www.usagreencardlottery.org Open in urlscan Pro
2606:4700:20::681a:256 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mailing.usagreencardlottery.org/click.html?x=a62e&lc=HVv&mc=A&s=wENB&u=c&z=CHlkT8V&
Effective URL:
https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independ...
Submission: On July 19 via api (July 19th 2023, 9:15:47 am UTC) from BE — Scanned from DE

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 36 IPs in 5 countries across 27 domains to perform 82 HTTP transactions. The main IP is 2606:4700:20::681a:256, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.usagreencardlottery.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 16th 2023. Valid for: a year.

This is the only time www.usagreencardlottery.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	104.160.76.24 104.160.76.24	46469 (GETRESPON...) (GETRESPONSE-IMPLIX)
18	2606:4700:20:... 2606:4700:20::681a:256	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:883::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.215.23 143.204.215.23	16509 (AMAZON-02) (AMAZON-02)
6	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:356	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.139.19 52.222.139.19	16509 (AMAZON-02) (AMAZON-02)
1	54.231.233.168 54.231.233.168	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:62ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:8cce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:18c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d439	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.81.206.142 99.81.206.142	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2606:4700::68... 2606:4700::6812:1f97	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:10:... 2606:4700:10::6816:47e7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.73.32.2 54.73.32.2	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	23.21.150.130 23.21.150.130	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2600:9000:224... 2600:9000:2245:da00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:8d65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:4a4b:2e45:20d5:1f4	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.30.62.59 52.30.62.59	16509 (AMAZON-02) (AMAZON-02)
82	36

1 104.160.76.24 (United States) 1 redirects

ASN46469 (GETRESPONSE-IMPLIX, US)
PTR: mta-11.mailing.usagreencardlottery.org

mailing.usagreencardlottery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:256 (United States)

ASN13335 (CLOUDFLARENET, US)

www.usagreencardlottery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.usagreencardlottery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.usagreencardlottery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:883::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-23.fra53.r.cloudfront.net

www.sc.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:356 (United States)

ASN13335 (CLOUDFLARENET, US)

static.usagreencardlottery.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-19.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.233.168 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:62ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d439 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.206.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-206-142.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1f97 (United States)

ASN13335 (CLOUDFLARENET, US)

signals.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.aimtell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47e7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aimtell.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.32.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-32-2.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.150.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-150-130.compute-1.amazonaws.com

www.pages02.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2245:da00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:8d65 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:4a4b:2e45:20d5:1f4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.62.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-62-59.eu-west-1.compute.amazonaws.com

metrics.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	usagreencardlottery.org 1 redirects mailing.usagreencardlottery.org www.usagreencardlottery.org js.usagreencardlottery.org static.usagreencardlottery.org	136 KB
9	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2591 d.adroll.com — Cisco Umbrella Rank: 1402	89 KB
8	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 848 trc.taboola.com — Cisco Umbrella Rank: 608 trc-events.taboola.com — Cisco Umbrella Rank: 1870	42 KB
4	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4598 app.hubspot.com — Cisco Umbrella Rank: 5076 track.hubspot.com — Cisco Umbrella Rank: 2172	4 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	301 B
3	aimtell.com signals.aimtell.com — Cisco Umbrella Rank: 5280 log.aimtell.com — Cisco Umbrella Rank: 288919	695 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	13 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 724 script.hotjar.com — Cisco Umbrella Rank: 889 in.hotjar.com — Cisco Umbrella Rank: 5468	72 KB
3	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 484	17 KB
3	gstatic.com fonts.gstatic.com	101 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 74	8 KB
2	hubapi.com feedback.hubapi.com — Cisco Umbrella Rank: 20865	522 B
2	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 5930 metrics.hotjar.io — Cisco Umbrella Rank: 14973	231 B
2	aimtell.io cdn.aimtell.io — Cisco Umbrella Rank: 10089	996 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 572	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	133 KB
2	pages02.net www.sc.pages02.net — Cisco Umbrella Rank: 38758 www.pages02.net — Cisco Umbrella Rank: 38433	6 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 5427	7 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1190	633 B
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 14577	10 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2103	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2094	22 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4674	22 KB
1	amazonaws.com s3.amazonaws.com	13 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2352	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 69	61 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 689	62 KB
82	27

	Domain	Requested by
14	static.usagreencardlottery.org	www.usagreencardlottery.org static.usagreencardlottery.org
8	s.adroll.com	2 redirects www.usagreencardlottery.org s.adroll.com
4	www.facebook.com	www.usagreencardlottery.org
3	bat.bing.com	www.usagreencardlottery.org bat.bing.com
3	ssl.google-analytics.com	www.googletagmanager.com www.usagreencardlottery.org
3	fonts.gstatic.com	fonts.googleapis.com
3	trc.taboola.com	www.usagreencardlottery.org cdn.taboola.com
3	cdn.taboola.com	www.usagreencardlottery.org cdn.taboola.com
3	www.usagreencardlottery.org	www.usagreencardlottery.org
2	feedback.hubapi.com	static.hsappstatic.net
2	trc-events.taboola.com	cdn.taboola.com
2	cdn.aimtell.io	s3.amazonaws.com
2	signals.aimtell.com	s3.amazonaws.com
2	s.yimg.com	www.usagreencardlottery.org s.yimg.com
2	api.hubspot.com	js.usemessages.com
2	connect.facebook.net	www.usagreencardlottery.org connect.facebook.net
2	fonts.googleapis.com	static.usagreencardlottery.org ajax.googleapis.com
2	js.usagreencardlottery.org	www.usagreencardlottery.org
1	metrics.hotjar.io	static.hotjar.com
1	d.adroll.com	s.adroll.com
1	static.hsappstatic.net	app.hubspot.com
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	www.pages02.net
1	sp.analytics.yahoo.com	www.usagreencardlottery.org
1	content.hotjar.io	script.hotjar.com
1	log.aimtell.com	s3.amazonaws.com
1	in.hotjar.com	script.hotjar.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	script.hotjar.com	static.hotjar.com
1	s3.amazonaws.com	www.usagreencardlottery.org
1	static.hotjar.com	www.usagreencardlottery.org
1	js.hs-scripts.com	www.googletagmanager.com
1	www.googletagmanager.com	www.usagreencardlottery.org
1	ajax.googleapis.com	www.usagreencardlottery.org
1	www.sc.pages02.net	www.usagreencardlottery.org
1	cdn.optimizely.com	www.usagreencardlottery.org
1	mailing.usagreencardlottery.org	1 redirects
82	41

This site contains links to these domains. Also see Links.

Domain
www.state.gov

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-16` - `2024-04-15`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.sc.pages02.net Amazon RSA 2048 M02	`2023-02-13` - `2024-03-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-20`	8 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
aimtell.com Cloudflare Inc ECC CA-3	`2023-04-08` - `2024-04-07`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2023-03-02` - `2024-03-30`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.silverpop.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-10` - `2023-07-28`	5 months	crt.sh
s.adroll.com Amazon RSA 2048 M01	`2023-06-03` - `2024-07-01`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Frame ID: 76E6FBA7241119DB2C20DD80558EA039
Requests: 77 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: A07A38B46493DC2CB99E9A4F13C78C7D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Payment Plan Page

Page URL History Show full URLs

https://mailing.usagreencardlottery.org/click.html?x=a62e&lc=HVv&mc=A&s=wENB&u=c&z=CHlkT8V& HTTP 302
https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY202... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Aimtell (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.aimtell\.\w+/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

82
Requests

98 %
HTTPS

68 %
IPv6

27
Domains

41
Subdomains

36
IPs

5
Countries

842 kB
Transfer

2590 kB
Size

34
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.state.gov/
Title: www.state.gov

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mailing.usagreencardlottery.org/click.html?x=a62e&lc=HVv&mc=A&s=wENB&u=c&z=CHlkT8V& HTTP 302
https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://s.adroll.com/j/exp/HNXP7JJTGZHRNGADQ3VHBG/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 68

https://s.adroll.com/j/pre/HNXP7JJTGZHRNGADQ3VHBG/JI4QIUYOX5ABTGCUN3XXIU/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

82 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request discountPayment.do Show response
www.usagreencardlottery.org/
Redirect Chain

https://mailing.usagreencardlottery.org/click.html?x=a62e&lc=HVv&mc=A&s=wENB&u=c&z=CHlkT8V&
https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_co...

14 KB
5 KB

663ms
526ms

Document
text/html

2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d77a86413ee983a15fc7e9be057f00c98e771171f63fb52c5506752032a58a15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7e91dc747a7a1e56-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 09:15:40 GMT
expires: Thu, 01 Dec 1994 16:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1TMHLH2Rrm6IDrdPdw1l2%2B3J9h3KJXeGOxbrHrYJLQg9rjb0763Cz9zYGJ6hQ6nQDZ5HQjDgjXJteCCn3TXiW4piF28MUDJ%2ByGPiulU53Utmr8HPE%2FJEdmHEij%2BYhcTipk0wlMnps7hUROLWZhENcfvyHr3JGZWDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Wed, 19 Jul 2023 09:15:39 GMT
Feature-Policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
Location: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubdomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1; mode=block

GET
H2 200 1027592569.js Show response
cdn.optimizely.com/js/ 172 KB
62 KB 244ms
147ms Script
text/javascript 2a02:26f0:3500:883::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/1027592569.js

Requested by

Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:883::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

861f96c7bb341976189b06cccaa9932045635e2b936a93db46e7bbeb6f3bae8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: vfUvoadtA559gUHoCO9j.IIq22UdBtOb
content-encoding: gzip
date: Wed, 19 Jul 2023 09:15:40 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 2C6PYX5KVFAGGSS9
x-amz-meta-revision: 680
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=6, origin; dur=105, cdn;desc="AkamaiION";dur=0,rtt;desc="33";dur=0,cdnip;desc="2a02:26f0:3500:883::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="469377_388276621_464753057_11120_1407_33_0_-";dur=1
content-length: 62596
x-amz-id-2: 1IozdwO+5JkqwW3I0eMdLxMeZAhSbzvcSY8F/L7i/jNdpyrI/Qve8z8bjgymrf4DXdpxMOz6nR0Wv9zOmIjdPQ==
last-modified: Fri, 18 Aug 2017 04:36:22 GMT
server: AmazonS3
etag: "792b38bc298027d9e231121af78241bc"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 jquery-1.10.1.min.js Show response
js.usagreencardlottery.org/scripts/ 91 KB
33 KB 67ms
34ms Script
application/javascript 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usagreencardlottery.org/scripts/jquery-1.10.1.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60709
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Aug 2020 12:00:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MNk7sfYoaBghk4dzXfGkPu8BYkvgI6pdTIC0UzF4WSwSVQ4OYs42k3zIFkvQq6Ioog7Y9mRKK6XPxWDl1OzhijP1vvu32gRE5JUZV4jE4UwVkMhaBsn8EyStTYcfZONdqprkey2WPcv%2BCYctK8v15IwFHyRmhqdo"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc77f9be1e56-FRA
expires: Wed, 17 Jul 2024 16:23:51 GMT

GET
H2 200 styles.css
static.usagreencardlottery.org/assets-static/css/ 35 KB
8 KB 656ms
522ms Stylesheet
text/css 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.usagreencardlottery.org/assets-static/css/styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b5ae768ff0c2844a3a88c814172de90d750995708743695c0806456fff0e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 07:23:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeqpxH5bzfrca7dFlRTNE%2F9eds3GQ%2FSiqT%2FmHGUWw3CwN2Q%2By%2FB1cUVqYTUjqU%2B2CEfFJqATeKHZAZMhnuItjlZc%2B9fQ%2BzDty%2FWE9e1hrLusxUhTrsn3YRw0tAJiXdZBYY48OjzpQLcU167AUsfF%2BQ8r1yuT%2BrmRi1DPLA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc789acc1e56-FRA
expires: Thu, 18 Jul 2024 09:15:40 GMT

GET
H2 200 payment-plan.css
static.usagreencardlottery.org/assets-static/css/ 44 KB
8 KB 658ms
525ms Stylesheet
text/css 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.usagreencardlottery.org/assets-static/css/payment-plan.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64851141fbd8e18d856aa751a19a014f1a7a389a6cfad2937ce04ca9a91e3fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Oct 2021 12:46:44 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jt2fslINT6BBUi1ZAPAltPa079S7XF%2Fxqw4pAk%2BINAwN8z8g0qpSi%2B5GdXnWC5OiRUvecInt8QKMWPD66vIXFlsvfP74%2BRSr2FIKPh0Fz1ZX3Wi9KEdGyE2f2G%2FOn1pxSXc9aeACtw1KU6OMPH1uePtdJrI0xK%2FRFS1Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc789acf1e56-FRA
expires: Thu, 18 Jul 2024 09:15:40 GMT

GET
H2 200 iMAWebCookie.js Show response
www.sc.pages02.net/lp/static/js/ 14 KB
5 KB 289ms
205ms Script
application/javascript 143.204.215.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sc.pages02.net/lp/static/js/iMAWebCookie.js?8c3dd96-1410f4ca04b-3f3d5eceea4051b7c82d96ba93c1b04e&h=www.pages02.net
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-23.fra53.r.cloudfront.net
Software: Apache /
Resource Hash: e0447961a33816f0c4e3857863982dbc864a67748c596b78678a7622a8f69282

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: gzip
via: 1.1 269bfdd288bfea5423a4e9e701777da6.cloudfront.net (CloudFront)
last-modified: Wed, 19 Jul 2023 02:41:15 GMT
server: Apache
x-amz-cf-pop: FRA53-C1
etag: "377b-600cdf729d3f9-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5144
x-amz-cf-id: SMzQLIq5AYO4iIjGyBYu5r2WOunG3NQlhCIWTiv982ESEoNr-JCUvQ==

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/internationalformsservices-sc1/ 58 KB
18 KB 341ms
264ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bf73c5a16d78b3c7823f16e4ea56e06c98058276084e28a9a076e2a434bbad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: 5PAlY6bkCQVCC9xksw0oqoZWrqbdCwiJ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 09:15:40 GMT
x-amz-request-id: 75NNWYST294D4E6N
age: 2693
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
fastly-restarts: 1
x-amz-id-2: /eleGmp6zpjRbWOqqWedpfByTv1I6uzQBBSD6IPCt5EUB7lG850+lclN0Q2uDNRc7f9MKdgJt0A=
x-served-by: cache-cph2320034-CPH
content-length: 17902
last-modified: Wed, 19 Jul 2023 08:27:57 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689758140.208579,VS0,VE225
etag: "d1bcc106b60a825e8f272a7b0ec0466c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 50
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 logo.jpg
static.usagreencardlottery.org/assets-static/images/ 14 KB
15 KB 33ms
33ms Image
image/jpeg 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/assets-static/images/logo.jpg?v=20191004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e3d85326ada0372a6806ad34ba926f3c8815e3dbcfe92a385ef91ad60c9889f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22609
cf-polished: degrade=85, origSize=22528
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 27 Aug 2021 07:23:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pykeDecmFfgtxy7wRyTUycviz0K3ntMMLiK9bushPlrVSkURuIlez3n2ZQ3ulrz03EUugp016yDXAShPXqAWpeQVCJ%2BiWNwy3NK%2BNZmzNnhfyVK%2F8HgXqp3FLD9rSV%2BsGYEpL9FNwoXNey2tGIbYCunnLnb3jSsoBr4%2Bcg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c5d1d1e56-FRA
expires: Thu, 18 Jul 2024 02:58:51 GMT

GET
H2 200 us-flag.png
static.usagreencardlottery.org/images/flag-icons/ 107 B
419 B 525ms
523ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/us-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa63088d0a3fd7876673359015deab149f634c2f6f087a0085e516b8303605a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIgyhbgBaRI5gfDwkPSOBeQ50dG2vurzB0DMUSfXWB53z2n%2FyZ7MIlsOMV6yGKsqNLn2GtJ3bK4t4m%2BBiGmaOGvpyJW%2FEZ1WkS94Ir6XpQe%2BIEffbfD2MRNtMptIbc8apboi5%2BXS0RihBHNTcHLh3Tg7SR9zRpU653GStQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c6d2e1e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 spain-flag.png
static.usagreencardlottery.org/images/flag-icons/ 281 B
584 B 498ms
496ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/spain-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29754a94df48172e347431a5684a90836da13699f836afd1abcad7c46523eb23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JH62sg0HouWWH32go8oEy4rbtZr9F1XhN7QUQbHum8AkcB7I45vxpKciPJpMTpzTiMXl2I6yi%2BwVPSG7tCvehO26TXNQB8NITSyATC0EN6o7IEEkgDnw27%2FZOK%2F2I8F016ZDOiFC%2BDbhyrGH0F0z0mjDUD8InUOXnZgVLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c6d301e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 german-flag.png
static.usagreencardlottery.org/images/flag-icons/ 114 B
443 B 497ms
495ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/german-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96963f668f8291dec01d4ae6f91ab8ed436a20aee70b84faa0098da142663cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foZWxyx129gp3G3T8XINEUgVRk7zCPth3KTrCvt59fisNzLFJlOnuuLqlrEVSzNKywSs68MI4Fgi4%2BYh1e3SmE8kvCtc5XlBGln0LI4bk84t4r7laorT%2FffiDWSwUpnx3PmFAZHjumC0tHmiUoabZtVAjcCPPIM%2FAdIZyg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c6d341e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 france-flag.png
static.usagreencardlottery.org/images/flag-icons/ 169 B
475 B 517ms
515ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/france-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df7edf153ad41daf645b0f746ce0fbc2cd5fc30190ef113c0aa7eee1a8896f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8c7dsgoR5ZyMy93zmnwyBeOkrjgQjIsFkTgJAJDsa6OF4Ge9WkqIXwGfJLg%2FMD4PT2O9UMb9jDVknoa9fQ6JN0ECNT5%2BK8d6eudnzZDa45tvCKkdmGL%2BmA9ozmFMpTRn4SOLYtCF7%2FJ3wiVGREtLZYTpK483X%2Bxt5v%2BfpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c6d381e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 russia-flag.png
static.usagreencardlottery.org/images/flag-icons/ 187 B
665 B 34ms
32ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/russia-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bcfda57b793e3508b47068b5bc0ff0fcbaaca7467ba9faccd15ed4e4206580a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11325
cf-polished: status=not_needed
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdNhBrHxcD5LzSNeoRejgy68wRVSjB4006ktBMueOF%2FI%2FadN7cjPdBxFAfHhw%2Brq%2FZcnvRYgMs8VcaplQt8jtvZw9KlmBBA73yxQdd%2BvxCPAJK4u3kV4JbgXnvtbq0E766d0LOMKBlJJoLJDWbCeQXNDhy1B8XebZeS9fw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7c6d391e56-FRA
expires: Thu, 18 Jul 2024 06:06:54 GMT

GET
H2 200 japan-flag.png
static.usagreencardlottery.org/images/flag-icons/ 200 B
596 B 506ms
505ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/japan-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ea42199d7498c8e84ae91dbe1cf9f220e0323c44d987632211c481d06dff6c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cPBcMJ1faD8mlWBRZv7fNsVhf7u7lp2d%2BWwU4WddeAaVM3EIOy9K9ojIXv007hMO2dJPUa6wQhBh8OEN3aBvPFzTGI4hT8SRpJMGRN4OTN5r4LMmhNE7fvOzbphaqOZ3lk9v6b0kTFXQQKfQfOwGzQqc5e7xb4kHz06C5w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7cad921e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 italy-flag.png
static.usagreencardlottery.org/images/flag-icons/ 133 B
436 B 509ms
508ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/italy-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

192311dd20bdb740b66a4ebf9a7808137ffef09c2ced3839ffbd5227103bc60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FY%2BKanQR6QsWIfUcvcX4PWgIwpjImKKY8Sr6f1LBRcr4ScQ1ZJC5iOHHPKeUfK6tSYmUtW71fMW02aucPETilLmHCBqR9d4S808ROlqFbsZRqhHbB1DeXUWmGf6AqG4A6nN%2Fbe%2BKY0DPqEglsD3kVZJ0FS5lTZUN6Vo8DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7cce051e56-FRA
x-xss-protection: 1; mode=block
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 turkey-flag.png
static.usagreencardlottery.org/images/flag-icons/ 276 B
677 B 31ms
31ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/turkey-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fbf5b7b0e7725a603d72efb33a410f648b846bb54d29a861e93b21617076016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11325
cf-polished: status=not_needed
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FIhrdAnH3LCbkYlUvYrS%2FmBT%2F1TMTootDN%2FsYMzf1WoayBt92ylxez%2BLlMUAmWdoKuNjA%2BstdxUwmrvv7WluHPelAG6InwGSp38guWOW%2FaiDz%2FfvcuSA8HqOZdgAwqicivX%2BqwNaYMkgDG6BqiK3m%2FmzRbwCEehEbGuoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7cce0a1e56-FRA
expires: Thu, 18 Jul 2024 06:06:54 GMT

GET
H2 200 all.min.js Show response
js.usagreencardlottery.org/assets-static/scripts/ 106 KB
37 KB 32ms
31ms Script
application/javascript 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usagreencardlottery.org/assets-static/scripts/all.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0261d9f01bcda7551a84a928d69c193f59d75201a29f1f4c111c9309f00fa746

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 60709
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 07:23:07 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2221uu2rrQiVT4hbyUahrqn4fjmJGBvZH5WRgsrRcXv5FsJYbg%2Fi5uuxBQnAuzUF0WKXTqClKNfJ6qCIyrWDcY6UjXwL0tAXLVAzfTFegkBPqb3FSV1H%2F4ErhEOi%2FfbIrFtneWSskVL0o1YEyjmiykYFnkvUphia"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7bec5c1e56-FRA
expires: Wed, 17 Jul 2024 16:23:51 GMT

GET
H2 200 browser-warning.min.js Show response
www.usagreencardlottery.org/scripts/ 1 KB
989 B 501ms
501ms Script
application/javascript 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usagreencardlottery.org/scripts/browser-warning.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25aa6f00819122a06df1e07e3443bff6cbfe6bb62f10c4d902f9b8050693a050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Jun 2020 09:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="IDC CON TEL CUR DEV SAM IND"
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDDk5ljkPYKzWJGNR3V5R2WsBhgdkHEEW%2BM2%2BzcLV5K%2BLRnoI85CT%2BtJgEFcrnzenuByNOtahD9JpB6gZa5VKJHhBfIe2kNnwDHaqZtCcVuMgHN2gPAxlgj5b1%2FbrUkrdV1pej44LMRkiHZHtO4sQJJSpLwdBooMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 7e91dc7c2cbe1e56-FRA
x-xss-protection: 1; mode=block

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 19:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51175
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 19:02:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 78ms
29ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|Shadows+Into+Light&display=swap

Requested by

Host: static.usagreencardlottery.org
URL: https://static.usagreencardlottery.org/assets-static/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7c4b447c93643b7ddd897dd3ba406d2f7508c76c3e3d3428444c7cc7eb5893ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:15:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 09:15:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 67ms
20ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 09:15:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: w9X/PLYD/d7BOM4VOaO7RvTzo5EPhpXsBz/kCjlCV1qWMmsyZNsfqsTSqtbK4wYx3q99U9gLs2pL3SJzbW1OIw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 action
trc.taboola.com/internationalformsservices-sc1/log/3/ 0
289 B 59ms
53ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/internationalformsservices-sc1/log/3/action?tim=09%3A15%3A40.854&item-url=https%3A//www.usagreencardlottery.org/discountPayment.do%3Feid%3Dsofieponsaerts@gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&name=Registration
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-vcl-time-ms: 18
date: Wed, 19 Jul 2023 09:15:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 15323
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-cph2320034-CPH
pragma: no-cache
server: nginx
x-timer: S1689758141.878717,VS0,VE18
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
61 KB 95ms
46ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-SF73

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dcc4709f41f2aaa22840d78f2ffdf183b4447eece3198182fb0b0687c85ee26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61604
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Jul 2023 09:15:40 GMT

GET
H2 200 us-flag.png
static.usagreencardlottery.org/images/flag-icons/ 107 B
543 B 592ms
592ms Image
image/png 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/images/flag-icons/us-flag.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa63088d0a3fd7876673359015deab149f634c2f6f087a0085e516b8303605a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
cf-polished: status=not_needed
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Aug 2020 12:00:55 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KIlK51EgXtfO4vRPkMKnppHyEo%2FVZQ7LItTRW0pE3DyweFzF3xwEP2x8VTV9dX%2FhWHmbRBhDLOqXESIsMq%2BuEu6M9E5y8apjcsLiAMSvA9dMZ75ttoRksgrlXmBa1f3c7J8PLEx3nBs05lH6JVKMS41h%2BACWvjsLj93jw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7cce0d1e56-FRA
expires: Thu, 18 Jul 2024 09:15:41 GMT

GET
H2 200 logo.jpg
static.usagreencardlottery.org/assets-static/images/ 14 KB
15 KB 29ms
28ms Image
image/jpeg 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.usagreencardlottery.org/assets-static/images/logo.jpg?v=20191004

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e3d85326ada0372a6806ad34ba926f3c8815e3dbcfe92a385ef91ad60c9889f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22609
cf-polished: degrade=85, origSize=22528
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Fri, 27 Aug 2021 07:23:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nor1jUaPYcspbVeOs%2FOne5J%2FR3IXByzKZsizjADs0CNBSHGmvpBQwjtGsHSStEcqp0H6sdM8WEyyHZALymNm5lO3CCbnU3nAiF4MViClWHNQdRemuArpEqWndwlpSP8p%2B3agnrttGW2Z%2Bs8eU5CkA0soYRwsqOuL%2BFjg4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e91dc7cce101e56-FRA
expires: Thu, 18 Jul 2024 02:58:51 GMT

GET
H2 200 BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 35 KB
36 KB 96ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngRUXNadjH0qYEzV7ab-oWlsbCGwR0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|Shadows+Into+Light&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.usagreencardlottery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 10:58:52 GMT
x-content-type-options: nosniff
age: 339408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36344
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:05:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jul 2024 10:58:52 GMT

GET
H2 200 BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2
fonts.gstatic.com/s/ptsansnarrow/v18/ 50 KB
51 KB 73ms
21ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsansnarrow/v18/BngSUXNadjH0qYEzV7ab-oWlsbg95AiFW_0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans+Narrow:400,700|Shadows+Into+Light&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.usagreencardlottery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 06:06:31 GMT
x-content-type-options: nosniff
age: 97749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51384
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:10:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Jul 2024 06:06:31 GMT

GET
H2 200 site-icons.woff
static.usagreencardlottery.org/assets-static/fonts/ 4 KB
5 KB 80ms
29ms Font
font/woff 2606:4700:20::681a:356
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.usagreencardlottery.org/assets-static/fonts/site-icons.woff

Requested by

Host: static.usagreencardlottery.org
URL: https://static.usagreencardlottery.org/assets-static/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:356 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f62ffcd45e622119c10c33987a015d6e30b2d45d80274ca584957b702d9bdc01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://static.usagreencardlottery.org/assets-static/css/styles.css
Origin: https://www.usagreencardlottery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252814
content-length: 4344
x-xss-protection: 1; mode=block
last-modified: Fri, 27 Aug 2021 07:23:04 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9pr9s8iEJ2z%2FzeVIiwNKiFY6ndraotqx7es1s4jM67Rz3y6wvT%2BGf8iPc0lyXSFjqdsOo%2F46%2FKKygVWH%2BkEwnkyQgHm3cXymtqknARIOZmjGTxM7LlOOkMtcdKpRXyTNdxohb5qMcn8UGYl%2FeLkeErGZYH0dLbXOq93B2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e91dc7ccceb91ef-FRA
expires: Mon, 15 Jul 2024 11:02:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
610 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cinzel:700%7CPT+Sans+Narrow:700&subset=latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2c19a2f5ba12c70db4e84835dc9cb6a68ea8ff5636d498f3d31dc6f4a42059c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Jul 2023 09:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Jul 2023 09:15:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Jul 2023 09:15:40 GMT

GET
H2 200 8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v23/ 14 KB
14 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cinzel/v23/8vIU7ww63mVu7gtR-kwKxNvkNOjw-jHgfY3lDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cinzel:700%7CPT+Sans+Narrow:700&subset=latin,latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f763485b99e209a68b3242ffd83cdf30805fec91a112c8928c4f2e08daa962e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.usagreencardlottery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 13:44:18 GMT
x-content-type-options: nosniff
age: 502282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14684
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 21:12:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Jul 2024 13:44:18 GMT

GET
H2 200 489378781240507 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 80ms
79ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/489378781240507?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

773a8a7f53e48a98b91330133ad85d47a7c7e5e3f90aa1673be6206e2a5b37e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 19 Jul 2023 09:15:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: z8TcVeg/d9rcZNtH0LLg4OSpOd3rWFM4xpjOqAYm5MNP/a9+t+EuCsWZpk1jA27kMkpVN8bLhqsuREU2S6jC4A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SF73

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 08:13:50 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3711
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Wed, 19 Jul 2023 10:13:50 GMT

GET
H2 200 3305265.js Show response
js.hs-scripts.com/ 2 KB
1 KB 194ms
134ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/3305265.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-SF73
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9914bac6d04063702f3fcd4ac32246fd8ebd3b2550101d9e4c29cba3084cccaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f48ab4f2-9bc3-4a70-9d8b-8d190ca881d2
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f48ab4f2-9bc3-4a70-9d8b-8d190ca881d2
last-modified: Wed, 19 Jul 2023 03:13:12 GMT
server: cloudflare
x-trace: 2BF320638E2D1D39BBDDAC9337252E949759BDBDFE000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.usagreencardlottery.org
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z9vjn
cf-ray: 7e91dc7daa824d6a-FRA
expires: Wed, 19 Jul 2023 09:16:41 GMT

GET
H2 200 hotjar-1494917.js Show response
static.hotjar.com/c/ 9 KB
4 KB 81ms
26ms Script
application/javascript 52.222.139.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1494917.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.19 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-19.ams50.r.cloudfront.net

Software

Resource Hash

70b808aba191c7cf5ef9866d99634d80216c6cdbdf8cfdf5af162e2993340052

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 19 Jul 2023 09:15:34 GMT
via: 1.1 ef2cb74895744344a0ea2100fbbb760a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 7
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/3f72ac211bc4415f7ef337ee54ce4eec
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: pvkNggXZHZK6wpxMM_RmbrDfQ3oSMD5ChryzGXsx1_KpTWhC8_4TuQ==

GET
H/1.1 200
OK trackpush.min.js Show response
s3.amazonaws.com/cdn.aimtell.com/trackpush/ 47 KB
13 KB 338ms
117ms Script
text/javascript 54.231.233.168
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.233.168 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 968e7632b7fc4fcf5183bf7d1c8f8ea9cd65c0b6c529b7d5c51dc7bd4d2770f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Date: Wed, 19 Jul 2023 09:15:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 14:53:41 GMT
Server: AmazonS3
x-amz-request-id: F9J02VS7MMK6YS9B
ETag: "024fe99ce10401ecf4292aa9022d7bb9"
x-amz-server-side-encryption: AES256
Content-Type: text/javascript
Cache-Control: max-age=86400
Accept-Ranges: bytes
Content-Length: 13239
x-amz-id-2: TXTrflta63bBODRdCOynMGn+OvR01i2XIrlPTjd9EuSYmropD6JOP2wYOCNILzrGWru52b8I7oo=

GET
H2 204 unip Show response
trc.taboola.com/1407028/log/3/ 0
118 B 54ms
54ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1407028/log/3/unip?en=page_view&tim=1689758140999&ref=null&cv=20230718-6-RELEASE&tos=147&ssd=1&scd=0&ler=other&mrir=u&vi=1689758140849
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Wed, 19 Jul 2023 09:15:41 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 16413
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-cph2320034-CPH
pragma: no-cache
server: nginx
x-timer: S1689758141.021210,VS0,VE16
content-type: image/gif
access-control-allow-origin: https://www.usagreencardlottery.org
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1407028/ 58 KB
18 KB 464ms
464ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1407028/tfa.js
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8633462dcbaa1b7b6d2b50e69cfc30ce70edb5bada59982a592c0b2c1d2a373b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: g2QYfjEUMSm1O6VGJP5lNvSqLSBJFSkt
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-request-id: F9JD486J38R9JJS5
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: COMPLETED
content-length: 18354
x-amz-id-2: 01YqCak2vYdOw3xlkxUrP/iCNXfGejwp1+/xrTZeeJ/W6j6WU5xhTwq/xoXw93vjCIIIoig0mkE=
x-served-by: cache-cph2320034-CPH
last-modified: Sun, 09 Jul 2023 11:22:30 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689758141.021203,VS0,VE426
etag: "d2653221d7a6c50589a7f97494ace2de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 17
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 42 KB
13 KB 94ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 19 Jul 2023 09:15:40 GMT
last-modified: Mon, 17 Jul 2023 22:20:48 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D1F93AAEBEC847E89AEF35D34D3218B3 Ref B: FRA31EDGE0506 Ref C: 2023-07-19T09:15:41Z
etag: "060e2effcb8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12438

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 27ms
27ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=709741230&utmhn=www.usagreencardlottery.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Payment%20Plan%20Page&utmhid=731024142&utmr=-&utmp=%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&utmht=1689758141083&utmac=UA-225359-3&utmgtm=45He37h0n51SF73&utmcc=__utma%3D43379233.332748159.1689758141.1689758141.1689758141.1%3B%2B__utmz%3D43379233.1689758141.1.1.utmcsr%3Dgcl%7Cutmccn%3Deblast%7Cutmcmd%3Demail%7Cutmctr%3Dgcl%7Cutmcct%3Dindependenceday2023_2%3B&utmjid=1457757388&utmredir=1&utmu=qAAgAABAAAGBAAAAAgAAAABE~

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 09:15:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489378781240507&ev=PageView&dl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3D_removed_%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522eid%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1689758141092&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689758141090.885084816&it=1689758140978&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 09:15:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 124ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489378781240507&ev=ViewContent&dl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3D_removed_%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522eid%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1689758141093&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1689758141090.885084816&it=1689758140978&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 09:15:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 124ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489378781240507&ev=Lead&dl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3D_removed_%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%2522eid%2522%255D%252C%2522restrictedParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1689758141093&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1689758141090.885084816&it=1689758140978&coo=false&exp=a0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 09:15:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.ffc9533062802c2a6a6a.js Show response
script.hotjar.com/ 275 KB
68 KB 129ms
29ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.ffc9533062802c2a6a6a.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1494917.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

e75deac1ab79ff052b72e9e731c0350415ea0255943561b7ea8ab3f09144037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 14:51:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c149c6b8a4d6f497cac6f2d9e9e6be40.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 66274
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68674
last-modified: Tue, 18 Jul 2023 14:51:02 GMT
etag: "0b02527f9816ca198748917b2e3bf217"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: _mLW7EAO-h-hIWF4mn25NCgKo6ZTuC0ZeOLHkUxzFaveShg4mv5MKQ==

GET
H2 204 20263391.js Show response
bat.bing.com/p/action/ 0
117 B 114ms
114ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/20263391.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 19 Jul 2023 09:15:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0B34BA6D6F334FA1BA02303AC4E3A914 Ref B: FRA31EDGE0506 Ref C: 2023-07-19T09:15:41Z
x-cache: CONFIG_NOCACHE

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 76 KB
22 KB 100ms
35ms Script
application/javascript 2606:4700::6811:62ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3305265.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:62ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1080f0c9d52920e7617d719530f69e596c504c1bcaf2713c5cc80e2c3d3e59a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-version-id: 4_IdboEP4N948RCRSjEDNtTAl948cmx8
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD12-P3
age: 376
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13600/bundles/project.js&cfRay=7e91d350983c4dbe-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: fcc1c22b-72c3-493c-9248-ebbdb543dad3
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: fcc1c22b-72c3-493c-9248-ebbdb543dad3
last-modified: Fri, 14 Jul 2023 08:35:11 UTC
server: cloudflare
etag: W/"9b24b0ba9fe438e412b25be0d63068aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-xhv87
cf-ray: 7e91dc7efa4d4daf-FRA
x-amz-cf-id: xsIHUFkqmKLYLkc5tT4HJgBOFERQ4etuhUHC06pJWSMH-_53yQQVfg==
x-hs-target-asset: conversations-embed/static-1.13600/bundles/project.js

GET
H2 200 3305265.js Show response
js.hs-analytics.net/analytics/1689758100000/ 68 KB
22 KB 532ms
484ms Script
text/javascript 2606:4700::6810:8cce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1689758100000/3305265.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3305265.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8cce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db88a9bbf2fd98ae17898ac90db2a9f4fccb5ee5b777ea7da8704f473e984a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: F9J7PWF8ZR8YE5X0
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: badb81e0-c7b0-40e0-a762-f4850819d3ca
x-envoy-upstream-service-time: 19
x-amz-id-2: OmLmJzXLkgG2QtAyHpWSYADVcvdjRzHhWndZ+32mLd4X4Cz7zWEYAf5K4xAwmjiX0NgnOBelxaM=
x-evy-trace-listener: listener_https
x-request-id: badb81e0-c7b0-40e0-a762-f4850819d3ca
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 15 Jun 2023 14:43:11 GMT
server: cloudflare
etag: W/"e3527555ecb99c18fea585cf257d0a6b"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7e91dc7ef87d1c20-FRA
expires: Wed, 19 Jul 2023 09:20:41 GMT

GET
H2 200 3305265.js Show response
js.hs-banner.com/ 60 KB
16 KB 74ms
30ms Script
text/javascript 2606:4700::6812:18c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/3305265.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3305265.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf42b5964e132b3c5f29658700cbc22095c42178979a1ccf00de1031071e778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-version-id: _q0NNHKTPmdQ0n6zxjH3K3HH3UI6Xksv
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: SZFF76TVX47YKMKW
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 7
x-envoy-upstream-service-time: 36
x-amz-id-2: a+8WZ+/LiKqJ4amQ9W1k6D5yHuk5PG3OZVjMD665Szyl9IbodY589hJ/xrlhV35m+6/GbneJfnWNp/wXzPCN+w==
x-evy-trace-listener: listener_https
x-request-id: 340a64cc-df88-4551-be6b-4add148513f6
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 14 Jun 2023 17:44:59 GMT
server: cloudflare
etag: W/"f52188059b202b31e477a91b17b8b2cb"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.fileright.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-v9vn7
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7e91dc7efa869052-FRA
expires: Wed, 19 Jul 2023 09:20:34 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 28 KB
10 KB 166ms
118ms Script
application/javascript 2606:4700::6811:d439
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/3305265.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d439 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4055357bea8b0cdaa81c008c4775cdd954e230dec351e77356b27bb75ea52f4

Request headers

Referer: https://www.usagreencardlottery.org/
Origin: https://www.usagreencardlottery.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-version-id: YloANPBEqYBWdAczGbTby3lGyDX3xj3s
via: 1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
content-encoding: br
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 81d0bd28-0864-4d2d-acf0-30d51ec68687
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.15331/bundles/popupInjector.js&cfRay=7e91dc7eff553a3e-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 81d0bd28-0864-4d2d-acf0-30d51ec68687
last-modified: Thu, 15 Jun 2023 08:34:43 UTC
server: cloudflare
etag: W/"8afc842d4777ba39ec0cb1e776a43975"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-nnm64
cf-ray: 7e91dc7eff553a3e-FRA
x-amz-cf-id: 53hMmb1tRd_flmB_t3g9zqpCXNs0KHjQRzUTKJL0qdlDBipjWGJanA==
x-hs-target-asset: feedback-web-renderer-ui/static-1.15331/bundles/popupInjector.js

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 189ms
144ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=3305265&conversations-embed=static-1.13600&mobile=false&messagesUtk=1afb3e38722e4f7c8a3a3dca5f8af260&traceId=1afb3e38722e4f7c8a3a3dca5f8af260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.usagreencardlottery.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.usagreencardlottery.org
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e91dc7fdd7f373b-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 19 Jul 2023 09:15:41 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgoW3rYILfarJtuF8JIjZI378T1gaWWOBA8UFMnE%2B7wqagORuWtXk76k3Ct3CSCuNx4pihzqHLnX1S7RM1uRPxeit2EK6wOdCVsIj8Fsuq6t0tpb9oG6VlYk3itCeA6FZg9oye4nZHFlBWUOww%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-envoy-upstream-service-time: 2
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-z9vjn
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: a5e65895-86c1-429a-9fd6-aae04f8825c2
x-request-id: a5e65895-86c1-429a-9fd6-aae04f8825c2
x-trace: 2B3C41CEB7AF492113C78DD3E269DB40184D1A0476000000000000000000

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/1494917/ 147 B
322 B 163ms
53ms XHR
application/json 99.81.206.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/1494917/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ffc9533062802c2a6a6a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 99.81.206.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-206-142.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 431bac3345fd859b713c4b895672cb8c95f094ac3fcf8b0917874f0c5c3e9342

Request headers

Referer: https://www.usagreencardlottery.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 478 B
1 KB 143ms
143ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a3c5fba8f221f4b79aa327af8618beddc5cfa9a8f4306086295c80a9da6dff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.usagreencardlottery.org/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 48e1e266-a718-46e7-90bb-574a982e492e
x-envoy-upstream-service-time: 14
alt-svc: h3=":443"; ma=86400
content-length: 335
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 48e1e266-a718-46e7-90bb-574a982e492e
server: cloudflare
x-trace: 2BC498F8D83DBDA6E487C07B42627CF768E06D5387000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.usagreencardlottery.org
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-598c95b5b7-s7zq8
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TM8h7KncUyBnl2pxrV6qwQw3cVoNt7FV3WQvZ43Hd73%2Bl0u3aoa0z57gpFJfAXR76bKtSVLk4LGM3EqIBCpiCFut3eCyGf1cmF5gcMBkHwi7SMkgr4gOJ3i4ngETQ%2FUCNmhvqe%2BBs3XMPewXLg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7e91dc80be92373b-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 update.min.js Show response
www.usagreencardlottery.org/scripts/ 7 KB
4 KB 508ms
508ms Script
application/javascript 2606:4700:20::681a:256
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.usagreencardlottery.org/scripts/update.min.js

Requested by

Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/scripts/browser-warning.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:256 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a13a2cca397b6dce144266d13c0880e886c0e922f7324d3f6f3c12038767c1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Thu, 18 Jun 2020 09:05:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
p3p: CP="IDC CON TEL CUR DEV SAM IND"
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HShADsd4Va4vs772pQ8MH5NnsPAu8E%2BeVRL8dBBs05KL4MItDs4inIYzspj6kJtTcXEaqTQWiDetSDd0XYmEp6ZV%2FsWk%2BsdsP65yFu8NsKtWemhKMH4E5ygdq5JdlU7aUMGb9z%2FFhVwYhQAk4MA5qeP0SecO52ZUkg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
cf-ray: 7e91dc7f9a9e1e56-FRA
x-xss-protection: 1; mode=block

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 101ms
30ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:28 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 7N825CJ40GW5Z81G
age: 14
x-amz-server-side-encryption: AES256
x-amz-id-2: Sl6apxFBdwyIq6YUp8+4Za7FDzsbae4cwFJL4cUXwZb5Si7J49kGDu89fUP+OG3eZTXhbUhXjZ4=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 204 0
bat.bing.com/action/ 0
287 B 46ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=20263391&Ver=2&mid=c561d063-e98c-42d3-a2fd-281b184b0485&sid=d53b0b30261411ee9ee525f7e8f419e9&vid=d53b4ff0261411ee9da1695a28a9c869&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Payment%20Plan%20Page&p=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&r=&lt=2476&evt=pageLoad&sv=1&rn=872127

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jul 2023 09:15:40 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F1E74EDE81545B1B30296C095363B3E Ref B: FRA31EDGE0506 Ref C: 2023-07-19T09:15:41Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
415 B 113ms
39ms XHR
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=24591&v=3.977&support=1&state=default&wl=0&ref=aHR0cHM6Ly93d3cudXNhZ3JlZW5jYXJkbG90dGVyeS5vcmcvZGlzY291bnRQYXltZW50LmRvP2VpZD1zb2ZpZXBvbnNhZXJ0c0BnbWFpbC5jb20mcHJvbW9Db2RlPUlOREVQRU5ERU5DRURBWTIwMjMmbGFuZz1lbiZyPWluZGVwZW5kZW5jZWRheTIwMjNfMiZ1dG1fc291cmNlPWdjbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWdjbCZ1dG1fY29udGVudD1pbmRlcGVuZGVuY2VkYXkyMDIzXzImdXRtX2NhbXBhaWduPWVibGFzdA==
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.usagreencardlottery.org
aimtell-traverse: 0
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
access-control-allow-credentials: true
aimtell-iso: DE
aimtell-signal: 0
cf-ray: 7e91dc801f969c07-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

GET
H2 200 24591-304be13a1dc6.json Show response
cdn.aimtell.io/config/optin/ 253 B
705 B 498ms
441ms XHR
application/json 2606:4700:10::6816:47e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/optin/24591-304be13a1dc6.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e106d444073e7107e6fad5ccff0c39976fa8298c6c160922535b739bf2ea1904

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P3
x-cache: RefreshHit from cloudfront
content-length: 229
last-modified: Fri, 01 Oct 2021 04:44:40 GMT
server: cloudflare
etag: "eaaec8b0f9c0f29ebb73323ec713dda4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 7e91dc800e1d4d31-FRA
x-amz-cf-id: LeP42adFNKEyzXO1G8Qgo1wW5CLiQ7yDe1C1lRI-O6IvthNZXXq9aQ==

POST
H2 200 pageview Show response
signals.aimtell.com/ 43 B
102 B 112ms
40ms XHR
image/gif 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://signals.aimtell.com/pageview?id_site=24591&v=3.977&support=1&state=default&wl=0&ref=aHR0cHM6Ly93d3cudXNhZ3JlZW5jYXJkbG90dGVyeS5vcmcvZGlzY291bnRQYXltZW50LmRvP2VpZD1zb2ZpZXBvbnNhZXJ0c0BnbWFpbC5jb20mcHJvbW9Db2RlPUlOREVQRU5ERU5DRURBWTIwMjMmbGFuZz1lbiZyPWluZGVwZW5kZW5jZWRheTIwMjNfMiZ1dG1fc291cmNlPWdjbCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV90ZXJtPWdjbCZ1dG1fY29udGVudD1pbmRlcGVuZGVuY2VkYXkyMDIzXzImdXRtX2NhbXBhaWduPWVibGFzdA==
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
aimtell-hash-exists: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.usagreencardlottery.org
aimtell-traverse: 0
access-control-expose-headers: Aimtell-Hash-Exists, Aimtell-Traverse, Aimtell-Signal, Aimtell-Iso
access-control-allow-credentials: true
aimtell-iso: DE
aimtell-signal: 0
cf-ray: 7e91dc802f999c07-FRA
access-control-allow-headers: Content-Type, *
content-length: 43

POST
H2 200 error Show response
log.aimtell.com/ 0
178 B 318ms
252ms XHR
text/html 2606:4700::6812:1f97
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://log.aimtell.com/error?type=trackpush&website_id=24591&body=Script%20loaded%20twice&log_level=2
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 7e91dc801e5e9137-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
trc.taboola.com/$%7BpublisherName%7D/trc/3/ 31 B
353 B 66ms
65ms Script
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/$%7BpublisherName%7D/trc/3/json?tim=1689758141476&data=%7B%22id%22%3A541%2C%22ii%22%3Anull%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1689758140849%2C%22cv%22%3A%2220230718-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TRC.trkCallback%22%2C%22qs%22%3A%22%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3D%24%7BpublisherName%7D%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%7D&pubit=n
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-vcl-time-ms: 29
date: Wed, 19 Jul 2023 09:15:41 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 15588
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-cph2320034-CPH
server: nginx
x-timer: S1689758141.495301,VS0,VE29
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 vv.20230718-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 11 KB
4 KB 42ms
41ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/vv.20230718-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a92bb5444c796b120c251dd280687e2c0fa246a3bb3699f5a7f30561f1e082f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

x-amz-version-id: S2yP9Z6Ur1JYdNe4ioTq9bwBb1QF_EZn
content-encoding: gzip
via: 1.1 varnish
date: Wed, 19 Jul 2023 09:15:41 GMT
x-amz-request-id: 4YH2K5PCBX62F5EY
age: 2680
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 4125
x-amz-id-2: g/ga50nG1ZS5EJLffj1/GUchp16ne10jnxxBPi5sPtsXU7ttBuTcdlY20kAZjptpV+ET2WSAzq4=
x-served-by: cache-cph2320034-CPH
last-modified: Wed, 19 Jul 2023 08:29:46 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1689758141.495291,VS0,VE6
etag: "e3e566a8836ecee8e4885e44bb832198"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 401720.json Show response
s.yimg.com/wi/config/ 2 B
458 B 89ms
36ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/401720.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:34:11 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: J4E3FMY8Y3RHAT7A
age: 2490
content-length: 2
x-amz-id-2: pyxzbt5leZsOnmUTEjFM8a6g5vxs6q36vGOyMfSn2mFEP/y8SWv7Mc6thbijWeWAjNw8u732b4Wuga30MWgzDQ==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 / Show response
content.hotjar.io/ 56 B
161 B 162ms
47ms XHR
application/json 54.73.32.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ffc9533062802c2a6a6a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.73.32.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-32-2.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e74731e483b4d1a17a527c4e563737d1f33ca90164a3e7c30919fe412eaec214

Request headers

Referer: https://www.usagreencardlottery.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 09:15:41 GMT
content-length: 56
vary: Origin
content-type: application/json

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 176ms
56ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2019%20Jul%202023%2009%3A15%3A41%20GMT&n=0&b=Payment%20Plan%20Page&.yp=401720&f=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Jul 2023 09:15:56 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Wed, 19 Jul 2023 09:15:56 GMT

GET
H/1.1 200
OK event.jpeg
www.pages02.net/WTS/ 0
475 B 753ms
126ms Image
image/jpeg 23.21.150.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pages02.net/WTS/event.jpeg?accesskey=8c3dd96-1410f4ca04b-3f3d5eceea4051b7c82d96ba93c1b04e&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=a27151ba-ae67-3a88-bd2e-9be0d6dd8e0d&webSyncID=22d39a81-a68d-7bc5-2cbd-71cdd2479521&url=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&newSiteVisit=1&hostname=www.usagreencardlottery.org&pathname=%2FdiscountPayment.do&newPageVisit=1&eventKey=b112a2dd-a528-5826-72ca-77009d796960

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.21.150.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-21-150-130.compute-1.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 19 Jul 2023 09:15:42 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Server: Apache
p3p: CP="CAO PSA OUR"
Content-Type: image/jpeg
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=270596935&utmhn=www.usagreencardlottery.org&utmt=event&utme=14(2980*90*40*520*0*550*2430*2430)(2987*91*45*526*1*559*2433*2433)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Payment%20Plan%20Page&utmhid=731024142&utmr=-&utmp=%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&utmht=1689758141883&utmac=UA-225359-3&utmgtm=45He37h0n51SF73&utmcc=__utma%3D43379233.332748159.1689758141.1689758141.1689758141.1%3B%2B__utmz%3D43379233.1689758141.1.1.utmcsr%3Dgcl%7Cutmccn%3Deblast%7Cutmcmd%3Demail%7Cutmctr%3Dgcl%7Cutmcct%3Dindependenceday2023_2%3B&utmjid=&utmu=qAAgAABAAAGBAAAAAgAAAABE~

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 19:14:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 50468
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame A07A 1 KB
2 KB 146ms
99ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a7fe344832e0621266567ae880b4890fda1df9d9d39bf287e4ba6334acb8d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.usagreencardlottery.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 21823
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7e91dc84885a1c6d-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=feedback-web-renderer-ui/static-1.15331/html/fetcher.html&cfRay=7e91dc84885a1c6d&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fwww.usagreencardlottery.org%2F&cfenv=prod&pdt=2023-07-19&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 19 Jul 2023 09:15:42 GMT
expires: Thu, 20 Jul 2023 09:15:42 GMT
last-modified: Thu, 15 Jun 2023 00:58:37 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=7e91dc84885a1c6d&resource=feedback-web-renderer-ui/static-1.15331/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-id: vQI_FXondy2P6J9m5YLeTrrpPq3t3euisFfJpysEHomthpX4cZ5TJQ==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: 0yoOZRNfaJ67j7fMwhKK2mTdY4Zg1lvD
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.15331/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 353ms
146ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=576950667&v=1.1&a=3305265&pu=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&t=Payment+Plan+Page&cts=1689758141890&vi=a3c626ac1012b6f432fec0c661ffa2c5&nc=true&u=92670018.a3c626ac1012b6f432fec0c661ffa2c5.1689758141887.1689758141887.1689758141887.1&b=92670018.1.1689758141887&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e7e71c04-81bd-46a7-9bda-9fb45c8d55d3
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e7e71c04-81bd-46a7-9bda-9fb45c8d55d3
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3D1Vgd31w%2B1FPuaAaiIhCTz5J1hA0OpqPKO2n%2B3lyHOz3ieA18o2YuaSAVSUJsRTTRQH4tbCJno%2FDUmMDIIXQjPtzvTO%2BmkjVaPFK8%2Bu4XvbO2nvj%2BDQeYrHk52DS9fSzzq3y985THh8NQ36zh3T"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-5f6448c676-zkwrk
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7e91dc843cfa9a33-FRA
x-robots-tag: none

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 74 KB
23 KB 218ms
45ms Script
text/javascript 2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.usagreencardlottery.org
URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7a8cd13326fa26fff053f71a7df3cff722cd46e25b2f49dba73c4e9613a8b0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: Zv2Ne0gXpBf.OCfm3y_wAIjtjwsg1fOA
Content-Encoding: gzip
Via: 1.1 4b0861a8035fd11b1a90183c566020e2.cloudfront.net (CloudFront)
Date: Wed, 19 Jul 2023 08:57:17 GMT
Age: 1107
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 11 Jul 2023 19:14:37 GMT
Server: AmazonS3
Etag: W/"ac1cc02222a6876bfc3144eea60296f7"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: QSqSTI7uTxTxDADoUKC4KoqPbvt_u3riJtX1fC8w-lROhVLKrtkTbA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/HNXP7JJTGZHRNGADQ3VHBG/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

92ms
45ms

Script
application/javascript

2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: KLTaAvzmAP.1_rS.URSLlTS3u46mZQHP
Date: Tue, 18 Jul 2023 18:07:24 GMT
Via: 1.1 4b0861a8035fd11b1a90183c566020e2.cloudfront.net (CloudFront)
Age: 54509
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Tue, 21 Mar 2023 16:39:30 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ZNNx3x53dzsjZ3bnRE9HSMV7RzkDJ7w8Q92lmROid40ZniJ4u6jXZg==

Redirect headers

Date: Tue, 18 Jul 2023 19:48:15 GMT
Via: 1.1 4b0861a8035fd11b1a90183c566020e2.cloudfront.net (CloudFront)
Age: 48446
X-Amz-Cf-Pop: DUB56-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 0L5a3qeSTueWqqyjnQeWCcUx_vyqQbPQPI7hOftSPUhPIpWB01G6Yg==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/HNXP7JJTGZHRNGADQ3VHBG/JI4QIUYOX5ABTGCUN3XXIU/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

64ms
54ms

Script
application/javascript

2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Tue, 18 Jul 2023 18:07:13 GMT
Via: 1.1 4ef5b810a61123a6a28e9f07ba613430.cloudfront.net (CloudFront)
Age: 54510
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: wqUjnHMWb7SHk04yqo22t3TM5w7TdaWZPHk1PijIduF3gbILo9z2yA==

Redirect headers

Date: Tue, 18 Jul 2023 19:48:16 GMT
Via: 1.1 4b0861a8035fd11b1a90183c566020e2.cloudfront.net (CloudFront)
Age: 48445
X-Amz-Cf-Pop: DUB56-P1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Y9j6OUFKVh2vkzAbjGMh8BlFKOO02NGYDX6vNcfupyNdqevqucmmgw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/HNXP7JJTGZHRNGADQ3VHBG/JI4QIUYOX5ABTGCUN3XXIU/ 7 KB
3 KB 631ms
544ms Script
text/javascript 2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/HNXP7JJTGZHRNGADQ3VHBG/JI4QIUYOX5ABTGCUN3XXIU/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6d34be10469886f509470f657fb0022c00c69093bcc300e6f9e96e1d7555b73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: JOOz2EVZ1LeRskae0AyliNWV30FcQv5e
Content-Encoding: gzip
Via: 1.1 87c2f129ca002f6811a7e1d2fe8c6810.cloudfront.net (CloudFront)
Date: Wed, 19 Jul 2023 09:15:43 GMT
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 18 Jul 2023 11:39:06 GMT
Server: AmazonS3
Etag: W/"1d06c79280d0a0d3da0d67183ababbce"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Qe0gtINu5h6GV4bDpOVnn4xNwl7Hga_WKDw3YGeCvjnRjqIv8NVFcA==

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.15331/bundles/ Frame A07A 16 KB
7 KB 163ms
27ms Script
application/javascript 2606:4700::6812:8d65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.15331/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:8d65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7068bdded409fe561da2fbd34560eaf8c4ec44a45bc46ef801064a66e3ab4bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:42 GMT
x-amz-version-id: LvnRnF6rzXbyiEC7uHUgr87FdaigFIvE
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 520823
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 15 Jun 2023 00:58:37 GMT
server: cloudflare
etag: W/"f530dab8f352481ec85c6b2d4221ec07"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s70J55FOTLc3oidvmhOvUnzhlZprMITBs9zG0xI792huRYoEmz7IXEyxxt3%2BEC%2FwA7PcHuNWTzuY%2FwAF8S0Lw2YX2SWFAjcSpV9yKiHcnxMt9VJNObYjhaTheS5P3N7VyhND75Ed88WaZVxWfZie0rpXVD4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 7e91dc86089a2c51-FRA
x-amz-cf-id: Idv3zLfjRpC51dd5GZ2XmrktFGnxEc_lCNITM5zrN3rxbB0CyI0f7g==
expires: Thu, 18 Jul 2024 09:15:42 GMT

GET
H2 200 HNXP7JJTGZHRNGADQ3VHBG Show response
d.adroll.com/consent/check/ 456 B
549 B 169ms
43ms Script
application/javascript 2a05:d018:cc3:fe04:4a4b:2e45:20d5:1f4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/HNXP7JJTGZHRNGADQ3VHBG?pv=69943435253.55536&arrfrr=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&_s=29def84913d9233a331c7d663ef6d60d&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:4a4b:2e45:20d5:1f4 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 0d187ba7373413ff7efef4490aaf22a615ef118ccfdbb0067193a2558babcde7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:42 GMT
server: nginx/1.22.1
content-length: 456
content-type: application/javascript

GET
H2 204 unip Show response
trc-events.taboola.com/1407028/log/3/ 0
256 B 97ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1407028/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1689758140852&ver=36&isls=true&src=i&invt=1500&msa=382&tim=1689758142405&mrir=u&vi=1689758140849&ref=null&cv=20230718-6-RELEASE&item-url=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/vv.20230718-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.usagreencardlottery.org
pragma: no-cache
date: Wed, 19 Jul 2023 09:15:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame A07A 36 B
522 B 242ms
240ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=3305265&utk=a3c626ac1012b6f432fec0c661ffa2c5&bundleVersion=1.15331&currentUrl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&pageUrl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.15331/bundles/fetcher.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
X-HS-Referer: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast

Response headers

x-origin-hublet: na1
date: Wed, 19 Jul 2023 09:15:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8bdf34ac-eb6f-4a21-96ae-38f6d41a4ebd
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
content-length: 36
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8bdf34ac-eb6f-4a21-96ae-38f6d41a4ebd
server: cloudflare
x-trace: 2B36104357C1431FA8D263F025111B0FAAE3A503A9000000000000000000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xj2Xb8j4wHIZSZskZ%2FH9ERBYzl%2FH%2FQg60bOVnmeuLOXDm6vPf8%2BkYC6zsfD2AW7t2WzDzyn8nSW385ZDSSgECBWZTZD9Q54VPfsT6LIdr8OdQFCBFT8pqxJDH8rerVl1fYldx3YToQqwcWrehrZuMg4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-64bd8c87f9-5l649
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
cf-ray: 7e91dc877f521e53-FRA

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 187ms
144ms Preflight
text/plain 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7e91dc868df91e53-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 19 Jul 2023 09:15:42 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asn3jiv5yzKzW%2FwuT1f4FAWCk8ZBp%2Fe3m%2BcuBaDA8a7nM9873UYSATKXvxUyf3%2Bo2XckCNr2a1trD0C4fSnk7igHT0UOG8vyMjXQ8Ye7XvBSKQvS%2BOuyM9ZYkbUw5U3ucq%2FdNdK1VAmabI7nMVdxJ6M%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/star-hubapi-td/envoy-proxy-64bd8c87f9-h228v
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 329883e2-fc62-4118-9c98-6b9e52958a9a
x-request-id: 329883e2-fc62-4118-9c98-6b9e52958a9a
x-trace: 2B9E2B4FBBEED4D5248CB9B120987F48D3EAE6CD74000000000000000000

GET
H/1.1 200
OK consent_tcfv2.js Show response
s.adroll.com/j/ 418 KB
56 KB 55ms
55ms Script
text/javascript 2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/consent_tcfv2.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: wD7IUQmRA9PUuld8lU58FBeuMlOqC6p6
Content-Encoding: gzip
Via: 1.1 4ef5b810a61123a6a28e9f07ba613430.cloudfront.net (CloudFront)
Date: Wed, 19 Jul 2023 09:11:51 GMT
Age: 231
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 05 Jul 2023 21:39:27 GMT
Server: AmazonS3
Etag: W/"3306a47faf7223d93fb356e8a73d1942"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 9d5wHjpuK2LAaEe_Fd9v5dCiftqMvFr1elagAA5wFCe0KQ5uZKz9JQ==

GET
H/1.1 200
OK nextroll-32x32.png
s.adroll.com/i/favicon/ 2 KB
2 KB 52ms
52ms Image
image/png 2600:9000:2245:da00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.adroll.com/i/favicon/nextroll-32x32.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2245:da00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

X-Amz-Version-Id: eTpwxbAIDHDUN.4tfrROIgU_pzKN9Xh0
Date: Tue, 18 Jul 2023 16:21:16 GMT
Via: 1.1 4ef5b810a61123a6a28e9f07ba613430.cloudfront.net (CloudFront)
Age: 60867
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 1615
Last-Modified: Mon, 28 Jun 2021 18:19:21 GMT
Server: AmazonS3
Etag: "403a0a7dcf2d617e7ea852bfb9d11945"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OgB9A73w9lAnixVlFTQhHl5cA4KgZJHjAXyFC6FsF5JeVc_ZXRuk8w==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 20ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=489378781240507&ev=Microdata&dl=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&rl=&if=false&ts=1689758142594&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Payment%20Plan%20Page%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=3&o=30&fbp=fb.1.1689758141090.885084816&it=1689758140978&coo=false&es=automatic&tm=3&exp=a0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 19 Jul 2023 09:15:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 24591-304be13a1dc6.json Show response
cdn.aimtell.io/config/ 95 B
291 B 429ms
423ms XHR
application/json 2606:4700:10::6816:47e7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aimtell.io/config/24591-304be13a1dc6.json
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/cdn.aimtell.com/trackpush/trackpush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:47e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 09:15:43 GMT
content-encoding: gzip
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA56-P3
x-cache: RefreshHit from cloudfront
content-length: 104
last-modified: Fri, 01 Oct 2021 04:44:39 GMT
server: cloudflare
etag: "2e9a47727caf9c4def7ceb9e72845ea1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
cache-control: max-age=86400
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
cf-ray: 7e91dc8858294d31-FRA
x-amz-cf-id: xeyOrDu7pWIC-fVPpF89Xii8wkFtvUsaHPWJbOP735UWBZFzg-pbpA==

POST
H2 204 /
metrics.hotjar.io/ 0
70 B 181ms
50ms Ping
text/plain 52.30.62.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://metrics.hotjar.io/?v=4
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1494917.js?sv=6
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.30.62.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-62-59.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.usagreencardlottery.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 19 Jul 2023 09:15:44 GMT
vary: Origin

GET
H2 204 unip Show response
trc-events.taboola.com/1407028/log/3/ 0
255 B 30ms
30ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1407028/log/3/unip?en=pre_d_eng_tb&tos=4553&scd=0&ssd=1&est=1689758140852&ver=36&isls=true&src=i&invt=3000&msa=382&tim=1689758145406&mrir=u&vi=1689758140849&ref=null&cv=20230718-6-RELEASE&item-url=https%3A%2F%2Fwww.usagreencardlottery.org%2FdiscountPayment.do%3Feid%3Dsofieponsaerts%40gmail.com%26promoCode%3DINDEPENDENCEDAY2023%26lang%3Den%26r%3Dindependenceday2023_2%26utm_source%3Dgcl%26utm_medium%3Demail%26utm_term%3Dgcl%26utm_content%3Dindependenceday2023_2%26utm_campaign%3Deblast&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/vv.20230718-6-RELEASE.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.usagreencardlottery.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.98 Safari/537.36

Response headers

access-control-allow-origin: https://www.usagreencardlottery.org
pragma: no-cache
date: Wed, 19 Jul 2023 09:15:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mailing.usagreencardlottery.org/	1970-01-20 22:09:07	Name: tms Value: a%3A1%3A%7Bi%3A0%3Ba%3A6%3A%7Bi%3A0%3Bs%3A2%3A%22nS%22%3Bi%3A1%3Bs%3A2%3A%22Ng%22%3Bi%3A2%3Bs%3A4%3A%22wENB%22%3Bi%3A3%3Bs%3A4%3A%22a62e%22%3Bi%3A4%3Bs%3A3%3A%22HVv%22%3Bi%3A5%3Bs%3A1%3A%22c%22%3B%7D%7D
.mailing.usagreencardlottery.org/	1970-01-20 22:09:07	Name: tmc Value: a%3A1%3A%7Bi%3A0%3Ba%3A4%3A%7Bi%3A0%3Bs%3A2%3A%22nS%22%3Bi%3A1%3Bs%3A4%3A%22wENB%22%3Bi%3A2%3Bs%3A3%3A%22HVv%22%3Bi%3A3%3Bs%3A4%3A%22a62e%22%3B%7D%7D
.mailing.usagreencardlottery.org/	1970-01-20 22:09:07	Name: xsid Value: a62e_wENB
www.usagreencardlottery.org/	1969-12-31 23:59:59	Name: JSESSIONID Value: abcgOZv9IXUsd6KxWBTLy
.usagreencardlottery.org/	1970-01-20 22:08:14	Name: ref_id Value: independenceday2023_2
.usagreencardlottery.org/	1970-01-20 22:58:38	Name: optimizelyEndUserId Value: oeu1689758140446r0.4309635336390609
.usagreencardlottery.org/	1970-01-20 22:58:38	Name: optimizelySegments Value: %7B%221030471760%22%3A%22campaign%22%2C%221036385788%22%3A%22false%22%2C%221064672041%22%3A%22gc%22%7D
.usagreencardlottery.org/	1970-01-20 22:58:38	Name: optimizelyBuckets Value: %7B%7D
.usagreencardlottery.org/	1970-01-20 13:22:38	Name: optimizelyPendingLogEvents Value: %5B%5D
.usagreencardlottery.org/	1970-01-20 22:58:38	Name: __utma Value: 43379233.332748159.1689758141.1689758141.1689758141.1
.usagreencardlottery.org/	1969-12-31 23:59:59	Name: __utmc Value: 43379233
.usagreencardlottery.org/	1970-01-20 17:45:26	Name: __utmz Value: 43379233.1689758141.1.1.utmcsr=gcl\|utmccn=eblast\|utmcmd=email\|utmctr=gcl\|utmcct=independenceday2023_2
.usagreencardlottery.org/	1970-01-20 13:22:38	Name: __utmt_UA-225359-3 Value: 1
.usagreencardlottery.org/	1970-01-20 15:32:14	Name: _fbp Value: fb.1.1689758141090.885084816
.usagreencardlottery.org/	1970-01-20 22:08:14	Name: _hjSessionUser_1494917 Value: eyJpZCI6ImE4NGM3ODg4LWYzNmUtNWUzZS04Y2I3LTYwNjI0NzIxNmM3YSIsImNyZWF0ZWQiOjE2ODk3NTgxNDEyODQsImV4aXN0aW5nIjpmYWxzZX0=
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: _hjFirstSeen Value: 1
.usagreencardlottery.org/	1970-01-20 13:22:38	Name: _hjIncludedInSessionSample_1494917 Value: 1
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: _hjSession_1494917 Value: eyJpZCI6ImM0ZGVjMDI0LTk4MWQtNDVhNS04MDI2LTg2ZGE4MzBlNjZiOCIsImNyZWF0ZWQiOjE2ODk3NTgxNDEzMjMsImluU2FtcGxlIjp0cnVlfQ==
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: _hjAbsoluteSessionInProgress Value: 0
.usagreencardlottery.org/	1970-01-20 13:24:04	Name: _uetsid Value: d53b0b30261411ee9ee525f7e8f419e9
.usagreencardlottery.org/	1970-01-20 22:44:14	Name: _uetvid Value: d53b4ff0261411ee9da1695a28a9c869
.bing.com/	1970-01-20 22:44:14	Name: MUID Value: 243B5E28F9F06940314A4D7BF87B68B0
.yahoo.com/	1970-01-20 22:08:35	Name: A3 Value: d=AQABBMypt2QCEJik2p6gOsoQ9kBq1ukiO4gFEgEBAQH7uGTBZOAXyiMA_eMAAA&S=AQAAAsthdRooK4GIEDO79JDyAII
.usagreencardlottery.org/	1970-01-20 22:58:38	Name: com.silverpop.iMAWebCookie Value: 22d39a81-a68d-7bc5-2cbd-71cdd2479521
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: com.silverpop.iMA.session Value: a27151ba-ae67-3a88-bd2e-9be0d6dd8e0d
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: com.silverpop.iMA.page_visit Value: 1128753155:
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: __utmb Value: 43379233.2.9.1689758141
.usagreencardlottery.org/	1970-01-20 17:41:50	Name: __hstc Value: 92670018.a3c626ac1012b6f432fec0c661ffa2c5.1689758141887.1689758141887.1689758141887.1
.usagreencardlottery.org/	1970-01-20 17:41:50	Name: hubspotutk Value: a3c626ac1012b6f432fec0c661ffa2c5
.usagreencardlottery.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.usagreencardlottery.org/	1970-01-20 13:22:39	Name: __hssc Value: 92670018.1.1689758141887
.hubspot.com/	1970-01-20 13:22:39	Name: __cf_bm Value: 7cVQ6sxmLsFBRGvBFXXctOaIkfWYdOUAKmPvtouzrhw-1689758142-0-AYvrLPEjYuYFFp8VNRKhVVIaBrqiDl6JMa2AtJ0a+wdNGMBFgf73/ZX15gPztTVjcpGedqOWJtBwr6LVbt/xabg=
www.pages02.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 1687150602.4525.0000
www.usagreencardlottery.org/	1970-01-20 15:46:38	Name: _aimtellSubscriberID Value: 37b26121-8114-ca9f-b0e6-f7c98453b4c3

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
other	error	URL: https://www.usagreencardlottery.org/discountPayment.do?eid=sofieponsaerts@gmail.com&promoCode=INDEPENDENCEDAY2023&lang=en&r=independenceday2023_2&utm_source=gcl&utm_medium=email&utm_term=gcl&utm_content=independenceday2023_2&utm_campaign=eblast Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://cdn.taboola.com/libtrc/internationalformsservices-sc1/tfa.js(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.hubspot.com
app.hubspot.com
bat.bing.com
cdn.aimtell.io
cdn.optimizely.com
cdn.taboola.com
connect.facebook.net
content.hotjar.io
d.adroll.com
feedback.hubapi.com
fonts.googleapis.com
fonts.gstatic.com
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hubspotfeedback.com
js.usagreencardlottery.org
js.usemessages.com
log.aimtell.com
mailing.usagreencardlottery.org
metrics.hotjar.io
s.adroll.com
s.yimg.com
s3.amazonaws.com
script.hotjar.com
signals.aimtell.com
sp.analytics.yahoo.com
ssl.google-analytics.com
static.hotjar.com
static.hsappstatic.net
static.usagreencardlottery.org
track.hubspot.com
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.googletagmanager.com
www.pages02.net
www.sc.pages02.net
www.usagreencardlottery.org
104.160.76.24
13.227.219.3
141.226.228.48
143.204.215.23
151.101.129.44
212.82.100.181
23.21.150.130
2600:9000:2245:da00:6:9280:1080:93a1
2606:4700:10::6816:47e7
2606:4700:20::681a:256
2606:4700:20::681a:356
2606:4700::6810:8cce
2606:4700::6811:62ac
2606:4700::6811:c8cc
2606:4700::6811:d439
2606:4700::6812:18c4
2606:4700::6812:1f97
2606:4700::6812:873b
2606:4700::6812:8d65
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:810::2008
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a02:26f0:3500:883::13b8
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a05:d018:cc3:fe04:4a4b:2e45:20d5:1f4
52.222.139.19
52.30.62.59
54.231.233.168
54.73.32.2
99.81.206.142
0261d9f01bcda7551a84a928d69c193f59d75201a29f1f4c111c9309f00fa746
0d187ba7373413ff7efef4490aaf22a615ef118ccfdbb0067193a2558babcde7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1080f0c9d52920e7617d719530f69e596c504c1bcaf2713c5cc80e2c3d3e59a4
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
192311dd20bdb740b66a4ebf9a7808137ffef09c2ced3839ffbd5227103bc60d
1bcfda57b793e3508b47068b5bc0ff0fcbaaca7467ba9faccd15ed4e4206580a
1bf73c5a16d78b3c7823f16e4ea56e06c98058276084e28a9a076e2a434bbad5
1db88a9bbf2fd98ae17898ac90db2a9f4fccb5ee5b777ea7da8704f473e984a7
1ea42199d7498c8e84ae91dbe1cf9f220e0323c44d987632211c481d06dff6c4
25aa6f00819122a06df1e07e3443bff6cbfe6bb62f10c4d902f9b8050693a050
29754a94df48172e347431a5684a90836da13699f836afd1abcad7c46523eb23
2a3c5fba8f221f4b79aa327af8618beddc5cfa9a8f4306086295c80a9da6dff4
2c19a2f5ba12c70db4e84835dc9cb6a68ea8ff5636d498f3d31dc6f4a42059c1
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e3d85326ada0372a6806ad34ba926f3c8815e3dbcfe92a385ef91ad60c9889f
36b5ae768ff0c2844a3a88c814172de90d750995708743695c0806456fff0e9a
39bd848448ddf14c0601670bced03afca2cd2ca1954f62b691a4684d72a9cfd7
431bac3345fd859b713c4b895672cb8c95f094ac3fcf8b0917874f0c5c3e9342
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47e5ff66931402cb5755d7eed98a6d23ee556a7f8e9c1dd340d351c27f669a0f
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4b6275c7977f0cd7698d38c7726149bbb2a9902d33e7dd48a192a889c19f5ab6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
62ed4d49c5a79b0aff17f47c74efc7958d70987d9350e746c0342755587dd3df
64851141fbd8e18d856aa751a19a014f1a7a389a6cfad2937ce04ca9a91e3fab
6df7edf153ad41daf645b0f746ce0fbc2cd5fc30190ef113c0aa7eee1a8896f6
6fbf5b7b0e7725a603d72efb33a410f648b846bb54d29a861e93b21617076016
7068bdded409fe561da2fbd34560eaf8c4ec44a45bc46ef801064a66e3ab4bb4
70b808aba191c7cf5ef9866d99634d80216c6cdbdf8cfdf5af162e2993340052
773a8a7f53e48a98b91330133ad85d47a7c7e5e3f90aa1673be6206e2a5b37e1
7c4b447c93643b7ddd897dd3ba406d2f7508c76c3e3d3428444c7cc7eb5893ab
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
861f96c7bb341976189b06cccaa9932045635e2b936a93db46e7bbeb6f3bae8a
8633462dcbaa1b7b6d2b50e69cfc30ce70edb5bada59982a592c0b2c1d2a373b
968e7632b7fc4fcf5183bf7d1c8f8ea9cd65c0b6c529b7d5c51dc7bd4d2770f4
9914bac6d04063702f3fcd4ac32246fd8ebd3b2550101d9e4c29cba3084cccaf
a13a2cca397b6dce144266d13c0880e886c0e922f7324d3f6f3c12038767c1b8
a92bb5444c796b120c251dd280687e2c0fa246a3bb3699f5a7f30561f1e082f5
a96963f668f8291dec01d4ae6f91ab8ed436a20aee70b84faa0098da142663cd
a9a7fe344832e0621266567ae880b4890fda1df9d9d39bf287e4ba6334acb8d4
bcaf0e3f087296133e0a996ee3d289a8d1a690147c93e0ab62019b505e6f9355
c9881931311b77f935225d7eeb7ebd0395480a7737a56d427778c98534ade38a
d6d34be10469886f509470f657fb0022c00c69093bcc300e6f9e96e1d7555b73
d77a86413ee983a15fc7e9be057f00c98e771171f63fb52c5506752032a58a15
d7a8cd13326fa26fff053f71a7df3cff722cd46e25b2f49dba73c4e9613a8b0b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcc4709f41f2aaa22840d78f2ffdf183b4447eece3198182fb0b0687c85ee26b
e0447961a33816f0c4e3857863982dbc864a67748c596b78678a7622a8f69282
e106d444073e7107e6fad5ccff0c39976fa8298c6c160922535b739bf2ea1904
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4055357bea8b0cdaa81c008c4775cdd954e230dec351e77356b27bb75ea52f4
e74731e483b4d1a17a527c4e563737d1f33ca90164a3e7c30919fe412eaec214
e75deac1ab79ff052b72e9e731c0350415ea0255943561b7ea8ab3f09144037e
ef3b2092c6bd1a3a6855b7a3a0d67951f0b7cd1678bbcfe563226bfe8a2b9126
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f62ffcd45e622119c10c33987a015d6e30b2d45d80274ca584957b702d9bdc01
f763485b99e209a68b3242ffd83cdf30805fec91a112c8928c4f2e08daa962e2
fa63088d0a3fd7876673359015deab149f634c2f6f087a0085e516b8303605a1
fbf42b5964e132b3c5f29658700cbc22095c42178979a1ccf00de1031071e778

www.usagreencardlottery.org Open in urlscan Pro 2606:4700:20::681a:256 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

98 %HTTPS

68 %IPv6

27 Domains

41 Subdomains

36 IPs

5 Countries

842 kBTransfer

2590 kBSize

34 Cookies

1 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.usagreencardlottery.org Open in urlscan Pro
2606:4700:20::681a:256 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

98 %
HTTPS

68 %
IPv6

27
Domains

41
Subdomains

36
IPs

5
Countries

842 kB
Transfer

2590 kB
Size

34
Cookies

82 HTTP transactions
0 data transactions