0&gdpr_consent=&_test=YHRDeQAAIY74xgA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
X-lat
amspug015:0:362
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:24 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 3DF7
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cee85266-da13-4fa4-af58-32d3bed5ef06&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cee85266-da13-4fa4-af58-32d3bed5ef06&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:25 GMT
X-lat
amspug011:0:391
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:cee85266-da13-4fa4-af58-32d3bed5ef06&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 3DF7 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=843AF0C7-018A-4420-BECA-8EC10D1CB9D3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame 3DF7 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 11 Apr 2021 12:56:25 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame E2EE 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
265832
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E2EE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
81404
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E2EE 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E2EE 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E2EE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
css
fonts.googleapis.com/ Frame E2EE 		3 KB
1016 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 12:38:46 GMT
server
ESF
date
Mon, 12 Apr 2021 12:56:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Apr 2021 12:56:25 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1615352110814522421/ Frame E2EE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1615352110814522421/downsize_200k_v1?w=195&h=102
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1411510e95e01c41d47e9c7b38cf509e8b4fb6993f5d25fdf482bfe829a5253
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:31:21 GMT
x-content-type-options
nosniff
age
267904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5874
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:17:42 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 10:31:21 GMT
truncated
/ Frame E2EE 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame E2EE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62dc2f333880256982ae3ee2dfbe80c8c02ed2f15d05501448668766fd7bd054

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2EE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80371
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2EE 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52760
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
l
www.google.com/ads/measurement/ Frame E2EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRDP43IoPhiJWBdL-bT-3mXzjLZ_gHBFVy2_pcwYoaGbwHGOTi-n4cP1EW7GkZh51Cma14Msm0j8lCRAjrfkVO_HyNTDw
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame E2EE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmGKKeEN0YI2kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCqoEzgFP0Hfi9LZOgXmuJg48mCyeD6wm0XnpMB1Kfd80hdkcLx0mQwmCKs4_5_DTQz71E3L999hQZht-hyqP3DnyVgAhdkgZ9drkYOXZntQi6dRu6K0QNNlcbB2tp5EI-KLCUmcjUXEmxJJ1ADboJlZCLD82tWMNba6j1CWB6CUYrFf4YJAZIn07gtnDy6mtuSqZaM8j4msre8RirGiOTRqxml73dr1c0eQJhwImw95C5Ww0UavyoQ6Jpywmat49P2vOJkXVuh4bH5RaSU1H7h_umcAE47TOwbQD4AQBkgUECAQYAZIFBAgFGASgBi6AB7jp_rECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEK6ECNIIBwiAYRABGB2ACgPICwG4E4gn2BMNiBQDshcaChgIABIUcHViLTExMjEyMjgzNzk4MzcyODk&sigh=v3w6EGCp1G0&template_id=5000&tpd=AGWhJmvMRrfcfmaWsbsVOREYVbiYAhhIWTNjnPzEWrHOVXLZzg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E2EE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:03:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
384803
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:03:02 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame E2EE 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
96767
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame C10F 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
265832
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C10F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
81404
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C10F 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C10F 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame C10F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C10F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80371
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C10F 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52760
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
truncated
/ Frame C10F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0bced1629fa581102649707a82e1aa82d183bce6d393ffd5b8849c0fc95eedb

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
5847671032413157690
tpc.googlesyndication.com/simgad/ Frame C10F 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5847671032413157690?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDHqNjbgAPP_OMueekNWCtCzJBYQ
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:05:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 17:03:22 GMT
server
sffe
age
384661
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42771
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:05:24 GMT
l
www.google.com/ads/measurement/ Frame C10F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRiDlCxW06Fe_AdVldM1f4PUDXpWDwoGHiDmjPDXjnn1XDXBkPsGtlxuq-8Ravoco0Y4eJ9yUo2bUidhXUzW-by7eL6uQ
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C10F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CeMdVeEN0YJCkLcy6lgTxn66IAqftsu9h9rONj6UN3dkeEAEg8q2FHGD1lc6B4ASgAZyv-6gCyAEC4AIAqAMByAMIqgTVAU_QfooNTH-5vIxTz3aGEo2KYzeD1s6aQC4Ujjt-LPPA-n-Wx9S9_Fs5cBx7JskRWQ34BTxLu6dUUoAfb7LAkT1vFzblI6ZyvKORRpqlWqYH70ToR2KPMruNhJ0lltUYSXcUJ1HP_SAIpeu44xjbQ_7pYEq0fx-dLvC-7DV47AVC3rqqxv_gVvg_I9TeYEDHq_oCOhA3121lPWhVx0cuYigGHoeSrv6NYsH3GzCBSVLcunyAparyzyUK6nXSD56WfCR_TA7ffmjXEP6vRNXYMrlVsYOIgsAEufmT5boD4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEOmCBdIIBwiAYRABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMTEyMTIyODM3OTgzNzI4OQ&sigh=iIUlbPK7EMc&tpd=AGWhJmvdufnZ9WbRDnXJVDJ4IlSEccLyjExThvG02QsehZfWMw
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5DAB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 12 Apr 2021 12:56:24 GMT
expires
Tue, 12 Apr 2022 12:56:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame 3408 		190 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
265832
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 09 Apr 2021 11:05:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 11:05:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3408 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
81404
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 14:19:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 14:19:41 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3408 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3408 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ba3fcf2a5e67b5bf76a69b4477a159798475238362271ceddbc3346c2960199
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
24616
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16299
x-xss-protection
0
server
sffe
date
Mon, 12 Apr 2021 06:06:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"efc5cf622831f5b6"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Apr 2022 06:06:09 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3408 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 3408 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
93249
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Sun, 11 Apr 2021 11:02:16 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 11:02:16 GMT
css
fonts.googleapis.com/ Frame 3408 		2 KB
569 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b60fd7a95906e5e8a101afb103d917000eae55f1128bd46a05f00dc948d41bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 11:50:44 GMT
server
ESF
date
Mon, 12 Apr 2021 12:56:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Apr 2021 12:56:25 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3408 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80371
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3408 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52760
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
truncated
/ Frame 3408 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3322f9b8f5459c31671a3be79945a4407891cb50f0e407b191c668c4f5c2b73e

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
brands-city-468x60.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/brands-city-468x60.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f078ff772e2338e70d74747a93948f283e6bc864c2608518169cdd3550ec01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:22:57 GMT
x-content-type-options
nosniff
age
383608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10033
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Apr 2022 02:22:57 GMT
l
www.google.com/ads/measurement/ Frame 3408 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTuWiX_M_Up90y9gUQnUjS0NbadfVz3Gd2DKqN2eDf2HxwZjoaibINYhJXVLY6Z9iWgH8A5hvDWfsuYruSnbO4hcGsRSQ
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 3408 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7AtCeEN0YI6kLcy6lgTxn66IAqXu2PBhjY385PcI2_qsjOoTEAEg8q2FHGD1lc6B4ASgAfuM8_ACyAEJqQJQz-03TuyzPuACAKgDAcgDCKoE1wFP0KK8sXoRiDtjANnpWVgXUyYabmxMD_inxQbw_vg0vUWv7QfsP_seOhG0sniTXN0fkRPUnoIZo-gQb6vVDQLRklo2aiufgkYndg-AhylVkXhDw2TgraammiCblkAivHMjYui5sQ12l5ca5WT9ZFSbSlEcVwcw43Bkz5SCmPLV_34awBGWtYjtYWFzzE_8rCFaqAkpWVcBZujk3nXnEg3ONwrjA4uoc0KR-C6-1D06VPaK84f0bcK6X8Dz2dnNZUMRdjg30bAddMfOi5BLPbyUvQM5U6-3EMAEu4P3upQC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5ij1pcBqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEICNBdIIBwiAYRABGB2ACgPICwHYEw2yFxoKGAgAEhRwdWItMTEyMTIyODM3OTgzNzI4OQ&sigh=TsudM-vxejc&template_id=419&tpd=AGWhJmuaCDnjScMuABWG5VmJ4dh8ONdvAx6i9n0bjoXwHJcjLg
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
shape-468x60.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/shape-468x60.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
825c3e3f3d56893ab0d968e2d7d8f4a1c5bc3b93088046310902ace5430e946b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2015
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
bike-city-6100.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/bike-city-6100.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4458adea11b71ea85d282384adb77dafb27dd922f4896efb19cceceac5eff93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22228
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
logo-city-6100-vertical.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/logo-city-6100-vertical.png
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e588c42d911b8beb3198640a761a360fc7360c1144af4fc81d652a482900dee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4006
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
container.html
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9152 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040803.js?31060768
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 12 Apr 2021 12:56:24 GMT
expires
Tue, 12 Apr 2022 12:56:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 3408 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.lotterypost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:11:00 GMT
server
sffe
age
96767
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15056
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2EE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80372
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E2EE 		295 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52761
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5DAB 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 10:34:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8502
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Apr 2022 10:34:44 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 5DAB 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16612
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
8623
etag
W/"6568-1ngjDPyuAAmZwhNLatux85Ckam0"
x-served-by
cache-fra19158-FRA
date
Mon, 12 Apr 2021 12:56:26 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5DAB 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:26 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C10F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
31b4ea2bd2a51d39610fc8aa214e4119.js
www.gstatic.com/mysidia/ Frame 9152 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/31b4ea2bd2a51d39610fc8aa214e4119.js?tag=client_fast_engine_2019
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 01:23:38 GMT
server
sffe
age
297888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2779
x-xss-protection
0
expires
Thu, 08 Jul 2021 02:11:38 GMT
b2ad9e2117aedd5ce941a2862458374c.js
www.gstatic.com/mysidia/ Frame 9152 		142 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 02:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 01:23:38 GMT
server
sffe
age
297888
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53415
x-xss-protection
0
expires
Thu, 08 Jul 2021 02:11:38 GMT
css
fonts.googleapis.com/ Frame 9152 		3 KB
647 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Apr 2021 11:40:46 GMT
server
ESF
date
Mon, 12 Apr 2021 12:56:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 12 Apr 2021 12:56:26 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ Frame 9152 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c063b642684066df68e19aa7fb61a67ef9c0c63b9ec6908d6ddb5b87ae9263c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29459
x-xss-protection
0
server
sffe
date
Mon, 12 Apr 2021 12:56:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"2befc3d6449413a9"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Apr 2021 12:56:26 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 9152 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:52:50 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/ Frame 9152 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/abg_lite_fy2019.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:49:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7114
x-xss-protection
0
server
cafe
etag
17914786394753848863
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:49:44 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 9152 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/window_focus_fy2019.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:55:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:55:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9152 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1617988883687958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36710
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/ Frame 9152 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210406/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:55:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
28
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5599
x-xss-protection
0
server
cafe
etag
2241650964481140939
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Apr 2021 12:55:58 GMT
l
www.google.com/ads/measurement/ Frame 9152 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8xqzrhy1doGrSEx1BRlyrieSvvprHCzxkhKYUSVwI5Gx6GmmShORDTmxYJgkkVRiKSS1H9grj7qUJGcPsVrOuJAI1Rw
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
a0b5068ca1fc7f6ff765c7833258ec42.js
www.gstatic.com/mysidia/ Frame 9152 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a0b5068ca1fc7f6ff765c7833258ec42.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 01:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 01:23:38 GMT
server
sffe
age
300021
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10491
x-xss-protection
0
expires
Thu, 08 Jul 2021 01:36:05 GMT
5847671032413157690
tpc.googlesyndication.com/simgad/ Frame C10F 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5847671032413157690?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnDHqNjbgAPP_OMueekNWCtCzJBYQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 02:05:24 GMT
x-content-type-options
nosniff
last-modified
Fri, 15 Jan 2021 17:03:22 GMT
server
sffe
age
384662
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42771
x-xss-protection
0
expires
Fri, 08 Apr 2022 02:05:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C10F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80372
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C10F 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52761
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3408 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
server
cafe
age
80372
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 12 Apr 2021 14:36:54 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 3408 		295 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 11 Apr 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
52761
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 12 Apr 2021 22:17:05 GMT
shape-468x60.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/shape-468x60.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
825c3e3f3d56893ab0d968e2d7d8f4a1c5bc3b93088046310902ace5430e946b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2015
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
bike-city-6100.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/bike-city-6100.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4458adea11b71ea85d282384adb77dafb27dd922f4896efb19cceceac5eff93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22228
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
logo-city-6100-vertical.png
tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/ Frame 3408 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16182359314687138829/city-6100-ch-de-google-468x60/images/logo-city-6100-vertical.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e588c42d911b8beb3198640a761a360fc7360c1144af4fc81d652a482900dee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 05 Apr 2021 22:59:12 GMT
x-content-type-options
nosniff
age
568634
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4006
x-xss-protection
0
last-modified
Wed, 07 Aug 2019 01:28:45 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Apr 2022 22:59:12 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5DAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFWdttXQOW2lAaFf9lcQ_M6hoZWlIid32n40jmk31a7MGbKjkyjYhjtX07RqOtTRkme95ignupo4KcEGmn4i4vsG8pqd9izvReoKKWXTXOcZfxKXtdRYKOkGH8L8g2NTRGg4BL9EorkUajY7WI6NNIDen1d5mJO1pwGBa9q0DenFRInGtGxpJAlZcc_0jrFDKTbRefd472K1kSzg10pnwkTBDLor7tixf0A6DA10FrbKtl0ZBcJGL_GYd3dmcfOk5TocloC1oNWrhPjdm7iRai_G1l4mI3YaqEIhrYkaW9WeH2&sig=Cg0ArKJSzGbMXpi43aGwEAE&urlfix=1&adurl=
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame 5DAB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
faec96d5d90c44f9392d8fd7865456b13b1c46dbd64b69cffe7f6ed75d59f0cf

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5DAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaJDGSuDJj8Ct8obGPVbcJCU2yx9-q2NnW3P_qusE2kuYSAcagai37QgzVzi76KmXqIgZr-hjdoJzS7dxLUKnHfSoz8KTsik-uWEsdG4y5Vdtuc-ufbF9jrj5ihT7WhtliURyyoNasK_IhqdBpWhZ8wi6HaiKsIFnIvG64q0WBYlaNFrDnX-ZuknqzOfWSxJdXnlZhfUrarmO8MTMJqrG4HUd5faAa9lJ6pIJNFRlk8utnhS4v7z5wsIx-PvkvU8GbOpwhzneg_IawrvJlzKBP6AQS4u9eTjny5a14nbnkcSuaE-U&sig=Cg0ArKJSzNfvz3UpkiCBEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 12 Apr 2021 12:56:26 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/13118358931540036610/ Frame 9152 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13118358931540036610/downsize_200k_v1?w=100&h=100
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cec19a2b30b66579a42993430e2ebf3b2c6047a2ef0925e53f751aa0380852f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 02:49:47 GMT
x-content-type-options
nosniff
age
122799
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2599
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:17:41 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 02:49:47 GMT
truncated
/ Frame 9152 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame 9152 		0
322 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knelnu5a&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&sei=44727843%2C44729911%2C44730425%2C44730426%2C75259407%2C75259408&nsei=44714510%2C75259405%2C447279544&bi=rda&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1615352110814522421/ Frame 9152 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1615352110814522421/downsize_200k_v1
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f42bc2fbdc768aae8cdbeaf164506ec2ddb4c048e2a53c2af5960af4396d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 10:05:46 GMT
x-content-type-options
nosniff
age
269440
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60353
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:17:42 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 09 Apr 2022 10:05:46 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9152 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CP6LgeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE1QFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGOLgTgV1jJ0qocDaoTggQu8hSDABOO0zsG0A-AEAZIFBAgEGAGSBQQIBRgEoAYugAe46f6xAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCW0wvSCAcIgGEQARgdgAoDyAsB2BMNiBQDshcaChgIABIUcHViLTExMjEyMjgzNzk4MzcyODk&sigh=176x8TPCqLk&template_id=3484&tpd=AGWhJms1rj7AwgirctO1uc5PpG5FoMe1rc6Bat2PwPuKe4S00w
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
AdDisplayTrackerServlet
pr.ybp.yahoo.com/ab/secure/true/imp/xWDi_7M5uKMJLp46AKZw5m91fBiUKkLaycexQt1Th6AT9tu12id-FaSZBg-fbLTugiy81grIhemckRyje--qDvdZWeYoLcLRO8Cdkz1y7TUfBL1GiW1EaOnc-e4BpPu6Nn0OmFWAwlxEO1F6M83a8PLo4463ft0eG... Frame 9875 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/xWDi_7M5uKMJLp46AKZw5m91fBiUKkLaycexQt1Th6AT9tu12id-FaSZBg-fbLTugiy81grIhemckRyje--qDvdZWeYoLcLRO8Cdkz1y7TUfBL1GiW1EaOnc-e4BpPu6Nn0OmFWAwlxEO1F6M83a8PLo4463ft0eGcRqFJ3GZI51npcH_c29Bx7m31rhdbaBz2jiyWKmRrvNqfO5HY45RymRkoHh08Tsr5krMt_uLWPSowry8dL2iVMThYrLCCsU0ItkkQ289JRhM9NoUJKmKTHuYwnfXzG9lAJJ3P596UIAo8eeNXtK-ur1O2exU--jqm1jVDTGzx5nY68XDVN-Yjcgx26LhnZldBKI-fZXWieetHTQPDa-pnJ0CM3E6G8Q_zIzU47dFvXuPZEuRi28HRhpRjJpiMx1035FbLyY-j5FlpH6kEmnjIeULmW2j9R6Z2bLaEmWsv3MYa0ufgtEaIFUeGqrQrhm4YALvW8r2WpmnglHKv7K4z-DSEmP5nhjNUWaYIPiRRy0IHmJxl2T8supjhdeQTeNhD_MH-BkylGUWrwCkKngzmMHeXLPw_pmWeIqDwSWsZMsrta7DsJjVWfKvmvgea0ViHbthBCV69YCqrSlmBFWf9GZxy60_kdSPZeQiLZ9gP6LkFxryI2W-8XVt3JOiYfNUEiU-nMdflMaPblwAbmCD9Zmcn-iDOzZ2D1tHUOZUnrgiAUZd5hcaYQclR4PB4ymceHcHBxZnQY9Vk0z6ZiSNrt66rqVXXmciCgumZIZpMparzqv9sMEyEasTDoG4eYY3VHIl872tpDmS2AJgwavig4zT1q-44msSWJqZv_U41vrT-0n_aq9_7i_GYcZcOka9SOOqopmjcX7UOAaLJNfR7VUF3lUaDjrYZkkpGNBx22yvJzkSKE9SFyBCdjo4-POcxMZA_uA-l92jjRr17ri3ZnjX8IrNF510zAO9zjfhDT-AKivDkkm_GeiE2uWG9-RqhDBDHWwF4otmuGm9vd_JrpzfQgt6oUWESbhlLTicDmoq_IeR-_AGwmY6VJCeKhP1M100EZq-aQiwfvjD9UyaTFZ4vp4kYYk5_6_Mh2Czg61RVQ8VM0vWloOx1aDx-3-L5MWBPL2u3oCMRYot9ekuzCT8bIEOvILy2yXGz3zQjluGj_ykN7vtHR9uatEkWsCAOTq1iHt_R9FzVNHRRsuXZw9MNcKZ6t-8_G8kq7YhEEzjVm911lqkD872G0u8qmZZMjy2zVuCy9KJIpXXmw0aXGUZjYFkCRUD2uOjNkJp_c9IQf0MmCQhQNHd6Ong99-QkMRy5SIw6UJItZ0WxV-9g/wp/0.101359/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1Nzg1NiZzaXRlSWQ9NDEyMDI2JmFkSWQ9MTg1MTAzMCZrYWRzaXplaWQ9MTEmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjI2MzczNTAwMTczODk4ODA5NiZhZFNlcnZlcklkPTI0MyZpbXBpZD01OUY5NUUyRS02NUIyLTQyQTgtOTQ4MS00RDZDMkZFRUVBQ0YmcGFzc2JhY2s9MA==_url=
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e12f37da0c8c914996a526d3efcd0c97219e87714db15fea906750b0e717ce51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
text/javascript
x-xss-protection
1; mode=block
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
3065
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
videoplayback
r3---sn-4g5e6nsz.gvt1.com/ Frame 9152
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=ip,ipbits,expire,id,...
  • https://r3---sn-4g5e6nsz.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
913 KB
913 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-4g5e6nsz.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2C728A607F757FA30D21997AD04D14CDCB549B70.3BE8C968E41E5E8E6F94F0ACF13608936913960E&key=cms1&cms_redirect=yes&mh=QI&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsz&ms=nvh&mt=1618231130&mv=u&mvi=3&pl=49
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:5f::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
69ea159a75aa38bd99a9eb13196790de81fb46ba711b532c38d4bfecb28d481b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
last-modified
Fri, 02 Apr 2021 13:26:50 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-934465/934466
client-protocol
quic
cache-control
private, max-age=6899
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
934466
expires
Mon, 12 Apr 2021 12:56:26 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r3---sn-4g5e6nsz.gvt1.com/videoplayback?id=8ba253171be2ebc2&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1618239385&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=2C728A607F757FA30D21997AD04D14CDCB549B70.3BE8C968E41E5E8E6F94F0ACF13608936913960E&key=cms1&cms_redirect=yes&mh=QI&mip=2a01:4f8:192:5414::2&mm=28&mn=sn-4g5e6nsz&ms=nvh&mt=1618231130&mv=u&mvi=3&pl=49
cache-control
no-cache, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
707
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4B17 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 11 Apr 2021 16:59:40 GMT
expires
Mon, 12 Apr 2021 16:59:40 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
cache-control
public, max-age=86400
age
71806
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9152 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6de4b2f15d729eff43cdf32e8ea0b4b0099d68f6ee93f98917de56cb93fc2365

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9152 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLV154tzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 19:03:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:11 GMT
server
sffe
age
237201
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21520
x-xss-protection
0
expires
Sat, 09 Apr 2022 19:03:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 9152 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
96768
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Mon, 11 Apr 2022 10:03:38 GMT
inside.js
s.yimg.com/rq/iv/ Frame 9875 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/rq/iv/inside.js
Requested by
Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/xWDi_7M5uKMJLp46AKZw5m91fBiUKkLaycexQt1Th6AT9tu12id-FaSZBg-fbLTugiy81grIhemckRyje--qDvdZWeYoLcLRO8Cdkz1y7TUfBL1GiW1EaOnc-e4BpPu6Nn0OmFWAwlxEO1F6M83a8PLo4463ft0eGcRqFJ3GZI51npcH_c29Bx7m31rhdbaBz2jiyWKmRrvNqfO5HY45RymRkoHh08Tsr5krMt_uLWPSowry8dL2iVMThYrLCCsU0ItkkQ289JRhM9NoUJKmKTHuYwnfXzG9lAJJ3P596UIAo8eeNXtK-ur1O2exU--jqm1jVDTGzx5nY68XDVN-Yjcgx26LhnZldBKI-fZXWieetHTQPDa-pnJ0CM3E6G8Q_zIzU47dFvXuPZEuRi28HRhpRjJpiMx1035FbLyY-j5FlpH6kEmnjIeULmW2j9R6Z2bLaEmWsv3MYa0ufgtEaIFUeGqrQrhm4YALvW8r2WpmnglHKv7K4z-DSEmP5nhjNUWaYIPiRRy0IHmJxl2T8supjhdeQTeNhD_MH-BkylGUWrwCkKngzmMHeXLPw_pmWeIqDwSWsZMsrta7DsJjVWfKvmvgea0ViHbthBCV69YCqrSlmBFWf9GZxy60_kdSPZeQiLZ9gP6LkFxryI2W-8XVt3JOiYfNUEiU-nMdflMaPblwAbmCD9Zmcn-iDOzZ2D1tHUOZUnrgiAUZd5hcaYQclR4PB4ymceHcHBxZnQY9Vk0z6ZiSNrt66rqVXXmciCgumZIZpMparzqv9sMEyEasTDoG4eYY3VHIl872tpDmS2AJgwavig4zT1q-44msSWJqZv_U41vrT-0n_aq9_7i_GYcZcOka9SOOqopmjcX7UOAaLJNfR7VUF3lUaDjrYZkkpGNBx22yvJzkSKE9SFyBCdjo4-POcxMZA_uA-l92jjRr17ri3ZnjX8IrNF510zAO9zjfhDT-AKivDkkm_GeiE2uWG9-RqhDBDHWwF4otmuGm9vd_JrpzfQgt6oUWESbhlLTicDmoq_IeR-_AGwmY6VJCeKhP1M100EZq-aQiwfvjD9UyaTFZ4vp4kYYk5_6_Mh2Czg61RVQ8VM0vWloOx1aDx-3-L5MWBPL2u3oCMRYot9ekuzCT8bIEOvILy2yXGz3zQjluGj_ykN7vtHR9uatEkWsCAOTq1iHt_R9FzVNHRRsuXZw9MNcKZ6t-8_G8kq7YhEEzjVm911lqkD872G0u8qmZZMjy2zVuCy9KJIpXXmw0aXGUZjYFkCRUD2uOjNkJp_c9IQf0MmCQhQNHd6Ong99-QkMRy5SIw6UJItZ0WxV-9g/wp/0.101359/pclick/https://clicktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?clickData=JnB1YklkPTE1Nzg1NiZzaXRlSWQ9NDEyMDI2JmFkSWQ9MTg1MTAzMCZrYWRzaXplaWQ9MTEmdGxkSWQ9MCZjYW1wYWlnbklkPTIzMDI2JmNyZWF0aXZlSWQ9MCZ1Y3JpZD0xMjI2MzczNTAwMTczODk4ODA5NiZhZFNlcnZlcklkPTI0MyZpbXBpZD01OUY5NUUyRS02NUIyLTQyQTgtOTQ4MS00RDZDMkZFRUVBQ0YmcGFzc2JhY2s9MA==_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Mon, 12 Apr 2021 11:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6295
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14524
x-amz-id-2
1umWwT5qJYuPluU5U/tWcG7T67ui8SnLfRfLEv0S4TUuZnNt/rR6ZVqVQCKFA6qX5d4ig+I2ohA=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Mar 2021 20:30:45 GMT
server
ATS
etag
"88b82e15c9ac0270fa9e031df01dd8dc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
MHZ75DPC56PE56QD
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
44113396-d0fb-45b1-80bf-ae7bfdd0d2eb.jpeg
s.yimg.com/ch/ Frame 9875 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/44113396-d0fb-45b1-80bf-ae7bfdd0d2eb.jpeg
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
668e6832bd4c1cf8e7b4e5ddeea396a12fbd9291eb5c02004df4f542932984d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Apr 2021 08:35:23 GMT
x-content-type-options
nosniff
age
274865
x-amz-server-side-encryption
AES256
vary
Origin
content-length
36693
x-amz-id-2
riYfmzYSq9YzK3VeeJKKjlgs9ZE1mgcFyY4ZA1r1SZLJ/ErfDnvV3Ud2tNgHyDOGrF9MQbvCdaI=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 30 Mar 2021 15:46:08 GMT
server
ATS
etag
"4e63207c36fb1814238b4035dc3a1ec4"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
VVDCYT3J29HQVM29
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 9875 		565 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion
1
date
Thu, 01 Apr 2021 09:25:35 GMT
x-content-type-options
nosniff
age
963052
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
r8xzqpughqYT4shVcrW9LEcRMI2HMXO+w0wx7VyhJYNyVoQ7at8rxSqACNywmxxkQPDR0OsYLTk=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
M4GPHZFY6RN5F6C0
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knelnu5i&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F31b4ea2bd2a51d39610fc8aa214e4119.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~knelnu9k&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fb2ad9e2117aedd5ce941a2862458374c.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~knelnu9l&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fa0b5068ca1fc7f6ff765c7833258ec42.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 2733 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PUBMDCID=3; KRTBCOOKIE_22=14911-7288845911666229246; KRTBCOOKIE_153=1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr; KRTBCOOKIE_1101=23040-6950254311926593680; KRTBCOOKIE_80=16514-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&22987-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&23025-CAESEJO0Y8aTyPvZXVASlVd0Itk; KRTBCOOKIE_391=22924-8689657867462856053&KRTB&23263-8689657867462856053; SPugT=1618232184; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_377=6810-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&22918-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&23031-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10; KRTBCOOKIE_188=3189-771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348; KRTBCOOKIE_336=5844-2051760143228930276; KRTBCOOKIE_57=22776-9067763383897638257; KRTBCOOKIE_218=22978-YHRDeQAAIY74xgA0&KRTB&23194-YHRDeQAAIY74xgA0&KRTB&23209-YHRDeQAAIY74xgA0&KRTB&23244-YHRDeQAAIY74xgA0; PugT=1618232184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144495
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:26 GMT
Connection
keep-alive
Vary
Accept-Encoding
AdDisplayTrackerServlet
aktrack.pubmatic.com/AdServer/ Frame CD64 		0
124 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aktrack.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=157856&siteId=412026&adId=1851030&adType=10&adServerId=243&kefact=0.101359&kaxefact=0.101359&kadNetFrequecy=0&kadwidth=120&kadheight=600&kadsizeid=11&kltstamp=1618232184&indirectAdId=0&adServerOptimizerId=2&ranreq=0.1&kpbmtpfact=0.101359&dcId=3&tldId=0&passback=0&svr=BID22467U&adsver=_2344862218&adsabzcid=0&ekefact=eEN0YPk3BQASyeNd-jmCr6K5Pb_J4wjd88vjHXd8gA3CBUm_&ekaxefact=eEN0YA84BQCn1iEWktpHtk6OfSuoEpQ3JwriPYv8QYHnMwfb&ekpbmtpfact=eEN0YCM4BQAmtDLxSIrGNKHyXSMiCENoTMP3Hbxo7vBNGCED&enpp=eEN0YDc4BQCmQrFiGgfP6YC38dFoFSz09fDdpvbXZ3RnIO9p&pfi=1&dc=AMS&pubBuyId=30384&crID=3262253&lpu=hoeren-heute.ch&ucrid=12263735001738988096&campaignId=23026&creativeId=0&pctr=0.000000&wDSPByrId=OATH101788000&wDspId=452&wbId=1&wrId=0&wAdvID=1157489&wDspCampId=1516979&isRTB=1&rtbId=878A51E7-92C8-4552-B800-F4DBB365BFE7&imprId=59F95E2E-65B2-42A8-9481-4D6C2FEEEACF&oid=59F95E2E-65B2-42A8-9481-4D6C2FEEEACF&cntryId=45&pageURL=https%3A%2F%2Fwww.lotterypost.com%2F&sec=1&pAuSt=3
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.34 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-34.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
aktrack.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=843AF0C7-018A-4420-BECA-8EC10D1CB9D3; chkChromeAb67Sec=1; DPSync3=1619395200%3A221_201_227_226; SyncRTB3=1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203; KRTBCOOKIE_27=16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c; PUBMDCID=3; KRTBCOOKIE_22=14911-7288845911666229246; KRTBCOOKIE_153=1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr; KRTBCOOKIE_1101=23040-6950254311926593680; KRTBCOOKIE_80=16514-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&22987-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&23025-CAESEJO0Y8aTyPvZXVASlVd0Itk; KRTBCOOKIE_391=22924-8689657867462856053&KRTB&23263-8689657867462856053; SPugT=1618232184; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_377=6810-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&22918-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&23031-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10; KRTBCOOKIE_188=3189-771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348; KRTBCOOKIE_336=5844-2051760143228930276; KRTBCOOKIE_57=22776-9067763383897638257; KRTBCOOKIE_218=22978-YHRDeQAAIY74xgA0&KRTB&23194-YHRDeQAAIY74xgA0&KRTB&23209-YHRDeQAAIY74xgA0&KRTB&23244-YHRDeQAAIY74xgA0; PugT=1618232184
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/

Response headers

Content-Type
text/html
Content-Length
0
Date
Mon, 12 Apr 2021 12:56:26 GMT
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 4B17
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEHyomT4zMp9Cbj3S0vzIBPo&google_cver=1&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3724TvyAPCcsA75uYGJ87EVt
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3724TvyAPCcsA75uYGJ87EVt
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:26 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AQvitUKieYz5jP2px-RgJ5KtVkbaJaQmxdKfb80nyQGkuXAAlDSOxM8vRhVMJwP060RXHkPFrCxd3724TvyAPCcsA75uYGJ87EVt
x-li-proto
http/2
x-li-pop
prod-edc2
content-length
0
x-li-uuid
5NcWjJkddRZw+QCNiisAAA==
pixel
cm.g.doubleclick.net/ Frame 4B17
Redirect Chain
  • https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESEPC2En7dv38zmOn7Jon_rXw&google_cver=1&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_...
  • https://sync.bumlam.com/?src=ggl_nga&google_gid=CAESEPC2En7dv38zmOn7Jon_rXw&google_cver=1&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9Jo...
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=AQvitUKvkAUWrnRY6eA_w-YEJuf9bRcgaV5hpSRSg6Gz-NRPWSZPsd8md6FCWe65mphHd66exnVq6ZZSjWLrCRr3sdT_9JoCh_in
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 4B17
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDXx7gbZiI3h7X8XkcC26Bs&google_cver=1&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u7a...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY4OTY1Nzg2NzQ2Mjg1NjA1Mw&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY4OTY1Nzg2NzQ2Mjg1NjA1Mw&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u7agrtqcr4uLCrgjeglXwKv
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY4OTY1Nzg2NzQ2Mjg1NjA1Mw&google_push=AQvitUKk3NeRxtZtZXInuEKF9VcHpkR293oCr6DCYKNW7Id2mV7t9xpH_ijb_2-Lrg-HnXslnjR_5u7agrtqcr4uLCrgjeglXwKv
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame 4B17 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEFg2eXve3NbfPjE0bNoxTyY&google_cver=1&google_push=AQvitUJL7JEEvKavmKSIMvQ42hfXjJcax-jWGi8pAY2t7Geh_IYiyu3Ljl7Qnw9lHm0GyYbFpT7AryNUvo09S5t16jFaaokevgdf
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 4B17
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEOS5zN6mY3c_dY_rmGHwD2w&google_cver=1&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeq...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU&google_hm=WUhSRGU4Q28...
170 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU&google_hm=WUhSRGU4Q281dWtBQUdiUXIyUUFBQUFB
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Mon, 12 Apr 2021 12:56:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEOS5zN6mY3c_dY_rmGHwD2w&google_cver=1&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU","cluster_id":0,"gdpr":false,"ipv4":"91.132.136.76","key":"YHRDe8Co5ukAAGbQr2QAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40051"}
X-SO-Ads-Time
2
X-SO-Key
YHRDe8Co5ukAAGbQr2QAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40051
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AQvitUJsMMp5sAz2WOJWGfEaCDUa8vpcBpJOer3OVr9wDMytdFLeqcj-M6_CDtQuRxwX17JtfRTeqg-ttHTIaWWHY0bCuU0dvYeU&google_hm=WUhSRGU4Q281dWtBQUdiUXIyUUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40051.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-IP
91.132.136.76
sync
rtb2-useast.e-volution.ai/ Frame 4B17 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEAVwRYi5gflEQscYnxjpaDk&google_cver=1&google_push=AQvitUINZ0H3f7SXCMEOWhb2ZWlmgx-Q4d-sA3jW3wI2euxqDcRSjIpZ4vhhKr7bDXQMxFhFJ188Z-a4V-TJWcmD5RqHz9hrQ7abxg
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame 4B17
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESENn43iJQ_C0ypCQbhGah8Xk&google_cver=1&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i67dogLwzm0xar384l...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pOC5RWjBoRTJ1SDBFNDdySl9pSmxmdWNWQnR1Mk5oVH5B&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i...
170 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pOC5RWjBoRTJ1SDBFNDdySl9pSmxmdWNWQnR1Mk5oVH5B&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i67dogLwzm0xar384lCDWhgK-gyBpVeFW05BB3pJ_Au3
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1pOC5RWjBoRTJ1SDBFNDdySl9pSmxmdWNWQnR1Mk5oVH5B&google_push=AQvitUKDO1LddHfUp-58aGCAzxuj2uNcgqIXeCaTmbVvS9f7uAgZh-n-i67dogLwzm0xar384lCDWhgK-gyBpVeFW05BB3pJ_Au3
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4B17 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JC3BST6gQ1D0GAJ4m9b2y2MlrgIXOCBhELL97MyCfNzwN7JSiWmYbgMqi6Rzrg1q8qjWj94C8
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:26 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=adresume
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=part2viewed
Requested by
Host: www.lotterypost.com
URL: https://www.lotterypost.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210406&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3877a1665b97a62cffddcc0ef5ee71bb4fb5e29c71895efb3d063241bd6f021d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 12 Apr 2021 12:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6563
x-xss-protection
0
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Protocol
H2
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.lotterypost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 12 Apr 2021 12:56:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-allow-methods
POST,OPTIONS
access-control-allow-headers
Content-Type
access-control-max-age
86400
vary
Origin
access-control-allow-credentials
true
server
cloudflare
cf-ray
63ec9d617929c2d6-FRA
x-frame-options
DENY
x-content-type-options
nosniff
content-encoding
gzip
rum
cloudflareinsights.com/cdn-cgi/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cloudflareinsights.com/cdn-cgi/rum
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Mon, 12 Apr 2021 12:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.lotterypost.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
63ec9d61894cc2d6-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210406/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3077964989149008&plah=www.lotterypost.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 12 Apr 2021 12:56:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E2EE 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLUnH7_HCjVXqthijsYahqrWZRFMr54KD71lRauBfsKbe8k0JLlYvBetV0TyxFdXvrCHG8QADe1dDebyXLmV18zWRomOe8zRQGZOMkM4X_M0oAo4IE_DNSsm4&sai=AMfl-YQkbq8Sq_Hu1jPOuaYtTdUa8pwDw7cvx-ftIjZodavuWws7VDLSkkH7jTzWDyNa94bZWBh7bCR4DaRjmlQU1Msif_oysoMMMD4tpAw7J7Qtg3SAJMUV1hpE5kY&sig=Cg0ArKJSzLJHOZTOBzpfEAE&cid=CAASFeRoXwwKgcD5T0_wZbqkMJ4M0fL9rA&id=ampim&o=712,10&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=209&tls=1209&g=100&h=100&tt=1209&r=v&avms=ampa&adk=167273885
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame B4C3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 12 Apr 2021 12:05:44 GMT
expires
Tue, 12 Apr 2022 12:05:44 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
3043
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
pagead2.googlesyndication.com/bg/ Frame B4C3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/71hr94SUjmI4WsmVKl_xSF-LeUxrKTKLcbZwOLomvE8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 10 Apr 2021 10:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
180673
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5693
x-xss-protection
0
expires
Sun, 10 Apr 2022 10:45:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3408 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvDI5e4q43gtg6jA5aaegnGbR3H2sgSblE5BdBlkqoY7HO-84i5CupY_M-ii_-MZCkTCxQqF9zonbVYVkhy41djMQj_GYmjlBjU2Uf1YKgn8RNRKSrR88G2JnlEcpjOANCqgBpWtzV-nTQC0gBZmg&sai=AMfl-YQzstQe1z7B9LC9rxQSQbaGJcuSWADrvossA6soy7ewX8vvGFbAQG6Vax2jbBdE9AN6wVIZ910fAYuF8vkJALt9v7gkXWLNWtCquyWE-1lb0nlzUY7eU-btDCQ&sig=Cg0ArKJSzBbIm9pIgWTTEAE&cid=CAASFeRosxavfUWOKWo9gX2QUqqgpyH_jA&id=ampim&o=496,513&d=468,60&ss=1600,1200&bs=1600,1200&mcvt=1010&mtos=0,0,1010,1010,1010&tos=0,0,1010,0,0&tfs=230&tls=1240&g=100&h=100&tt=1240&r=v&avms=ampa&adk=4006668155
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210406&jk=621170150751874&bg=!pqWlpeHNAAY56aLOOek7ACkAdvg8WoEJXoJ-3rZPgSGdVbBEQxE_I92SCX8HAoMhaOvy1c4mJSPm1AIAAABaUgAAAAtoAQcKAG9kFOLcCfACJFa5j3GLOQC_pW1kYcIIFS4hMop0bQEzcK0ZPfHlapRW2cc2kJ1-s5TuxMGRsg26UpOTFgo6JidCFTYHI1ljEogLUM9xBXW-f-do2RbKrAQEQLmfmi2SgI0DmHKJqgG5Dn5m9tsqObOZAcnaVyqP3mogoYatcXyUcDCVvvgFuORYXtyC_KQumHUhvEOX07F2DQERBO1WfGvm_y8qNJmaVmbj6u2NUGKtb5B9eyl7n3VDhQh8h14TS0sNIFVSC3UBxzl5VjhwWLnqnxMkaQmj1c5Y5HzM7VF67nfe6WbYQVHuA3DKl65ZOwDERVl218Bep5UhWRcXb3y0jSkojE6OHk15qrrqyuldiwk-rkQLklgRYCqQW4xgbWZONFQREQ8ZJ3hxcKsOfVYY-4bLKp_mv4oBxxtbPL0ioSTyVBBs79w37V2l9_0xKHzzKUnNTBwxVqGDJ8blUOX3HcZRIJrmS97ovjVhBvoidpvp1OJIof9rYvAGlsdsQgyYNOEwwXtmOSMQTrUqKkVQp6KMApWsgvvczxDVgeayb9q9RdGWxXhbzExApug5CjcpgY4jwdx4f1QwyLbrsRmmkXLTnUI8R_6W1V4Xmr5_jxKYuUFoaL9RB78okhEJ7IJCJET9uMobbrwsMAq7nXCvhKEJtCHjSFIueq_ZgXdjOb-hTh3ZVsEzeMFYR4D_lsCb68LDD_GhdTE3ojR_IcTG9e845gytsrwC3J-sPWhsXDTDteaak4s-zlzO
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9152 		42 B
132 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-HLsoDR4hm7tTseV0UxPWLhtzx5NYVolih6wvuVonSaLKWL1i9PcFufbBL62XDGh1NCA3PrEbLk14VkuwVonK2Duwwl_S2ynjjFeW96gR9DLq0ke4Br-8yMQ&sai=AMfl-YQ7PV0Fz2XiNErMAut2_wLrwbpT1YggrZOO8ekkX3986eHLUPMJKM0DwY7cCOKUvQJrONtnznuehLVS2pZiVzjMtD5F8S4UjMWZz47Gz90Ou2jsOXOda2MiP-w&sig=Cg0ArKJSzCBe9yWNsDtREAE&cid=CAASFeRoWs6HGb05Nr7LXBGnQ3obbmp9Ww&id=osdim&mcvt=1000&p=194,1140,444,1440&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210409&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1304712773&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1618232185918&dlt=65&rpt=1&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 3DF7 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156657&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:26 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
csi
csi.gstatic.com/ Frame 9152 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~knelnu9l&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&event_name=first_play&asset_bytes=153163&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=14&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=videoplaytime25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame E9E8 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144491
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F50B 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Mon, 12 Apr 2021 12:56:30 GMT
Age
29489530
X-Served-By
cache-lga21948-LGA, cache-hhn4071-HHN
X-Cache
HIT, HIT
X-Cache-Hits
236858, 1371762
X-Timer
S1618232191.613945,VS0,VE0
Vary
Accept-Encoding
Cookie set beacon
ap.lijit.com/ Frame 4968
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13414900
  • https://ap.lijit.com/beacon?informer=13414900&dnr=1
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13414900&dnr=1
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
a7c55cd9a596fc5ced76e650e9bda6086d97dd42c7e331e1f052da646e4e5696

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=c9357560e058df414921eb63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxdzzsSgDAIBNC7pLYIf%2FBqjnfXRBu2fAzsLNegcZJTCqXVPAZvlirFonu3dAZ10wRDXHxxmeK1XFXRN95J9kliJlRK6JQKNjDcM95DI%2F47c5hsR%2F9BIE8hT6vbYN%2Fav%2FcDHS9PDg%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=c9357560e058df414921eb63;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Length
0
Set-Cookie
ljt_reader=c9357560e058df414921eb63;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon?informer=13414900&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
ixmatch.html
js-sec.indexww.com/um/ Frame 5191 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.lotterypost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Length
1151
Connection
keep-alive
checksync.php
contextual.media.net/ Frame C40D 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: lp.vg
URL: https://lp.vg/js/f1/pb3.21.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.28.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
f78f7db4a2089b0f622f73aec86871b2146922fe064110fc5a8de7a475895a4d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.lotterypost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.lotterypost.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Thu, 14 Oct 2021 12:56:30 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2612337901230033000V10; Expires=Tue, 12 Apr 2022 12:56:30 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 14 Apr 2021 12:56:30 GMT
date
Mon, 12 Apr 2021 12:56:30 GMT
content-length
9553
bswt
c.deployads.com/cs/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sortable
  • https://x.bidswitch.net/ul_cb/sync?ssp=sortable
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=sortable
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=sortable
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=3f5114d6-9dee-4a34-b0cb-f36370331c72&ssp=sortable
  • https://c.deployads.com/cs/bswt?b=de0bf98b-179b-477a-9a9d-714ea26f8c44&i=
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/bswt?b=de0bf98b-179b-477a-9a9d-714ea26f8c44&i=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.12.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-12-55.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//c.deployads.com/cs/bswt?b=de0bf98b-179b-477a-9a9d-714ea26f8c44&i=
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/sortable
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8849187636
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8849187636
  • https://sync.1rx.io/usersync/tradedesk/e3cd7a12-4d33-4bf2-b287-2580a4cf7b96
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
Tengine
ETag
RX242b2be666ea474a867ec940658bfbc4003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Connection
keep-alive
Content-Type
text/html
QANT
c.deployads.com/cs/
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-N04C2m09Yy8f8.gif?idmatch=0
  • https://c.deployads.com/cs/QANT?gdpr=1&b=62U1NelmNWTwbTQxv2IvNexsNGPwY2Mx7mJ3y_h5
43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.deployads.com/cs/QANT?gdpr=1&b=62U1NelmNWTwbTQxv2IvNexsNGPwY2Mx7mJ3y_h5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.12.55 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-12-55.eu-west-1.compute.amazonaws.com
Software
SortableCactus/1.0 /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://www.lotterypost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache
server
SortableCactus/1.0
content-type
image/gif
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://c.deployads.com/cs/QANT?gdpr=1&b=62U1NelmNWTwbTQxv2IvNexsNGPwY2Mx7mJ3y_h5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E9E8 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10135050&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
932dca24fc4e500aa33d7ab68cd8f1f4d31125dd9b617e19528e8ef1fca746a9

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B569
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c6cd3cf3c592e4cbb1e271c741505a67ad28d7c59921ba27cbc9185523d7f377

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YHRDfml8Xlb95BpL12c0TAAA; CMPS=5202
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|45|230|130|13|176|73
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1703
Expires
Mon, 12 Apr 2021 12:56:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Set-Cookie
CMID=YHRDfml8Xlb95BpL12c0TAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Apr 2022 12:56:30 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 12:56:30 GMT CMPRO=1139;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 12:56:30 GMT CMRUM3=2d6074437e05a0&826074437ea8c0&f16074437e05a0&b06074437e05a00&496074437e05a00&e66074437e27600&0d6074437e05a0&276074437e0b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Apr 2022 12:56:30 GMT CMST=YHRDfmB0Q34A;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 13 Apr 2021 12:56:30 GMT

Redirect headers

Server
Apache
Content-Length
342
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Mon, 12 Apr 2021 12:56:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Set-Cookie
CMID=YHRDfml8Xlb95BpL12c0TAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 12 Apr 2022 12:56:30 GMT CMPS=5202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 11 Jul 2021 12:56:30 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJJCsH3nzIINKLLqibVnXuk&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJJCsH3nzIINKLLqibVnXuk&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
X-lat
amspug016:0:442
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJJCsH3nzIINKLLqibVnXuk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E9E8 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10135050&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 11 Apr 2021 12:56:30 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 795F 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10135050&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 12 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1289
x-powered-by
ASP.NET
date
Mon, 12 Apr 2021 12:56:30 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d11d58f-e604-46c0-b2da-6001ba7e35c0
42 B
883 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d11d58f-e604-46c0-b2da-6001ba7e35c0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
X-lat
amspug006:0:2997
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3d11d58f-e604-46c0-b2da-6001ba7e35c0
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2480524028413374838
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2480524028413374838
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
X-lat
amspug009:0:347
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=2480524028413374838
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:14fa6074-437e-4000-9c18-90ea01235889&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:14fa6074-437e-4000-9c18-90ea01235889&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
X-lat
amspug017:0:488
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:14fa6074-437e-4000-9c18-90ea01235889&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:29 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 902E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7333820847261831745
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7333820847261831745
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=10135050&p=157856&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; PugT=1618232189
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:29 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-7333820847261831745; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:29 GMT; path=/ PugT=1618232189; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:29 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:29 GMT; path=/
X-lat
amspug011:0:467
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7333820847261831745
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7830944657085672463&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7830944657085672463&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:28 GMT
X-lat
amspug018:0:380
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.86:80
AN-X-Request-Uuid
e3d98ff8-9a39-4eb6-a4f8-340ac3083298
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7830944657085672463&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yN_k5ynmSgO31hdWLjBLiw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=87258
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 13 Apr 2021 13:10:48 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame E9E8 		95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63ec9d7778ba05ed-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0967c0beaa000005edd1242000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame E9E8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:28 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:28 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzhERkU0RTctMjlFNi00QTAzLUI3RDYtMTc1NjJFMzA0QjhC&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:28 GMT
X-lat
amspug002:0:396
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5993075d-8a94-4a5b-9888-637c28cd05da&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
X-lat
amspug003:0:445
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame E9E8 		43 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C8DFE4E7-29E6-4A03-B7D6-17562E304B8B?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame E9E8
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VTZsL4VE2uUBn7gmQ4Av26SjB.dkmBo-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VTZsL4VE2uUBn7gmQ4Av26SjB.dkmBo-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:29 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VTZsL4VE2uUBn7gmQ4Av26SjB.dkmBo-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
bounce
secure.adnxs.com/ Frame F50B
Redirect Chain
  • https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
  • https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
0
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.204:80
AN-X-Request-Uuid
d9014017-81d6-40cc-bd3d-b40f63a254cc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.240:80
AN-X-Request-Uuid
09ad93ef-8384-4d9b-82ce-29ced0f7b52d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DAN_async_load
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=KNELNXMV-O-36HA&gdpr=0
43 B
933 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=KNELNXMV-O-36HA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=83&3pid=KNELNXMV-O-36HA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
6f9fd0201ed801884e5299d5aabca094
Expires
0
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D12%25263pid%253D%2524UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ce.lijit.com/merge?pid=12&3pid=7229612509212095200&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7229612509212095200&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.143:80
AN-X-Request-Uuid
411dee0a-0d5d-4cbc-855a-ead04f9feb39
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ce.lijit.com/merge?pid=12&3pid=7229612509212095200&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2225201196
  • https://sync.1rx.io/usersync/tradedesk/3d11d58f-e604-46c0-b2da-6001ba7e35c0
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D56%263pid%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003
  • https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
Tengine
ETag
RX242b2be666ea474a867ec940658bfbc4003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=56&3pid=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Connection
keep-alive
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 4968
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
reporting
ap.lijit.com/dsp/google/ Frame 4968
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YzkzNTc1NjBlMDU4ZGY0MTQ5MjFlYjYz
  • https://ap.lijit.com/dsp/google/reporting
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
aax-eu.amazon-adsystem.com/s/ Frame 4968
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=c9357560e058df414921eb63&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
43 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
MT3 3660 495c301 master zrh-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:29 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=MBdt9hyzsfueCdRec5pI&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=MBdt9hyzsfueCdRec5pI&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=MBdt9hyzsfueCdRec5pI&pi=sovrn&gdpr_consent=&gdpr=0&tc=1
pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT, Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=fmx&bsw_custom_parameter=de0bf98b-179b-477a-9a9d-714ea26f8c44
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=fmx&expires=10&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44
  • https://ce.lijit.com/merge?pid=26&3pid=de0bf98b-179b-477a-9a9d-714ea26f8c44
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=de0bf98b-179b-477a-9a9d-714ea26f8c44
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=26&3pid=de0bf98b-179b-477a-9a9d-714ea26f8c44
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=2159827870142671571
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=2159827870142671571
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=2159827870142671571
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs
43 B
958 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1618232190599&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=05CDF78849C34EEDB7DF45E9B7669229
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=05CDF78849C34EEDB7DF45E9B7669229
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
x-content-type-options
nosniff
server
nginx
location
https://ce.lijit.com/merge?pid=2&3pid=05CDF78849C34EEDB7DF45E9B7669229
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Sun, 11 Apr 2021 12:56:30 GMT
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=weS0UJ2XMlwC&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=weS0UJ2XMlwC&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=weS0UJ2XMlwC&ev=1&pid=558511&gdpr_consent=&gdpr=0
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-4whcf
expires
-1
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=c9357560e058df414921eb63&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
server
Aorta/2.4.14-20210304.4cf0ca0
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:4d160f8d096936575a242b508c31c559
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-19-94.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
generic
data.adsrvr.org/track/cmf/ Frame 4968 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AACNdU7A6IcAACk8qj89wA&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AACNdU7A6IcAACk8qj89wA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AACNdU7A6IcAACk8qj89wA&gdpr=0
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=KNELNXMV-O-36HA&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=KNELNXMV-O-36HA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ce.lijit.com/merge?pid=80&3pid=KNELNXMV-O-36HA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=1a97ea00-b27e-4254-8c69-9b278977247e
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=1a97ea00-b27e-4254-8c69-9b278977247e
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=1a97ea00-b27e-4254-8c69-9b278977247e
Date
Mon, 12 Apr 2021 12:56:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
tum
ums.acuityplatform.com/ Frame 4968 		0
0
merge
ce.lijit.com/ Frame 4968
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3Db1afd5...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 12 Apr 2021 12:56:32 GMT
via
1.1 google
server
Jetty(9.4.28.v20200408)
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://ce.lijit.com/merge?pid=16&3pid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
alt-svc
clear
content-length
0
0608867b
rtb.gumgum.com/usync/ Frame 0597 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7e11d74f63c8f3be1c1c2547ccab89c2e1fcf539ab4bd655fe7599a4332c8bc4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726; Domain=.gumgum.com; Expires=Tue, 12-Apr-2022 12:56:30 GMT; Path=/; Secure; SameSite=None
etag
W/"00570fa608beb3b975b11089b0d1d4ce8"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C3BD 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=87258
Expires
Tue, 13 Apr 2021 13:10:48 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 15E3 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=87258
Expires
Tue, 13 Apr 2021 13:10:48 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame B0D7
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&g...
776 B
778 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
015b25b20da0d120ad2db3a1c658c3dd5c7887d0a40ead1a81cd2ec6db6163bf

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ap.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=1025d541-05b6-00d7-0f45-ee61b66e8c1f|1618232190
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=1025d541-05b6-00d7-0f45-ee61b66e8c1f|1618232190; Version=1; Expires=Tue, 12-Apr-2022 12:56:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1618232190|gekin0vNiygu; Version=1; Expires=Tue, 27-Apr-2021 12:56:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
text/html
content-length
475
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=1025d541-05b6-00d7-0f45-ee61b66e8c1f|1618232190; Version=1; Expires=Tue, 12-Apr-2022 12:56:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.2
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
date
Mon, 12 Apr 2021 12:56:30 GMT
content-length
0
via
1.1 google
alt-svc
clear
Cookie set merge
ce.lijit.com/ Frame D6DF
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3337249494985287237&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3337249494985287237&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon?informer=13414900&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ap.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=c9357560e058df414921eb63; ljtrtbexp=eJxdzzsSgDAIBNC7pLYIf%2FBqjnfXRBu2fAzsLNegcZJTCqXVPAZvlirFonu3dAZ10wRDXHxxmeK1XFXRN95J9kliJlRK6JQKNjDcM95DI%2F47c5hsR%2F9BIE8hT6vbYN%2Fav%2FcDHS9PDg%3D%3D; _ljtrtb_3=9f646074-437e-4000-bfd1-766e2ab7304f; _ljtrtb_76=af6734d8-4685-052d-122f-902faaf880b0; _ljtrtb_83=KNELNXMV-O-36HA; _ljtrtb_43=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_83=KNELNXMV-O-36HA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=9f646074-437e-4000-bfd1-766e2ab7304f;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=af6734d8-4685-052d-122f-902faaf880b0;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwVyrEOgjAQANB%2F6ewlR3tci1uNJRoEYgJG3NrATTAYBwbjvwvry%2Fsqo46qECZGS0DGTkCICEnGDCzzpGOyBknUQbn9Vk24Nc%2F6AS0YvviNaeeTX%2FpyHao5DOJffdd7bsu19nMf5Oyunb9TWNL7s33L24%2FC1tDogNjlgLkeIdNaoEAtMYpzmFD9%2Fn4OKP4%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:30 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_1=3337249494985287237;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=c9357560e058df414921eb63;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdzzsSgDAIBNC7pLYIf%2FBqjnfXRBu2fAzsLNegcZJTCqXVPAZvlirFonu3dAZ10wRDXHxxmeK1XFXRN95J9kliJlRK6JQKNjDcM95DI%2F47c5hsR%2F9BIE8hT6vbYN%2Fav%2FcDHS9PDg%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:30 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=3337249494985287237; Domain=.turn.com; Expires=Sat, 09-Oct-2021 12:56:30 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=3337249494985287237&gdpr=0&gdpr_consent=
content-length
0
date
Mon, 12 Apr 2021 12:56:30 GMT
log
cslogger.media.net/ Frame C40D 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cslogger.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2612337901230033000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-c&pvgid[]=data-bs&pvgid[]=data-ct
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.80.28.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 12 Apr 2021 12:56:31 GMT
cksync
cs.media.net/ Frame C40D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjYxMjMzNzkwMTIzMDAzMzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKofwm756UE2m-9P0go-YeQ&google_cver=1
46 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKofwm756UE2m-9P0go-YeQ&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUCSJ2Y7&prvid=77&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.76.200.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
46
X-MNET-HL2
E
Expires
Mon, 12 Apr 2021 12:56:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEKofwm756UE2m-9P0go-YeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F0F9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; PugT=1618232189
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144491
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
merge
ce.lijit.com/ Frame B0D7 		43 B
954 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=af6734d8-4685-052d-122f-902faaf880b0&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B0D7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f646074-437e-4000-bfd1-766e2ab7304f
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f646074-437e-4000-bfd1-766e2ab7304f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
MT3 3660 495c301 master zrh-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=9f646074-437e-4000-bfd1-766e2ab7304f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:29 GMT
sd
us-u.openx.net/w/1.0/ Frame B0D7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W-taHlnoWk9A41saD-xAHlziW0hA7QwaXuxAd3OI
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W-taHlnoWk9A41saD-xAHlziW0hA7QwaXuxAd3OI
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=W-taHlnoWk9A41saD-xAHlziW0hA7QwaXuxAd3OI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B0D7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2480524028413374838
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2480524028413374838
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2480524028413374838
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B0D7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=c389ea18-ac31-3f20-5593-2689d249bfe2&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B0D7 		170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZWZlNjM5ZDItNjU0Ni02MTg0LTQwNzMtN2MzMDE4YWI3MTgy
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B0D7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgqwsTr_9bc-lTRghbnqTo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgqwsTr_9bc-lTRghbnqTo&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 google
server
OXGW/16.205.2
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELgqwsTr_9bc-lTRghbnqTo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE54 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; PugT=1618232189
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144491
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame B569 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YHRDfml8Xlb95BpL12c0TAAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.237.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-237-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame B569 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YHRDfml8Xlb95BpL12c0TAAABHMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B569
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YHRDfml8Xlb95BpL12c0TAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM96iWk1RstZj18EnrktRSc&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM96iWk1RstZj18EnrktRSc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEM96iWk1RstZj18EnrktRSc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame B569
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YHRDfml8Xlb95BpL12c0TAAABHMAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJueIF0FpyGM1kcn5fOkA2E&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJueIF0FpyGM1kcn5fOkA2E&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-145-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:30 GMT

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEJueIF0FpyGM1kcn5fOkA2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame B569
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNdU7A6IcAACk8qj89wA&expiration=1619441790
43 B
997 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNdU7A6IcAACk8qj89wA&expiration=1619441790
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:30 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACNdU7A6IcAACk8qj89wA&expiration=1619441790
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame B569
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061a2204002404fa223c0e15&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061a2204002404fa223c0e15&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-9-98.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 12:56:31 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=061a2204002404fa223c0e15&expiration=[EXPIRATION]
Date
Mon, 12 Apr 2021 12:56:31 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
113
match.deepintent.com/usersync/ Frame B569 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-length
0
server
a
YHRDfml8Xlb95BpL12c0TAAABHMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B569 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YHRDfml8Xlb95BpL12c0TAAABHMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame B569 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YHRDfml8Xlb95BpL12c0TAAA%261139
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.lotterypost.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.76.200.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2043
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 12 Apr 2021 13:30:33 GMT
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=7229612509212095200
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=7229612509212095200
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.24:80
AN-X-Request-Uuid
778df266-f484-4314-b6d4-d83413e8f5c6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=7229612509212095200
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dgumgum2%26bsw_param%3Dde0bf98b-179b-477a-9a9d-714ea26f8c4...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=9f646074-437e-4000-bfd1-766e2ab7304f&expires=30&ssp=gumgum2&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=bsw&i=de0bf98b-179b-477a-9a9d-714ea26f8c44
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=de0bf98b-179b-477a-9a9d-714ea26f8c44
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=de0bf98b-179b-477a-9a9d-714ea26f8c44
date
Mon, 12 Apr 2021 12:56:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookie-sync
sync.outbrain.com/ Frame 0597
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&obuid=ENC(yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DyfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyj...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym&uid=7398c31f-d3df-02dc-36fc-74246af278c9
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym&uid=7398c31f-d3df-02dc-36fc-74246af278c9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:31 GMT
Cache-Control
no-cache
X-TraceId
99b37acfb06305b89d9457cbf429f953
Content-Length
0

Redirect headers

date
Mon, 12 Apr 2021 12:56:31 GMT
content-encoding
gzip
server
OXGW/16.205.2
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=yfZZs9sXJ2evkIqIAz4yeI5x873iMbyjVMIKolIA1FQrKfoS7omyJp1dyjZkB8Ym&uid=7398c31f-d3df-02dc-36fc-74246af278c9
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=34b44e68-8424-0776-32e8-36641a19bea4
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=34b44e68-8424-0776-32e8-36641a19bea4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-encoding
gzip
server
OXGW/16.205.2
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=34b44e68-8424-0776-32e8-36641a19bea4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-d0a9998f-846e-470c-5c4f-f4656cb1abf5$ip$91.132.136.76
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-d0a9998f-846e-470c-5c4f-f4656cb1abf5$ip$91.132.136.76
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-d0a9998f-846e-470c-5c4f-f4656cb1abf5$ip$91.132.136.76
Date
Mon, 12 Apr 2021 12:56:31 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-tX8G3rdE2pckjyCAqSKFfGAukCyt8ovf6Lkx~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-tX8G3rdE2pckjyCAqSKFfGAukCyt8ovf6Lkx~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-tX8G3rdE2pckjyCAqSKFfGAukCyt8ovf6Lkx~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=80ba33ce-9b8e-11eb-a966-1b05268134cb
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=80ba33ce-9b8e-11eb-a966-1b05268134cb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=80ba33ce-9b8e-11eb-a966-1b05268134cb
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
80ba33cf-9b8e-11eb-a966-1b05268134cb
services
sync.technoratimedia.com/ Frame 0597 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:31 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
275082812
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 0597 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:29 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_b1d27da2-9f22-44c2-941b-d9d4258fe726&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=0
Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=503eacc5-01e8-4f49-8968-662c4dbf9623
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=503eacc5-01e8-4f49-8968-662c4dbf9623
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=503eacc5-01e8-4f49-8968-662c4dbf9623
date
Mon, 12 Apr 2021 12:56:31 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003&rndcb=5888179211
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44&google_hm=ZGUwYmY5OGItMTc5Yi00NzdhLTlhOWQtNzE0ZWEyNmY4...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEFE6u13MxkKqCSC30AYcmZk&google_cver=1&ssp=adconductor&bsw_param=de0bf98b-179b-477a-9a9d-714ea26f8c44
  • https://sync.1rx.io/usersync/bidswitch/de0bf98b-179b-477a-9a9d-714ea26f8c44?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-242b2be6-66ea-474a-867e-c940658bfbc4-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Date
Mon, 12 Apr 2021 12:56:31 GMT
Server
Tengine
ETag
RX242b2be666ea474a867ec940658bfbc4003
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Connection
keep-alive
Content-Type
text/html
usersync
rtb.gumgum.com/ Frame 0597
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=T3prtrJyQMQD&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=T3prtrJyQMQD&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=T3prtrJyQMQD&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-c7km9
expires
-1
merge
ce.lijit.com/ Frame 0597 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 7FF7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master zrh-pixel-x25
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://rtb.gumgum.com/usersync?b=mmh&i=9f646074-437e-4000-bfd1-766e2ab7304f&gdpr=0&gdpr_consent=
Expires
Mon, 12 Apr 2021 12:56:29 GMT
usersync
rtb.gumgum.com/ Frame 34C0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
  • https://rtb.gumgum.com/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=&_test=YHRDfgAAFxsTFwAJ
accept-ranges
bytes
date
Mon, 12 Apr 2021 12:56:30 GMT
via
1.1 varnish
x-served-by
cache-hhn4081-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1618232191.950708,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0189 		170 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9iMWQyN2RhMi05ZjIyLTQ0YzItOTQxYi1kOWQ0MjU4ZmU3MjY=&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV9iMWQyN2RhMi05ZjIyLTQ0YzItOTQxYi1kOWQ0MjU4ZmU3MjY=&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkkEoJsXiEShHtzGURhV3kXu73YDEIfGcn2AV7_iyw3avVnZqIeukoHD6N78j0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 12 Apr 2021 12:56:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F82 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=87258
Expires
Tue, 13 Apr 2021 13:10:48 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 9440
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96&t=1620824190
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=e3cd7a12-4d33-4bf2-b287-2580a4cf7b96; domain=.adsrvr.org; expires=Tue, 12-Apr-2022 12:56:30 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwjo7-78o---ORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Tue, 12-Apr-2022 12:56:30 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame 69D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 12 Apr 2021 12:56:30 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame 8F64
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:30 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YHRDfsCo5ukAAGbQr.cAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YHRDfsCo5ukAAGbQr.cAAAAA; path=/; expires=Wed, 12-Apr-23 12:56:30 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
3
X-SO-HostName
m-ad318.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40018.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":62,"gdpr":false,"ipv4":"91.132.136.76","key":"YHRDfsCo5ukAAGbQr.cAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad318"}
X-SO-Key
YHRDfsCo5ukAAGbQr.cAAAAA
X-SO-IP
91.132.136.76
X-SO-Cluster-ID
62
X-SO-Upstream-ID
m-ad318
usersync
rtb.gumgum.com/ Frame 2E19
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870142671571
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=2159827870142671571
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=2159827870142671571
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 12 Apr 2021 12:56:30 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAADvEyGtoZmhhZGxkaGlgbm66SgyJb2FiCAA77dLdIAAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 7 May 2022 12:56:30 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA0MTIzNzQ1NxTiM9SNigwOdDQ1dzfKK_GW4jU0M7QwMjYytDQwNzcFAJqQrq00AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 7 May 2022 12:56:30 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA0MTIzNzQ1NxTiM9SNigwOdDQ1dzfKK_EGAKGWcxclAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=2159827870142671571
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 329B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.242.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 12 Apr 2021 12:56:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 12 Apr 2021 12:56:30 GMT Mon, 12 Apr 2021 12:56:30 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=MBdt9hyzsfueCdRec5pI&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 280B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; SPugT=1618232189
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144491
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:30 GMT
Connection
keep-alive
Vary
Accept-Encoding
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22314202cdc84c2aefd4f87a815f2c77f570597df6988c5f5f275179a9b864f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
SPug
simage4.pubmatic.com/AdServer/ Frame E9E8 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157856&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=videoplaytime50
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame F0F9 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144488
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame CE54 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; chkChromeAb67Sec=1; DPSync3=1619395200%3A201_227_226_221; SyncRTB3=1618790400%3A223%7C1619395200%3A220_21_54_56_7_161_3_13_71%7C1619481600%3A35%7C1619049600%3A63; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144488
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame F0F9 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
cac804cbf66f6d93cbac6e49317b9fbe8e5cc99ae6607f12a518da8b39f57406

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 1CBD 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=2480524028413374838
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Mon, 12 Apr 2021 12:56:33 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=2480524028413374838; expires=Fri, 11 Jun 2021 12:56:33 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug020:0:524
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 05DF
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDTmRVN0E2SWNBQUNrOHFqODl3QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACNdU7A6IcAACk8qj89wA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACNdU7A6IcAACk8qj89wA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACNdU7A6IcAACk8qj89wA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=2336833659442948185
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNdU7A6IcAACk8qj89wA
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNdU7A6IcAACk8qj89wA
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35; KRTBCOOKIE_153=1923-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&19420-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&22979-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud; PugT=1618232192; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_1101=23040-6950254346290919568; KRTBCOOKIE_218=22978-YHRDfgAAFxsTFwAJ&KRTB&23194-YHRDfgAAFxsTFwAJ&KRTB&23209-YHRDfgAAFxsTFwAJ&KRTB&23244-YHRDfgAAFxsTFwAJ; KRTBCOOKIE_188=3189-b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348; KRTBCOOKIE_1074=22956-e_b1d27da2-9f22-44c2-941b-d9d4258fe726; KRTBCOOKIE_22=14911-3337249494985287237; KRTBCOOKIE_107=1471-uid:hXkQTPfn1LvW7f5; KRTBCOOKIE_279=22890-80ba33ce-9b8e-11eb-a966-1b05268134cb&KRTB&23011-80ba33ce-9b8e-11eb-a966-1b05268134cb; KRTBCOOKIE_594=17105-RX-242b2be6-66ea-474a-867e-c940658bfbc4-003&KRTB&17107-RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AACNdU7A6IcAACk8qj89wA; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PugT=1618232192; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug014:0:415
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Mon, 12 Apr 2021 12:56:34 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACNdU7A6IcAACk8qj89wA
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3FBB
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254346290919568
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254346290919568
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6950254346290919568; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PugT=1618232192; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug008:0:399
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6950254346290919568; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6950254346290919568
Pug
image2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug002:0:328
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a79a186-69a6-44e1-b042-aba4f5fcd295&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a79a186-69a6-44e1-b042-aba4f5fcd295&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:33 GMT
X-lat
amspug007:0:260
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4a79a186-69a6-44e1-b042-aba4f5fcd295&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 12 Apr 2021 12:56:33 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B040
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PugT=1618232192; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug010:0:527
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Mon, 12 Apr 2021 12:56:33 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=YvqTJ3XSWebag57s0mCwWoRo; Max-Age=63072000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=YvqTJ3XSWebag57s0mCwWoRo
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 8874 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 12 Apr 2021 12:56:33 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame 5A4C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=afnoeUmge0nousnG8wmIk70HY60dT5Ct1QZduVfbN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 12 Apr 2021 12:56:34 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dda28331aa6519058079c52061151dbca1618232194; expires=Wed, 12-May-21 12:56:34 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=agnsIHSkTsfAutomjt9dVuIdYiTRRhtLDLyEZaZdgSgZaDWU8VN6XU16FcGHfLjL3y8qpa6mYyaIJZbbBghUnQfTZakPK; path=/; domain=.tribalfusion.com; expires=Sun, 11-Jul-2021 12:56:34 GMT; SameSite=None; Secure; ANON_ID_old=agnsIHSkTsfAutomjt9dVuIdYiTRRhtLDLyEZaZdgSgZaDWU8VN6XU16FcGHfLjL3y8qpa6mYyaIJZbbBghUnQfTZakPK; path=/; domain=.tribalfusion.com; expires=Sun, 11-Jul-2021 12:56:34 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0967c0cc2800004de24b342000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63ec9d8d09174de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Mon, 12 Apr 2021 12:56:34 GMT
content-type
text/html
set-cookie
__cfduid=dd2f18a6690f677387a0e8f1068e9d7b61618232193; expires=Wed, 12-May-21 12:56:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=afnoeUmge0nousnG8wmIk70HY60dT5Ct1QZduVfbN; path=/; domain=.tribalfusion.com; expires=Sun, 11-Jul-2021 12:56:33 GMT; SameSite=None; Secure; ANON_ID_old=afnoeUmge0nousnG8wmIk70HY60dT5Ct1QZduVfbN; path=/; domain=.tribalfusion.com; expires=Sun, 11-Jul-2021 12:56:33 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
1812
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
0967c0cb6e00004de27d2f3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63ec9d8bee794de2-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 490E
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T3prtrJyQMQD&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T3prtrJyQMQD&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35; KRTBCOOKIE_153=1923-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&19420-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&22979-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud; PugT=1618232192; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_1101=23040-6950254346290919568; KRTBCOOKIE_218=22978-YHRDfgAAFxsTFwAJ&KRTB&23194-YHRDfgAAFxsTFwAJ&KRTB&23209-YHRDfgAAFxsTFwAJ&KRTB&23244-YHRDfgAAFxsTFwAJ; KRTBCOOKIE_188=3189-b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348; KRTBCOOKIE_1074=22956-e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:33 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:33 GMT; path=/
X-lat
amspug019:0:392
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-c7km9
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
set-cookie
V=T3prtrJyQMQD;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 07-Apr-2022 12:56:33 GMT;Max-Age=31104000;SameSite=None
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=T3prtrJyQMQD&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
dpe
ad4m.at/ad/ Frame B229 		42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 12 Apr 2021 12:56:33 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d9f53fa49c99b7cbe47e32ad61d1fb2241618232193; expires=Wed, 12-May-21 12:56:33 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-2tzg
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
0967c0cb5b0000d6c1a0379000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
63ec9d8bc9cad6c1-FRA
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9346
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Mon, 12 Apr 2021 12:56:34 GMT
via
1.1 varnish
x-served-by
cache-hhn11545-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618232194.051266,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901;Version=1;Path=/;Domain=.taboola.com;Expires=Tue, 12-Apr-2022 12:56:33 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=07fcd9a1-239c-44fe-8540-4cce26525078-tuct76dc901&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Mon, 12 Apr 2021 12:56:34 GMT
via
1.1 varnish
x-served-by
cache-hhn11545-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1618232194.956598,VS0,VE68
x-vcl-time-ms
68
content-length
0
141
match.deepintent.com/usersync/ Frame 9EC4 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Mon, 12 Apr 2021 12:56:33 GMT
server
a
receive
pixel.tapad.com/idsync/ex/ Frame 7127
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
95 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1618232192079; TapAd_DID=813c0df4-9b8e-11eb-b5d7-0e7428a4854a; TapAd_3WAY_SYNCS=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Mon, 12 Apr 2021 12:56:33 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
server
Jetty(9.4.28.v20200408)
via
1.1 google
alt-svc
clear

Redirect headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:31 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:31 GMT; path=/
X-lat
amspug018:0:333
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 94CA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXkQTPfn1LvW7f5&gdpr=0&gdpr_consent=
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXkQTPfn1LvW7f5&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35; KRTBCOOKIE_153=1923-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&19420-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&22979-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud; PugT=1618232192; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_1101=23040-6950254346290919568; KRTBCOOKIE_218=22978-YHRDfgAAFxsTFwAJ&KRTB&23194-YHRDfgAAFxsTFwAJ&KRTB&23209-YHRDfgAAFxsTFwAJ&KRTB&23244-YHRDfgAAFxsTFwAJ; KRTBCOOKIE_188=3189-b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348; KRTBCOOKIE_1074=22956-e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_107=1471-uid:hXkQTPfn1LvW7f5; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/ PugT=1618232192; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug018:0:440
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Mon, 12 Apr 2021 12:56:33 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:hXkQTPfn1LvW7f5&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-639-g719035a#rel-ec2-master i-080424a23a22eec76@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=hXkQTPfn1LvW7f5; Domain=.w55c.net; Expires=Thu, 12-May-2022 12:56:33 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Wed, 12-May-2021 12:56:33 GMT; Path=/; SameSite=None; Secure
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 523B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=3882844504
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348&partner_url=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2Fb1afd...
  • https://sync.1rx.io/usersync3/centro/1508/b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348?zcc=0&sspret=1&rndcb=3882844504
  • https://sync.targeting.unrulymedia.com/csync/RX-242b2be6-66ea-474a-867e-c940658bfbc4-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35; KRTBCOOKIE_153=1923-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&19420-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&22979-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud; PugT=1618232192; KRTBCOOKIE_409=22966-YvqTJ3XSWebag57s0mCwWoRo; KRTBCOOKIE_1101=23040-6950254346290919568; KRTBCOOKIE_218=22978-YHRDfgAAFxsTFwAJ&KRTB&23194-YHRDfgAAFxsTFwAJ&KRTB&23209-YHRDfgAAFxsTFwAJ&KRTB&23244-YHRDfgAAFxsTFwAJ; KRTBCOOKIE_188=3189-b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348; KRTBCOOKIE_1074=22956-e_b1d27da2-9f22-44c2-941b-d9d4258fe726; KRTBCOOKIE_22=14911-3337249494985287237; KRTBCOOKIE_107=1471-uid:hXkQTPfn1LvW7f5; KRTBCOOKIE_279=22890-80ba33ce-9b8e-11eb-a966-1b05268134cb&KRTB&23011-80ba33ce-9b8e-11eb-a966-1b05268134cb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-242b2be6-66ea-474a-867e-c940658bfbc4-003&KRTB&17107-RX-242b2be6-66ea-474a-867e-c940658bfbc4-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/ PugT=1618232192; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 12-May-2021 12:56:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug020:0:391
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Mon, 12 Apr 2021 12:56:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-242b2be6-66ea-474a-867e-c940658bfbc4-003%22%7D; path=/; expires=Tue, 12 Apr 2022 12:56:34 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003
ETag
RX242b2be666ea474a867ec940658bfbc4003
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 6DE9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:05CDF78849C34EEDB7DF45E9B7669229
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:05CDF78849C34EEDB7DF45E9B7669229
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; PugT=1618232189; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 11-Jul-2021 12:56:32 GMT; path=/
X-lat
amspug017:0:445
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
nginx
date
Mon, 12 Apr 2021 12:56:33 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:05CDF78849C34EEDB7DF45E9B7669229
expires
Sun, 11 Apr 2021 12:56:33 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
usersync
match.bnmla.com/ Frame 2A23 		0
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93924741&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.126 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:34 GMT
Content-Length
0
Connection
keep-alive
Cookie set merge
ce.lijit.com/ Frame 6774 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=c9357560e058df414921eb63; ljtrtbexp=eJxdzzsSgDAIBNC7pLYIf%2FBqjnfXRBu2fAzsLNegcZJTCqXVPAZvlirFonu3dAZ10wRDXHxxmeK1XFXRN95J9kliJlRK6JQKNjDcM95DI%2F47c5hsR%2F9BIE8hT6vbYN%2Fav%2FcDHS9PDg%3D%3D; _ljtrtb_3=9f646074-437e-4000-bfd1-766e2ab7304f; _ljtrtb_76=af6734d8-4685-052d-122f-902faaf880b0; _ljtrtb_83=KNELNXMV-O-36HA; _ljtrtb_43=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs; _ljtrtb_86=MBdt9hyzsfueCdRec5pI; _ljtrtb_12=7229612509212095200; _ljtrtb_2=05CDF78849C34EEDB7DF45E9B7669229; _ljtrtb_10=2159827870142671571; _ljtrtb_1=3337249494985287237; _ljtrtb_26=de0bf98b-179b-477a-9a9d-714ea26f8c44; _ljtrtb_36=e_b1d27da2-9f22-44c2-941b-d9d4258fe726; _ljtrtb_49=weS0UJ2XMlwC; _ljtrtb_84=c:4d160f8d096936575a242b508c31c559; _ljtrtb_85=AACNdU7A6IcAACk8qj89wA; _ljtrtb_80=KNELNXMV-O-36HA; _ljtrtb_56=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003; _ljtrtb_87=1a97ea00-b27e-4254-8c69-9b278977247e; ljtrtb=eJxtktFuUzEMht%2Bl11hKHCe2d3fanooy2omxoo4blJwkQtBJTANVgHh3HK5RbpzfXxz7T36vPK5uVoyoyWN0ih6dRnRu9WoVk6Xuz4CEBUtLkFLLQEwZJHGDRcmlKKWXhcC5YEfCONI%2BFV%2BRa0bQjghEi0XkC1SthFF6Y0xG46Brc6WrFPCsxapzBs1agT21jKnLQmQsqbHX9t6d3uD5cLluTPMmhRAYSceSiMIYeFS2jIub7Y5FSDeB5nm75u2O4qxrTklt4NGuYdoTJccEFGwmcs5B6dWDUQ1z4eCoGyrO2Nvj%2FPZ4PnyAOwjp9TTk8H%2BZTF5uqPrkulSnSUOKHPPwMjpZgl9iHC1INHKaNsd64intFwu%2FyvMX0eu%2FOsOhw7p%2B188%2Ff730H21T79sSv%2B3H9KMj9FEFWdh5wsQ%2Bsh9mja7W09Npd328vcyPffp4ejhN6W53PUyX09y3sn%2BY3tH8VJ5fjOdxTe6JA1UBShLBRazgETuow55zF3Fl%2FAphY31WbnlYhcM0jASyJAW1vSjbi3Bb%2FfkL8k6TGw%3D%3D; _ljtrtb_16=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 12 Apr 2021 12:56:33 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_80=KNELNXMV-O-36HA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_36=e_b1d27da2-9f22-44c2-941b-d9d4258fe726;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_26=de0bf98b-179b-477a-9a9d-714ea26f8c44;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_49=weS0UJ2XMlwC;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_16=b1afd58b-1343-4073-aa42-10aa21feda7f-6074437f-4348;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_83=KNELNXMV-O-36HA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=9f646074-437e-4000-bfd1-766e2ab7304f;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_84=c:4d160f8d096936575a242b508c31c559;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_2=05CDF78849C34EEDB7DF45E9B7669229;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_85=AACNdU7A6IcAACk8qj89wA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=MBdt9hyzsfueCdRec5pI;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_1=3337249494985287237;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=af6734d8-4685-052d-122f-902faaf880b0;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=BAmUFwYKlEYfAZUTUA6OFwMAlUEfD8ITAQ4Embqs;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=2159827870142671571;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_87=1a97ea00-b27e-4254-8c69-9b278977247e;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_12=7229612509212095200;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=RX-242b2be6-66ea-474a-867e-c940658bfbc4-003;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJxtkl1vUzEMhv9Lr7HkOE5s7%2B60PRVltBNjRR03KDlJhKCTmAaqAPHfSbhGuXHsx19v8nvlaHWzEiKLjgIaOUILhLh6tQqxh%2B7PQEyZco0QY03Awgk0SoXFGGPQ3PLCgOh7ih8p9VN2haQkAmtEwLx0i12GYoUpaKtCsdM06FIxN9MMTiz36pLAkhUQxzVRbLowd9YNNrvUShisZw%2BM4iElJnCYErlWS5IGEYXZd4M9a89k65nX%2Bh5Pb%2Bh8uFw3o1p3ee%2BF2MbRQCrkZczUIxg2252osm08z%2FN2Ldsdh9nWEqN1qcaiHbMWeTTrjboajIiQW3HQqUopi0duHVXs7O1xfns8Hz7AHfj4ehpu%2F383d%2Fdyw8VFbFrQovkYJKTxCgF18W4JYYygoZPTtDmWk0xxv3Tzqz5%2FUbv%2BqzP0OqzLd%2Fv889dL%2B1E35b4u4dt%2BbD8mIhdMSVTQMUVxQdwQa0y1np5Ou%2Bvj7WV%2BbNPH08Npine762G6nOa21f3D9I7np%2Fz80nkZbVKL4rkocNQAGKiAI2pgSC2lpop5%2FCeVzrpkUtOQioZoFBh0iQbW72rSX0Tq6s9fup%2BhJw%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:33 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_71=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:33 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxdzzsSgDAIBNC7pLYIf%2FBqjnfXRBu2fAzsLNegcZJTCqXVPAZvlirFonu3dAZ10wRDXHxxmeK1XFXRN95J9kliJlRK6JQKNjDcM95DI%2F47c5hsR%2F9BIE8hT6vbYN%2Fav%2FcDHS9PDg%3D%3D;Path=/;Domain=.lijit.com;Expires=Tue, 12-Apr-2022 12:56:33 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=c9357560e058df414921eb63;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap1ams1
mw
mwzeom.zeotap.com/ Frame F0F9
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B
  • https://spl.zeotap.com/?zdid=1332&zcluid=714c110efee5bf8d
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zclui...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zclu...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEGA_8q4TCFtctMSylP2S7is&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425...
95 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEGA_8q4TCFtctMSylP2S7is&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zcluid=714c110efee5bf8d&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 12 Apr 2021 12:56:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
63ec9d8fc85f05ed-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
0967c0cdda000005ede3374000000001

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEGA_8q4TCFtctMSylP2S7is&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=f7401bfc-eedb-4eeb-6c22-95047e6d0b98&reqId=4fde8326-deaa-4f8a-4706-425e23d5fd88&zcluid=714c110efee5bf8d&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f646074-437e-4000-bfd1-766e2ab7304f
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f646074-437e-4000-bfd1-766e2ab7304f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 12 Apr 2021 12:56:33 GMT
Server
MT3 3660 495c301 master zrh-pixel-x8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=9f646074-437e-4000-bfd1-766e2ab7304f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 12 Apr 2021 12:56:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3337249494985287237&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3337249494985287237&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug012:0:415
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3337249494985287237&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug003:0:392
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1618232194.908060,VS0,VE0
x-served-by
cache-hhn4081-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YHRDfgAAFxsTFwAJ&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame F0F9 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7229612509212095200
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7229612509212095200
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:33 GMT
X-lat
amspug008:0:283
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 12 Apr 2021 12:56:33 GMT
X-Proxy-Origin
91.132.136.76; 91.132.136.76; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid
b42967a5-0eae-4789-b53b-3a4a0238dc06
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7229612509212095200
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug014:0:325
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b1d27da2-9f22-44c2-941b-d9d4258fe726
date
Mon, 12 Apr 2021 12:56:33 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
Pug
simage2.pubmatic.com/AdServer/ Frame F0F9
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=80ba33ce-9b8e-11eb-a966-1b05268134cb&gdpr=0&gdpr_consent=
1 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=80ba33ce-9b8e-11eb-a966-1b05268134cb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
X-lat
amspug020:0:402
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=80ba33ce-9b8e-11eb-a966-1b05268134cb&gdpr=0&gdpr_consent=
Date
Mon, 12 Apr 2021 12:56:33 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
82598cb8-9b8e-11eb-821f-8f7b6fb4427e
showad.js
ads.pubmatic.com/AdServer/js/ Frame 280B 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.214 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=C8DFE4E7-29E6-4A03-B7D6-17562E304B8B; KRTBCOOKIE_80=16514-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&22987-CAESEJJCsH3nzIINKLLqibVnXuk&KRTB&23025-CAESEJJCsH3nzIINKLLqibVnXuk; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&16736-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23019-uid:14fa6074-437e-4000-9c18-90ea01235889&KRTB&23114-uid:14fa6074-437e-4000-9c18-90ea01235889; KRTBCOOKIE_391=22924-2480524028413374838&KRTB&23263-2480524028413374838; KRTBCOOKIE_57=22776-7830944657085672463; KRTBCOOKIE_336=5844-7333820847261831745; KRTBCOOKIE_377=6810-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&22918-3d11d58f-e604-46c0-b2da-6001ba7e35c0&KRTB&23031-3d11d58f-e604-46c0-b2da-6001ba7e35c0; KRTBCOOKIE_466=16530-de0bf98b-179b-477a-9a9d-714ea26f8c44; SPugT=1618232192; repi=1; chkChromeAb67Sec=2; DPSync3=1619395200%3A219_197_201_227_226_221%7C1618272000%3A174; SyncRTB3=1618790400%3A223_67_15_2%7C1619395200%3A71_222_5_8_166_22_88_204_21_54_78_57_7_161_81_176_220_231_3_13_55_189_99_56_165_230_104%7C1620777600%3A203%7C1619049600%3A63%7C1623369600%3A69%7C1619481600%3A35; KRTBCOOKIE_153=1923-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&19420-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud&KRTB&22979-n7dUbp20VD-Ev1Vqy7BObpi-VTiEsQJqmrBXU6Ud; PugT=1618232192
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Thu, 01 Apr 2021 09:51:48 GMT
ETag
"13006b6-98c9-5bee62e0efabf"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14061
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=144488
Expires
Wed, 14 Apr 2021 05:04:41 GMT
Date
Mon, 12 Apr 2021 12:56:33 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 280B 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=29829388&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 12 Apr 2021 12:56:32 GMT
Content-Length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=videoplaytime75
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=videoplaytime10s
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~knelnv4u&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&met.4=5s.knelnyc1~10s.knelo26w~2sbc.knelo2yo&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F31b4ea2bd2a51d39610fc8aa214e4119.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~knelo4d2&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fb2ad9e2117aedd5ce941a2862458374c.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~knelo4d2&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fa0b5068ca1fc7f6ff765c7833258ec42.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
45 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~knelo4d3&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fredirector.gvt1.com%252Fvideoplayback%253Fid%253D8ba253171be2ebc2%2526itag%253D18%2526source%253Dweb_video_ads%2526requiressl%253Dyes%2526cmo%253Dsecure_transport%253Dyes%2526ip%253D0.0.0.0%2526ipbits%253D0%2526expire%253D1618239385%2526sparams%253Dip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Crequiressl%2526signature%253D027750B55998256CD41F5D43AFAC38A666F2392A.2B7B79E8EC59F5D6602435BE9F85E8BECC4995B1%2526key%253Dck2&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=adpause
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9152 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~knelo4d3&c=4086364544154&slotId=2043182272077&qqid=CI_ApNTg-O8CFUydhQod8Y8LIQ&dm=13000&event_name=first_pause&asset_bytes=154074&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=21&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=13.00&video_muted=true&video_seconds_loaded=13.00&vqdf=0&vqtf=390&vqfr=30&endedMediaDiff=-3.1750000000010914
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b2ad9e2117aedd5ce941a2862458374c.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c02::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9152 		42 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CR5rTeEN0YI-kLcy6lgTxn66IAo-ri5piz4b-voQN-4TJyOgFEAEg8q2FHGD1lc6B4ASgAbCWgc4ByAEJqQJQz-03TuyzPuACAKgDAcgDCKoE2AFP0Ge5k-L60zRCj_pxfwImHrKnY4Ck0BLWAiHqyq1BKB0G3cJRvE2l1vIwAglFl1soxHG1VOS7kALA7Xkk8OMPcXwftVty5I2PiK0iR9_TXAsE071Va4JD_B7yfdQFblcHWgttX0hZvlHYRhFWFYgfqUAxD38ldnR6e5Olwp5lCDh_vlrA0L470wtWtx5oUb8nZT3BWLvXZDvPw7pwEh9rd_nkhQSJOMl_L5YZTrO7V5Z9FOpsi7BSsq_Vlo5hdR48UGPJgzWHRvbVhVWiGQNnvIwT2ztb4sbABOO0zsG0A-AEAaAGLoAHuOn-sQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RuoB_PRG6gH7NUbqAeW2BvYBwDSCAcIgGEQARgdsQm9OdqbbLu9z4AKA5gLAcgLAYAMAbgMAdgTDYgUAw&sigh=T277vp_KYGw&cid=CAQSOwCNIrLMfVqf_V_UGiFG88iH7zGqnfD6Co7Zl0CeB1f3V3BYxOBd7TP9irxAYvIXtvk9M7icovliDaC1&label=videoplaytime100
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 12 Apr 2021 12:56:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1615352110814522421/ Frame 9152 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1615352110814522421/downsize_200k_v1
Requested by
Host: d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
URL: https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0f42bc2fbdc768aae8cdbeaf164506ec2ddb4c048e2a53c2af5960af4396d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 11 Apr 2021 18:09:33 GMT
x-content-type-options
nosniff
age
67626
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60353
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 09:17:42 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 11 Apr 2022 18:09:33 GMT
rum
cloudflareinsights.com/cdn-cgi/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=c9357560e058df414921eb63&gdpr=0&gdpr_consent=
Domain
cloudflareinsights.com
URL
https://cloudflareinsights.com/cdn-cgi/rum

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| LPPreInit object| googletag function| pbBds object| pbjs object| apstag object| dataLayer object| adsbygoogle object| ggeac object| google_js_reporting_queue object| google_tag_manager function| pbjsChunk object| _pbjsGlobals number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| _gaq object| _qevents object| _atrk_opts function| $ function| jQuery string| dataSpace string| dataSpaceStyle string| dataSpaceAnimated object| effect function| effectsEffectSlide object| LP object| LPCookie object| LPErrorType object| LPError object| SW object| gL object| mL number| curtop boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| _gat object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| atrk boolean| _atrk_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests number| panelWidth object| $cols

56 Cookies

Domain/Path Name / Value
.lijit.com/ Name: _ljtrtb_80
Value: KNELNTOX-F-EGD3
.lijit.com/ Name: _ljtrtb_43
Value: JXZavSd1WrE-flTtIX9AsHZxDLE-d1nsdXRK3L52
.openx.net/ Name: pd
Value: v2|1618232185|gen0vNiygu
.lotterypost.com/ Name: __gads
Value: ID=106d80fa62613b33:T=1618232184:S=ALNI_MZ6poh6wf7WL6rkaCh7BWyDzOTcsQ
.pubmatic.com/ Name: PugT
Value: 1618232185
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YHRDeQAAIY74xgA0&KRTB&23194-YHRDeQAAIY74xgA0&KRTB&23209-YHRDeQAAIY74xgA0&KRTB&23244-YHRDeQAAIY74xgA0
.lotterypost.com/ Name: __cfduid
Value: d1aba4d19cf6497a121eed5abf52073d51618232183
.lotterypost.com/ Name: __cf_bm
Value: e2e5a27303f010ebaf3ecd3ad750d363e1c4f70c-1618232184-1800-AYZEu1wUD0b8wHjoY1S8y7PwPR7ngSJ7ZYpE7R7PazxhvKResJI7U6HbXI5fgFZ7H0NoQ913dJJFpxBE4aaoqCM=
.pubmatic.com/ Name: SPugT
Value: 1618232184
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8689657867462856053&KRTB&23263-8689657867462856053
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&22987-CAESEJO0Y8aTyPvZXVASlVd0Itk&KRTB&23025-CAESEJO0Y8aTyPvZXVASlVd0Itk
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&22918-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10&KRTB&23031-d435a1d3-f2d9-41cc-b7f2-e23364b5ba10
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6950254311926593680
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&19420-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr&KRTB&22979-ojvl1qA45dq5M-uGpjL_2_E8s9q5OuaH8jl1MQQr
.lijit.com/ Name: ljtrtb
Value: eJyrVjJWslIyMzY2NzMwN9E1MTa30DVJMTDQtTA3TdFNS0szNEyzNDRPNUlW0lEyAan1iohKLAtOMQwvctVNywkp8YywdCz2iKpw8XHVTTHMK06JCPI29jE1UqoFACz2GPc%3D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7288845911666229246
.amazon-adsystem.com/ Name: ad-id
Value: A4BJC3U7G0Mmpa6v7lKREw0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b4d36316-356f-4f51-8d09-a0522c407a7c
.pubmatic.com/ Name: PUBMDCID
Value: 3
.casalemedia.com/ Name: CMDD
Value: AAUzMwE*
.pubmatic.com/ Name: DPSync3
Value: 1619395200%3A221_201_227_226
.pubmatic.com/ Name: SyncRTB3
Value: 1619049600%3A63%7C1619395200%3A166_56_7_161_3_55_13_71_21_8_22_81_88_54%7C1618790400%3A2_223_15%7C1619481600%3A35%7C1620777600%3A203
.doubleclick.net/ Name: IDE
Value: AHWqTUkkZWPmk_I5hj7_BJNYHYfrH3WNNED8Gn11uPJlqu5MnvXXYZqGYzGRBgy-bF4
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casalemedia.com/ Name: CMRUM3
Value: 2d607443792760CAESEN9HuenWy6F2Lcb5jO1aoBU&b06074437905a00&f16074437905a0&9c6074437905a00&e66074437927600&036074437905a0&27607443790b40&406074437a2760771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348
.casalemedia.com/ Name: CMPS
Value: 5202
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-YvqTJ3XSWebag57s0mCwWoRo&KRTB&23212-YvqTJ3XSWebag57s0mCwWoRo
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMST
Value: YHRDeGB0Q3oB
.lotterypost.com/ Name: __utmz
Value: 130209170.1618232184.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.lotterypost.com/ Name: __qca
Value: P0-110787676-1618232184558
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-771c8022-2cce-43b5-9b9e-808a606e1480-60744379-4348
.lotterypost.com/ Name: __utmt_UA-7096458-1
Value: 1
.lotterypost.com/ Name: __asc
Value: 70c4f50e178c6278ee70aa09c76
.lotterypost.com/ Name: __utma
Value: 130209170.653130120.1618232184.1618232184.1618232184.1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADJMk7A6IcAACkPutJ60w
.lijit.com/ Name: _ljtrtb_84
Value: c:4d160f8d096936575a242b508c31c559
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNDO0NDExNLcw1VEyRuVamKDyTdDkjczBfAsLYzNLC9NaAI0lEEU%3D
.lotterypost.com/ Name: __auc
Value: 70c4f50e178c6278ee70aa09c76
.lijit.com/ Name: ljt_reader
Value: 514c17553e457f84c634181c
.lotterypost.com/ Name: f
Value: a=44298.3724992245
.openx.net/ Name: i
Value: 03bf5c6e-1a06-072c-1de1-3aaea8313291|1618232185
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2051760143228930276
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 843AF0C7-018A-4420-BECA-8EC10D1CB9D3
.lijit.com/ Name: _ljtrtb_3
Value: 63376074-4378-4d00-875d-fff11f917e4c
.lotterypost.com/ Name: __utmc
Value: 130209170
.casalemedia.com/ Name: CMID
Value: YHRDeECC8VeumEpecj502AAA
.lotterypost.com/ Name: __utmb
Value: 130209170.1.10.1618232184
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-9067763383897638257
.ads.pubmatic.com/ Name: KCCH
Value: YES
.casalemedia.com/ Name: CMPRO
Value: 1121
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&16736-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23019-uid:63376074-4378-4d00-875d-fff11f917e4c&KRTB&23114-uid:63376074-4378-4d00-875d-fff11f917e4c
www.lotterypost.com/ Name: ASP_Session
Value: AUSSDBRS/LGPBIBKBLEDNBFEEHFEGOOEJ
www.lotterypost.com/ Name: tz
Value: 1
www.lotterypost.com/ Name: g
Value: a=44298.3690197106&b=44298.3863881134&c=%2f&d=

3 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://www.lotterypost.com/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
aktrack.pubmatic.com
amazon-tam-match.dotomi.com
aorta.clickagy.com
ap.lijit.com
as-sec.casalemedia.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
bidswitch-eu.splicky.com
bttrack.com
c.amazon-adsystem.com
c.deployads.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
ce.lijit.com
certify-js.alexametrics.com
certify.alexametrics.com
cloudflareinsights.com
cm.adgrx.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
cs.media.net
csi.gstatic.com
cslogger.media.net
d.turn.com
d2738902545040a1415dd7e80b772411.safeframe.googlesyndication.com
d5p.de17a.com
data.adsrvr.org
dis.criteo.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
loadm.exelator.com
lp.vg
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.scoota.co
r3---sn-4g5e6nsz.gvt1.com
redirector.gvt1.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s.yimg.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.bumlam.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync3.sniperlog.ru
tg.socdm.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lotterypost.biz
www.lotterypost.com
x.bidswitch.net
cloudflareinsights.com
ums.acuityplatform.com
104.108.144.214
104.108.145.8
104.76.200.23
104.76.200.247
104.80.28.24
13.226.155.126
142.250.185.162
142.250.185.66
150.136.26.45
151.101.114.49
151.101.65.108
159.65.197.210
168.119.127.61
169.197.150.7
169.50.137.190
174.137.133.49
178.250.2.151
18.156.0.31
18.156.133.101
18.159.8.206
18.193.144.52
18.195.155.181
18.198.69.109
184.51.9.34
184.51.9.98
185.183.112.148
185.184.8.30
185.29.132.69
185.33.221.50
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.86.139.115
192.132.33.46
193.0.160.128
198.148.27.139
199.232.137.44
2.18.68.31
2001:678:cb4:bbbb::11
202.241.208.100
213.155.156.165
213.19.147.151
216.52.2.30
216.58.212.162
2600:9000:2093:6a00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:20::681a:ad1
2606:4700:3031::ac43:c203
2606:4700::6810:5e41
2606:4700::6812:13ad
2606:4700::6812:d05
2607:f8b0:4002:c02::5e
2620:116:800d:21:51e4:db4b:4436:b305
2620:119:50e4:101::6cae:b55
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:5f::8
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2001
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2013
2a00:1450:400c:c1b::9b
2a02:fa8:8806:16::1370
2a04:4e42:3::621
31.172.81.160
31.172.81.172
34.203.138.195
34.98.107.212
34.98.64.218
35.156.19.236
35.157.48.14
35.201.96.126
35.227.248.159
37.157.4.23
37.252.172.249
38.27.122.126
46.228.164.13
50.16.38.94
51.210.112.63
52.215.237.248
52.215.39.23
52.51.245.167
52.85.32.122
52.94.232.32
52.95.123.41
54.163.239.172
54.192.210.10
54.230.183.21
54.77.12.55
54.77.242.172
64.202.112.31
66.155.71.25
69.173.144.165
69.173.151.90
70.42.32.63
72.251.241.206
72.251.249.14
77.243.60.138
85.114.159.93
94.23.73.243
015b25b20da0d120ad2db3a1c658c3dd5c7887d0a40ead1a81cd2ec6db6163bf
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b60fd7a95906e5e8a101afb103d917000eae55f1128bd46a05f00dc948d41bb
0b7a03de3ca8f5a498a1f377ba2daff48fe3e9160ca06f9462d07015bac0dc74
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
11473fabc4ff06ba305b1caf8464d5abf434e7f6f447f9cdb32744fba5661c30
1152be785978aa809034ab61de86ce4d03c5a301c95e96995e336d2462832a10
122bd6a65c5786328726fd9a4051b6aef4aaf4cd3349ff60decae0f9262ff367
12a84d53232f26ad8feb3dab55e480195520c092b9a8dc87baca96c7390d919b
14dd45aeb578e1ec55a48300634904c222288bc7e705aca5e41728146e870e19
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1745a1401c5d91a731889be5f0ccb87d6f7bf36743c29d9c97f3aa6413a7fec1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1b35f828bed609bd50d0004f302ae90810fcfdff55f4a1a50f7d801f590f2358
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f49691475663af0b6f95af60cec34547603722738c384ce1e67928ba86280c0
1fa16c1f74876eaeaf66d6f29d57c641c619fcf69ac55187039f4f82ff9a701f
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
28c5b4b94152e7248f6e1805395295c7a85ddc9d2c37cc6883295caefa9993d5
29f078ff772e2338e70d74747a93948f283e6bc864c2608518169cdd3550ec01
2caa4dce1746cb73f218a783291388a3eb600753578f116b381bdf7ecdfc13e9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
309d93da58ec9b2f902bd0e85f6eda0ff14ad458b308c5effd6590131f63994c
32609b955385fb820a5f497af8cc923e22cff9a2d80fdbc32fdf67bd23102465
3322f9b8f5459c31671a3be79945a4407891cb50f0e407b191c668c4f5c2b73e
348d3b433e5abc573f21190eeaaa38741c2bbb453d40f0513290ae34bd8a3f96
34a7e9c66116637c5bc98b92850cc1606e93cad6f13cfedd88b69af01222de20
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3719a869bbfb25a5c380b359440d957fa76d7e4f5ed37b089c1207f38c598d96
3877a1665b97a62cffddcc0ef5ee71bb4fb5e29c71895efb3d063241bd6f021d
3ba11189baa049026c6688cacfa4e9e0b62151f38822c00747d31a1de72327fd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43c349f4978853f226bbda714f5a09cd9a7acb79fa3f359cc1e62726dad394da
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
493f307d776f5a915d329134dd47122f5829f1223a294cd7fef4f97d26611046
4978cf70e1d6da3313a2320c9b695f6709ed898f1ee1d9b62cdf42f6ed618d2e
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4a5425467472328a9743b7d4a74de926d54793cf0f9f29c5f72d41d7a1a2c05f
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4cc2c9fbb869f44f1747f4ce8dc727043031264e571bed2cee825bc3f68106d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0fd989ea582357754166789b3e0a896f231d21f237a6356671492f4b2bec8c
4e17ba7f7adef76f755128e7a9fa4d16b2eeade4408de77e87d31456d38aa515
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fdb45a10bf7c1166b720a9ff59b04a74f8e62485eb52d6497a581fa091f27ba
4fdf80daf5f376645d74edb88eb93e7b1672b7a253c8b8644827bb2c040da320
5015066c4239b0883843cf8eeee85efb0956b6a631f01f6e8879c8f103e5fc85
5202075998311dcab7a8020419ac0009f951d88c5d40696612d440857828ffd8
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
57d87f4202b259833def537015880ebd3733bb40d19c95df1da49ba126c3b397
591416c31cab4f42d7a130c78558dfbeb3405659fec52a8a4f75e32705697d4b
594132c8aeb9a2aba1dfc389a5332f37165e0385d2ffa5b6d8571450146a82f4
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5b468c5244da8ffbc50bd23bce0f0a131f20eaf5eeafa359b8ccb19cc27091bd
5ba3fcf2a5e67b5bf76a69b4477a159798475238362271ceddbc3346c2960199
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
62dc2f333880256982ae3ee2dfbe80c8c02ed2f15d05501448668766fd7bd054
668e6832bd4c1cf8e7b4e5ddeea396a12fbd9291eb5c02004df4f542932984d9
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69ea159a75aa38bd99a9eb13196790de81fb46ba711b532c38d4bfecb28d481b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d41fa8a86121afb82a5d8156180e518411ffe281204390d9a57e48ac6fdc47a
6de4b2f15d729eff43cdf32e8ea0b4b0099d68f6ee93f98917de56cb93fc2365
6dfc29cdc4c21d06156bce46104ae1899c6f231a123842db8ce86a70d50cde7b
6e18ba4f01dc7dd94a5ca4d40da8cc0732221be22cd3ac2b79560e1a67ca61d1
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6f80d2ce30fd487ef699cbde41c7c334981b9c49d5ac09de4023346911b10696
7199508816b548b87c077c78c00e0744a412151b1281f4bee7c47850e311f75a
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
742783d2a17bf065551d7cfb7f72f59f5f0b61b984d5d814755743da269d81a9
75ede65b09ac196031a7e9e5322dfbf550fb1d272dc16cada29e500a9363967f
762a6837400425002737a0651c7764f71b279b18560cda75a140c1b8092f2342
789a93f4315357995e96053e32ee793d6b12f592fad617bb04f795c750f0c3bf
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7e11d74f63c8f3be1c1c2547ccab89c2e1fcf539ab4bd655fe7599a4332c8bc4
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8248b0cd131d17591656af4cab1a3511e282ac8de7bb83af5ccf61380c2e4b24
825c3e3f3d56893ab0d968e2d7d8f4a1c5bc3b93088046310902ace5430e946b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8427fdcd03caf31d3e253489414314bb1637d2f715b412d313b1dfeb07dc210b
858562d8be1ee996669723ccf4cf9b48fe068ca07b8af4128dc62c104fc2e8fb
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
88058b02f2e15c7f1a9a71bf53159ad7f087d3a8990a589caaf45585e6816834
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a3045b0c79683745d41fee8c2998f69a4126a33509213102a656310b0f0b5b3
8c063b642684066df68e19aa7fb61a67ef9c0c63b9ec6908d6ddb5b87ae9263c
8d18998f6c055a67047d364615bff2e4fe9ba7c80fed78c5654394cbe3123623
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9b4e8baf2d6296710fb142486efc074d1b4295512aa4125465410dbfd1053a
8e39f9aaeb9ec5a53693d2094e44d28a506ad2a898df37c033231bc890561191
8e61cd2e450088ffd9a39878e7d61e4fb2c2d7de5573d18e2532b8c78f4d237a
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
932dca24fc4e500aa33d7ab68cd8f1f4d31125dd9b617e19528e8ef1fca746a9
96721b3521658a010d655ca6f373cf6b8ccee5106d38a49a7175911e3b038971
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f5291bb2e2bd82ce07fab09528ac0ffec95b36b22b30a31754425416ee245e
9a741b7eeca965be3da88d329b8e596520921ec36af00b6ca24378450d200665
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f42bc2fbdc768aae8cdbeaf164506ec2ddb4c048e2a53c2af5960af4396d6b
a14d1a7f7fa4b8ccbabe55b417ddc660997ef1cb5290f94c7f4f39c69bb640fc
a22314202cdc84c2aefd4f87a815f2c77f570597df6988c5f5f275179a9b864f
a3ff65b85a2e0a0ab9ceba03cb9205dbd8af9b9fcf5197878c7abba21c8706c3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a569c37ba5146a48b1587d68580dc93c1b7389b0d2c60d6e4538859b9be67554
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a6715a1b3fd94615665a68bb9058e4ab11d027c6772f3624c44b20b155041897
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7c55cd9a596fc5ced76e650e9bda6086d97dd42c7e331e1f052da646e4e5696
a801dabc4f18c46c8fb68fdfb0c23c47651d7aebca53476c844fe61675e26755
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad20d501c8cf1115d1b6734d45694dc5c39f9ad29214c335377ae1b025e4caaa
ad80b11133fcbc6748279b2beec8a18706385d860699b9370eeb14eb65cc9ef4
af428c3200ac166bc4240f4e6ce5c48a8f8cd5469ef7b710d14b8e70b5c0379c
b0bced1629fa581102649707a82e1aa82d183bce6d393ffd5b8849c0fc95eedb
b1411510e95e01c41d47e9c7b38cf509e8b4fb6993f5d25fdf482bfe829a5253
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b867973a1e0be95dd7b0527e33ea46747609799173a1c634f82f6d38c31a9f50
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
bcfcecc6690f9743d9dee4865b10ac18800f391dd9199fd473211f8151a221f5
bd5713e27f4481988d37b5b719dedea4e4379ec3c3bafea0fba9d0abe8db4973
c04a1fb39c293e41f744f906a267f8add09bafe5d405a2fcf572d811e3f14c1b
c14acca468bbd36b1515f0f94c3fcc2a0ef83b5aa0ebe8f56e09d78fa6eada46
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6cd3cf3c592e4cbb1e271c741505a67ad28d7c59921ba27cbc9185523d7f377
c9581d69ef8a7435f061d76045cc929310f436366f9ced3b9b9811ca6ed26feb
c9babaa44ba60f6f57abf8e221d2ed6fc270dc09cf49da22a936748aa313e5c8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cac5d0884a87c92b3a9382a084590b7c831bb81cbb9df301e70884b984301965
cac804cbf66f6d93cbac6e49317b9fbe8e5cc99ae6607f12a518da8b39f57406
cae004fd87635b5789754bbf163f8e5c61481e67df3a4eeb4277e8dd32e7711a
ccdc57deac17eacca1bdc9d551d7bf10f71201f913a7f8490f13abf9db868e4d
ce0d98aeeb8c076599b7587ebbb972b4705dff4279ae8981289106f9caa899e1
cec19a2b30b66579a42993430e2ebf3b2c6047a2ef0925e53f751aa0380852f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dda790d718cfbbc7114c59ba3c53cca231ffa27e2feaf7d4be67ef29df802303
de828d5cdce40f1fabe8672316f12ea3de0d6f618bbdd8244f8019dd63d7ed51
e12f37da0c8c914996a526d3efcd0c97219e87714db15fea906750b0e717ce51
e1cdcefa067d30eb2cc1e5e0e54c2a1ffcfff2bc752a191d3e7fb0dee11757f2
e2c38d3f56225614ece40750d08bec3239c9fe127e2597d1540344a3458bc7e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4458adea11b71ea85d282384adb77dafb27dd922f4896efb19cceceac5eff93
e588c42d911b8beb3198640a761a360fc7360c1144af4fc81d652a482900dee6
e7bc9c2387363584ea2fae779b2ff56c8c2a670e1a6cb10e2faebb65730da921
ea4b60f85a4346bdff1e8c38698690a43d7daacf46be720dea7e1e820403e4a1
ea4cdbf722852b6ebcb92313dae072c3aec13998069ef2586f2b2127b672b93f
eccf9951cc23d07adce0ad71d8887be2b911b6e6aa3f609f5a0f0a6187cdd9fa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef586bf784948e62385ac9952a5ff1485f8b794c6b29328b71b67038ba26bc4f
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f2acb2374951e367cf15bb66f2b755d2094272d0209492dfefe7be5912f30355
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2e28a7b774e9b9b7bff4d90bc5f545c21db75b8fe7db176cbdaac051f8192b2
f78f7db4a2089b0f622f73aec86871b2146922fe064110fc5a8de7a475895a4d
f8e7869273f2cc1db168a0e59146a82bd84f224a151d0b476c58c00452a08f3b
f9386932ceb55b9f7241f1a9fb46c6d0d937deb19497ef389fcbadebd1a544d3
faec96d5d90c44f9392d8fd7865456b13b1c46dbd64b69cffe7f6ed75d59f0cf
fb9a3b10eaa36ceb09d51309f6383ba666ceb9c2d4f95c4526cf6bf6e1325838